How can I disable pishable credentials?
I've recently installed 1pass to my Iphone 13 and I'm not able to login unless I add the alternator app as I guessing the app does not support FIDO Keys yet.
Ideally, I'd like to unlock my Vault with my pin and touch my Yubikey or better use just use my bio key to do both in one on my PC.
On my mobile device, I'd like to continue to use FACEID to open the vault and allow me to fill for apps and forums, however, during the reauth every 2 weeks I'd like it to simply require the fido key via NFC or inserted.
Is this on the way? I do not want to have an authenticator code on my account as it leads to easy phishing attacks.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Hello @Zazzn! 👋
1Password supports using security keys on all platforms including 1Password 8 for iOS: Use your security key as a second factor for your 1Password account
Once you add a security key (I recommend that you add two just in case one breaks or you lose it) you'll be able to remove the authenticator app if you wish.
If this isn't working then can you tell me the specific model of security key that you have and what happens when you try to use it with the app on your iPhone? What do you see when you're prompted for two-factor authentication, can you post a screenshot?
On my mobile device, I'd like to continue to use FACEID to open the vault and allow me to fill for apps and forums, however, during the reauth every 2 weeks I'd like it to simply require the fido key via NFC or inserted.
Your security key is only required the first time that you add your account to the app. You can require your account password every two weeks by following these steps:
- Open and unlock 1Password.
- Tap the icon for your account or collection at the top left and choose Settings. (If you’re using an iPad, tap your account or collection at the top of the sidebar.)
- Tap Security.
- Set "Require password" to the desired setting.
I look forward to hearing from you.
-Dave
0 -
Are you sure that's correct? When I had 2FA enabled, I was not able to login to the app because it only allowed me a password. I did not have the authenticator app added because it's a pishable MFA. Until I added that, I was not able to login to the app because it does not look like it's enabled for security Keys like Yubikeys.
0 -
Thank you for the reply. You'll be prompted for your security key once you enter your Secret Key and password. I can use my security key to authenticate my account in the 1Password for iOS app.
Can you try the following:
- Add a security key to your account again: Use your security key as a second factor for your 1Password account
- Download and save your Emergency Kit
- Deauthorize the 1Password for iOS app.
How to deauthorize the app:
- Log in to your 1Password account on 1Password.com (in the browser, not the app)
- Click your name in the top right and choose My Profile.
- Click the gear wheel next to your iOS device and then click Deauthorize.
Then, open the 1Password for iOS app and enter your account information and account password. Once you've entered these you should be prompted for 2FA, select the security key option. If you don't see an option for your security key then, to help me better understand the situation, I'd like to ask you to take a screenshot of what you're seeing and attach it to your reply:
-Dave
ref: dev/core/core#20680
0 -
That's the problem I'm never prompted, I just downloaded the app for the first time yesterday on the latest iOS In fact it never asks for a security key when using the app. Only show password? Hrm...
I've tried disabling security keys, then logged in then re-enabled logged out and logged in again with 3 keys in my account, it would fail until i added authenticator app then it would let me use an OTP code.
0 -
That definitely doesn't sound right. So that I can investigate further, I'd like to ask you to create a diagnostics report from your iOS device:
Sending Diagnostics Reports (iOS)
Attach the diagnostics to an email message addressed to
support+forum@1password.com.With your email please include:
- A link to this thread: https://1password.community/discussion/143243/how-can-i-disable-pishable-credentials
- Your forum username:
Zazzn - Please do not post your diagnostic report to the forum. This is for your privacy and security.
Please send the entire file.
You should receive an automated reply from our BitBot assistant with a Support ID number. Please post that number here. Thanks very much!
-Dave
0
