To protect your privacy: email us with billing or account questions instead of posting here.

New guy with login question

Options
1Al
1Al
Community Member
edited April 30 in Memberships

Greetings! I just set up a family 1Password account. I'm testing a login on a vault site. On a desktop iMac (Monterey), I've been able to get the site's login data entered. I've set up Duo Mobile on my Android, but when I try to enter the code from Duo Mobile, it's not accepted. I'm sure this will be my first question of many, but let's start with it. Any general "Tips when setting up your 1Password account", or a link for that, would also be appreciated. At his point, went through 1Password's setup prompts, have my emergency kit printed and off my computer. Also, I'm coming for a BitWarden background, if knowing my past password manager experience helps. Thanks in advance!

EDIT: It looks like 1Password doesn't offer an internal TOTP generator as does BitWarden? Also, is there a was for Duo Mobile so send a push instead of a code. See, I told you there'd be more questions, ha!

«1

Comments

  • 1Al
    1Al
    Community Member
    Options

    Just curious, did I post this in the right Discussions area, or is there a way to refine posting by topic?

  • 1Al
    1Al
    Community Member
    Options

    Just starting out with 1 Password. On a desktop iMac (Monterey OS), I've been able to launch a site, but when asked for a 2FA code, I don't know where to look. I added Duo Mobile as my authenticator app, but when enter that code, it's rejected. Do I have to have Duo as an app on my desktop? And just to make sure, 1Password does not generate TOTP's of its own, correct? Thanks.


    1Password Version: Not Provided
    Extension Version: Not Provided
    OS Version: Not Provided
    Browser: Not Provided

  • Dave_1P
    Options

    Hello @1Al! 👋

    Welcome to 1Password! Are you being prompted for a 2FA one-time password for your 1Password account itself or for a different account/website? If it's the latter then have you already added 1Password as an authenticator app for that website by saving the one-time password in 1Password:

    If you haven't done this already then you'll need to login using your existing authenticator app, remove that authenticator app from the website in question, and then add 1Password instead. Alternatively you can keep using your current authenticator app (you mentioned using Duo) for the 2FA one-time password and just stored your username and password in 1Password.

    Let me know if you run into any issue or if I misunderstood the issue.

    -Dave

  • ag_tommy
    Options

    @1AI

    I'm going to move this to one of our other areas.

    1Password supports TOTP codes. Use 1Password as an authenticator for sites with two-factor authentication It may be that you've not selected the add more option in 1Password 8.

  • ag_tommy
    edited April 30
    Options

    The principal reason a 2FA code doesn't work is that your devices time is slightly off. 2FA codes are generated by your device using the current time, and they change about every thirty seconds. If your computer clock drifts/differs from the server, a wrong code will be generated. Another way to put it is with the clocks on your computer, and the server differs, and a mismatch in the 2FA codes occurs, resulting in an inability to log in.

    I would check and make sure the time is set correctly on your device. Does it automatically update itself? If not, try enabling automatic updating. I like to use https://time.is to check my device time. Nowadays, most all devices set their time automatically. However, hiccups still happen. I have had to toggle my "Set time automatically" settings from On > Off > On. Please don't overlook this step. It has helped more folks than you can imagine.

    Also, giving your device a restart may help alleviate any transient issues. The last few users that I helped with this reported that a restart solved their issue. Please be sure to give that a go.

  • 1Al
    1Al
    Community Member
    Options

    Hi Dave, and thanks! First, I'd better clarify what I'm hoping 1Password can be set up to do: After launching a website, and filling in username/password, when I'm asked for a 2FA code from that website (having already set that up with the website), I want to be able to go back to 1Password, copy a TOTP that it has just generated, then back to the website and paste in the code. Is that a thing?

    I know I mentioned having already set up Duo, but I'm wanting to avoid putting a third element into the mix, if that all makes sense?

    Thanks so much!

  • 1Al
    1Al
    Community Member
    Options

    Thank you for your response. This is good to know. I'm troubleshooting another 2FA issue at the moment, so will circle back here if my issue persists.

  • ag_tommy
    Options

    Sounds good.

