Yubikey only required during installation on new device?

Options
russellfincher
russellfincher
Community Member
in Windows

I'm trying out 1Password. I'm unclear about how using my Yubikey as my 2FA is keeping my account safe with 1Password. With my current password vault, I have to use my Yubikey every time my computer or browser or phone is restarted, but 1Password hasn't asked for my Yubikey once since installation. Simple keylogging could give someone access to my 1Password vaults if they get access to my computer. Please help me understand the methodology here.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • russellfincher
    russellfincher
    Community Member
    edited March 2023
    Options

    I guess maybe let me be clearer. We'll start here: how can I configure the 1Password desktop app so that is asks for 2FA every time it asks for my password?

  • ag_mike_d
    ag_mike_d
    Options

    Hello @russellfincher,

    Thanks for your questions. about security keys and setting 1Password to always require 2fa. This is not currently possible, and I've included a related thread here about this subject.

    We've passed this type of feedback along to the team regarding customer requests for 2fa challenges each time a sign in attempt is made for 1Password. I've done the same on your behalf.

    Please let us know if you have any other concerns or feedback you'd like us to share with the Product team.

    ref: 31743181

  • russellfincher
    russellfincher
    Community Member
    Options

    Thanks Mike, I checked out the other thread. Unfortunately, I don't feel like 1Password is using 2FA to its full advantage and my data is less safe here than on password vaults that do use it correctly. I'll keep checking back to see if security here gets stronger.

  • ag_mike_d
    ag_mike_d
    Options

    You're most welcome, @russellfincher! I've passed your additional feedback over to the team. Thanks!

  • seattlerust
    seattlerust
    Community Member
    Options

    Here is a link that I discovered recently from a thread three plus years ago that sheds some light on this subject and
    made me, at least, feel much more comfortable.

    https://discussions.agilebits.com/discussion/comment/538116/#Comment_538116

  • 1P_Gem
    1P_Gem
    Options

    Hi @seattlerust, thanks so much for taking the time to share a link to this forum post by one of our team members! I'm so pleased to hear that it made you feel more comfortable with the role of MFA in 1Password 😄

This discussion has been closed.