Why use two factor on 1Password account?
Isn’t it already two factor since you have to use a password (which you know) and the secret key (which you have)?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Hi @timl23,
Your Secret Key (and to an extent your Account Password) is your defense against someone who gets an encrypted copy of your data from our servers.
Two-factor authentication is your defense against an attacker who has somehow acquired both your Account Password and Secret Key but has not acquired a copy of your encrypted data.
You can learn more about authentication and encryption in the 1Password security model here:
https://support.1password.com/authentication-encryption/0 -
Thank you.
"Two-factor authentication is your defense against an attacker who has somehow acquired both your Account Password and Secret Key but has not acquired a copy of your encrypted data."
If an attacker has acquired both my account password, secret key AND an encrypted copy of my data, wouldn't two factor authentication stop that as well, or am I toast in that case ( I would assume so)?
0 -
@timl23 Yes, it would, but that exact scenario is the only scenario where 2FA for your 1Password account helps. Read this blog post from 1Password about why 2FA for your 1Password is not necessary: https://blog.1password.com/should-protect-1password-with-2fa/
0 -
Thanks. Makes sense now.
0