  • ag_tommy
    Options

    @1AI

    Yes, you can do that. 🙂 One time passwords are supported. Use 1Password as an authenticator for sites with two-factor authentication

  • Dave_1P
    edited May 1
    Options

    @1Al

    Thank you for clarifying. Yes, you can certainly use 1Password as your authenticator app to generate a TOTP for your websites. You'll need to setup two-factor authentication for each website again, this time saving the one-time password in 1Password. 1Password in the browser helps you accomplish this with just a few steps, you can find our guide here: Use 1Password as an authenticator for sites with two-factor authentication

    Once the new one-time password has been saved in 1Password, you can remove it from Duo. Note: This only applies to one-time passwords that use the TOTP standard, if you're using Duo for their proprietary 2FA functions (or HOTP) then you won't be able to migrate those 1Password. 1Password only supports TOTP.

    Once you've saved a TOTP for a website in 1Password, fill your username and password on a website where you’re using two-factor authentication and 1Password will automatically fill your one-time password.

    Let me know if you have any other question or run into any trouble. 🙂

    -Dave

  • 1Al
    1Al
    Community Member
    edited May 2
    Options

    Update: Long story short, I was able to get it all set up, and log-in using 1Password for all the security measures, including a TOTP. And I was able to do so on both a desktop and my phone, so I'm off and running. Now, to see if I can duplicate the success with another company. :-) Thanks for your help!

    Edit: Actually, I have hit a problem on my phone, in that after launching the company via the app, the option to fill in my username and password from 1P did not appear. I had to go back to 1P to copy, then back to the site, paste the data in. Just to clarify, I don't want the data to autofill upon lauching the site, but want the option to have the data entered after the site is launched (I may want to change that later). Any ideas? Thanks.

  • Dave_1P
    Options

    @1Al

    I can help you with your phone as well. Are you using an iPhone or an Android phone? And are you signing into an app or into a website in a browser?

    I look forward to hearing from you.

    -Dave

  • 1Al
    1Al
    Community Member
    Options

    Sorry, I've been on enough of these forums to know that you always give the pertinent info upfront, heh. I'm using an Android Galaxy 14, launching the app. And is it preferable, or is there an advantage to, using the app vs. the website in a browser?

    I've come up with another question, namely, if there is a way to get Duo to always send a push instead of a code? (I'm thinking about using it after all, rather than the 1P TOTP, since a push is more convenient than a code. Unless you can also get a push from 1P?) Thanks.

  • 1Al
    1Al
    Community Member
    Options

    Oops, wrote this a few days ago, but didn't post it: As you likely saw on the other thread, I was successful with my troubleshooting. Thanks for your help!

  • 1Al
    1Al
    Community Member
    Options

    Update: I have Duo set up as my 2FA for logging into 1P. However, Duo's codes are not working on my Android for signing into 1P, nor on my MacBook. Looks like the time is in sync on both. Both have been turned off and on recently. And my phone is from where I'm getting my codes, so when I'm trying to log into 1P on it, you would think it would work, yes? I've successfully removed Duo, then re-added it to 1P, but that hasn't made a difference.

    Eventually, when this is all working, I'd like to get just a push from Duo. Can that be done, or does it depend on the company I'm trying to log into? I plan to use Duo only for 1P (will graduate to passkeys at some point, am not wanting to get ahead of myself for now), and 1P's TOTP function for all other logins.
    Thanks.

  • ag_tommy
    Options

    @1Al

    Did you confirm the code when you set up 2FA on your account? If so, that would indicate that the feature was working. The time would be correct at that time. Time drift is one of the most common things to cause a TOTP code to fail. Checking the time was great as well as turning things off and on.

    Push notifications would likely be with the company because they'll have the integrations enabled (the company). The feature is part of our business offering. Duo is not available for Family or Individual account. We'll not in the sense of push notifications. You can add Duo as a 2FA or TOTP code provider for your account.

  • ag_tommy
    Options

    I have merged the discussions to avoid two different conversations occurring about similar issues.

