To protect your privacy: email us with billing or account questions instead of posting here.

Is it possible to set up other authenticator apps on my iPad and/or second iPhone

Options
Topo
Topo
Community Member
edited March 25 in Memberships

I just enabled 2FA and set up the google authenticator on my iPhone, however, depending on what device I'm using, I wanted to set it up on my iPad, and maybe even my wife's iPhone, as a fail safe backup strategy. It looked like the settings only allowed 1 device to be the keeper of the authenticator. I think I ran into a situation where it asked whether I wanted to "replace" the current authenticator app/device. Is that right?

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • ag_tommy
    ag_tommy
    Options

    @Topo it is possible. Something like this should get you going. You'll need to disable the feature and set it up again. This is just an overview I recommend full researching using something like Google, etc.. Since this is an advanced configuration and one we do not support this will a best attempt at assistance. Assistance beyond this over view is no something we're able to provide.

    --

    You would need to set up two-factor authentication at the same time with both devices scanning the same QR code. If both devices scan the same setup code, you should see the same two-factor authentication 6 digit code on both devices.

    To do this properly, you will likely need to disable two-factor authentication on the account and then set it up again. During set up, when the QR code is presented, scan it with 1Password and save the entry. Scan the same QR code with the other Authenticator app. Save the entry. Make sure the displayed codes match between the devices. At the confirmation prompt on the site, enter the code to verify you have successfully saved it. Save any backup codes if the site provides them.

    • Do not go to the confirmation page until you have scanned and saved your entries on both devices. If you proceed forward after scanning one device, the QR code will disappear, and you'll need to start all over again.

    I would recommend finding a site that uses two-factor authentication and experiment. I would hate for you to get locked out of it if you made a miscalculation. https://fill.dev May can helpful. :)

    1Password one-time passwords https://support.1password.com/one-time-passwords/.

  • joshhuggins
    joshhuggins
    Community Member
    Options

    This is one of the reasons I am looking at moving away from Google Auth to 1Password for my One Time Passwords. Seems like 1Password automatically syncs the OTP between devices, is that correct?

  • ag_tommy
    ag_tommy
    Options

    Yes, it does.

  • Topo
    Topo
    Community Member
    Options

    So…Josh’s comment suggests that the OTP option within 1P is just as secure as 2FA thru an authenticator. Is this true? If so, I would prefer it. One less app to deal with and syncing with all my devices.

  • ag_tommy
    ag_tommy
    Options

    @Topo

    I have all of my TOTP inside 1Password with the exception of those that necessitate their own apps or require SMS. Your TOTPs are always secured with your password when 1Password is locked.

    There are two trains of thought. Use 1Password for ease of use and the other side which is keep the two distinct and separate. That is a personal choice you'll want to look into. As far as the feature itself, it's a time based computation. I've been using it since we first released it to make life easier. Plus 1Password can fill the TOTP for you on most sites.

    Use 1Password as an authenticator for sites with two-factor authentication

  • Topo
    Topo
    Community Member
    Options

    Thanks Tommy. I'm trying to wrap my head around all this. Appreciate your help. So...the basic protocol is; your 1P account/vault is impenetrable without your OTP and the Secret Key. The Key is stored only in my possession, wherever I put it.

    You refer to "TOTP". First T is Time based? Sorry if I'm kinda slow on the uptake here. That's not referring to a code sent to you from whatever site or app your loging into? Those are 2FA things, right? Such as, I open my bank app and it asks where to send a code before it will let me in, after I have used 1P to input my user name and password.

    It seems that, for any highly critical logins, I already have 2FA in place, so it looks unnecessary to have 2FA for 1P.

    Again, sorry for all the newbie uncertainty...I think 2FA for 1P may be overkill, but there appears to be more to consider. Anything you can clarify would be great.

  • ag_tommy
    ag_tommy
    edited March 27
    Options

    @Topo

    You're all good. I dare not tell you how long it took me to recall all the meanings as a user. I will tell you I've been about the block a time or two. Err, like I'm approaching 16, or is it 17 years as a user! I forget. Be careful; you'll look around, and you'll have been here that long, too. 😆

    TOTP - Temporary One-Time Passcode/Password.

    No, this feature is a time based code that is generated on your device. It is not sent to us. All the computations are on device. The secret is saved in your login item and when viewed 1Password makes the necessary calculations to determine the correct code. I'm going to share the wiki page but please do not shoot me. You're doing very well and asking excellent questions. The reason for my sharing it is that it helped me wrap my head around the feature way back when.

    Time-based one-time password - Wikipedia

    If you're feeling adventurous, do what I did. I moved one or two into 1Password and get a feel for it. It was not long before I went all in.

    Also, there are no noob questions here. We're all here to learn, and we're glad to have you with us. There is a wonderful community of like-minded folks here. Ask any questions you like. I can't say I'll know all the answers, but that's where other members of the community and also other members of the team come in.