Yubikey only required during installation on new device?
I'm trying out 1Password. I'm unclear about how using my Yubikey as my 2FA is keeping my account safe with 1Password. With my current password vault, I have to use my Yubikey every time my computer or browser or phone is restarted, but 1Password hasn't asked for my Yubikey once since installation. Simple keylogging could give someone access to my 1Password vaults if they get access to my computer. Please help me understand the methodology here.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Comments
-
I guess maybe let me be clearer. We'll start here: how can I configure the 1Password desktop app so that is asks for 2FA every time it asks for my password?
0 -
Hello @russellfincher,
Thanks for your questions. about security keys and setting 1Password to always require 2fa. This is not currently possible, and I've included a related thread here about this subject.
We've passed this type of feedback along to the team regarding customer requests for 2fa challenges each time a sign in attempt is made for 1Password. I've done the same on your behalf.
Please let us know if you have any other concerns or feedback you'd like us to share with the Product team.
ref: 31743181
0 -
Thanks Mike, I checked out the other thread. Unfortunately, I don't feel like 1Password is using 2FA to its full advantage and my data is less safe here than on password vaults that do use it correctly. I'll keep checking back to see if security here gets stronger.
0 -
You're most welcome, @russellfincher! I've passed your additional feedback over to the team. Thanks!
0 -
Here is a link that I discovered recently from a thread three plus years ago that sheds some light on this subject and
made me, at least, feel much more comfortable.https://discussions.agilebits.com/discussion/comment/538116/#Comment_538116
0 -
Hi @seattlerust, thanks so much for taking the time to share a link to this forum post by one of our team members! I'm so pleased to hear that it made you feel more comfortable with the role of MFA in 1Password 😄
0