  • 1Al
    1Al
    Community Member
    Options

    So here's where things stand with me. To simplify things for myself for now, I've disabled the 2FA login for 1Password, and removed 4 passkeys I'd added. My goal at this point is to be able to successfully launch a vault item, and then have the username and password auto-filled when I get to the appropriate screen to touch or click. If the site allows for a TOTP, I want to use 1Password for that. And I want to be able to do this successfully on 3 devices: my desktop Mac (iMac), laptop MacBook Air, and Android phone. For the desktop and laptop, I'm using the Firefox browser extension, and for the Android, the app.

    I've just now completed testing two vault items, and have been successful with the goal described above. One of the sites offered 2FA, and I was able to use 1Password for a TOTP. The only hitch that occurred, was that when using my phone app, the other site I was testing (the one which did not offer a 2FA option) would only auto-fill the username, or password, but not both together. I had to either type in the missing data, or return the app and copy it, return to the site and paste it. I'll see if that happens with other sites, but for now, I'll happily take my successes. I plan to add one or two more vault items now, and if all goes smoothly, I'll circle back to trying to use Duo for my 1password login.

    One other smaller question: is there a way to stop 1Password from offering, via pop-up, to save updated passwords? I am peppering my passwords, so every time I log in to a vault item, it thinks I've changed the password. If I turn off the "Offer to fill and save passwords" option, then it doesn't fill anything.

    Okay, that's plenty for now. Thanks, as always, for any help.

  • 1Al
    1Al
    Community Member
    Options

    Okay, one more question for today...as I add more items to my vault, I'm wanting to back it up, but all I see is an option to import. How do I export it, preferably encrypted? Thanks.

  • 1Al
    1Al
    Community Member
    Options

    Looks like you can only export your vault in 1Password8. Is that correct? Or is there some other way to backup one's vaults? Thanks.

  • ag_tommy
    edited May 9
    Options

    External backups are not possible. Your data is backed up on 1Password.com and is part of your pervious version history. 👀 💾 View and restore previous versions of items

    Exporting is possible. How to export data from 1Password

    • I would recommend sharing the 🚒 Emergency Kit with someone if needed and keeping your data within 1Password. exporting requires frequent updates, and data can become outdated rather quickly.

    ⚠️ * Exported or Printed files 🖨 are not encrypted. They are stored in plain text. Anyone with access to your exported data files will be able to read your passwords. Do not email the files or store them online. Delete them when you are done with them.

  • 1Al
    1Al
    Community Member
    Options

    Thank you. All great info. Although I was I was hoping I could export an encrypted back up, your first section addresses my concern that my vaults are backed up somewhere.

  • ag_tommy
    Options

    You're most welcome.

  • 1Al
    1Al
    Community Member
    Options

    Greetings! I recently noticed that I have log-in items for each of the two vaults I've made. I don't want my vaults to use 1Password to log in. I don't even remember adding them as vault items. I actually deleted one of them, but before I delete the 2nd one, I wanted to check if there was a compelling reason to have my 1Password as a vault item. Thanks!

  • ag_tommy
    Options

    It sounds like you see a login item that is created during account creation. It's a record of your password and Secret Key for safekeeping. It's very useful when folks use biometrics and forget their password. We ask about any other devices, and then folks look within their items using biometrics to regain access. You can delete the item if you wish; however, it's not causing any harm, so you can leave it in place if you wish. Mine are present from 7 or 8 years ago, and similar records from back in the day of 3rd party sync. Ah, nostalgia.

  • 1Al
    1Al
    Community Member
    Options

    Thanks for the advice. I'll leave the remaining one in place.

    New question, regarding passphrases. Does it make a difference security-wise, if one uses a space instead of a dash between words? Is one easier to crack than the other? Thanks.

  • ag_tommy
    Options

    I'm a fan of the dash myself. It gives me a pause and allows to think more about the typing of my password. I've found for me personally the space does not give me that pause and conscious thought about the password. Here I'm thinking of the one password other than 1Password that I have memorized. That's my Apple ID password. You can use either method that fits better for you. This blog posting may help. If you're going to be using the password generator it also offers separators like periods and a few others.

    How to Create a Strong 1Password Account Password

  • 1Al
    1Al
    Community Member
    Options

    Thanks for the advice. I'll leave the remaining one in place.

    New question, regarding passphrases. Does it make a difference security-wise, if one uses a space instead of a dash between words? Is one easier to crack than the other? Thanks.

  • 1Al
    1Al
    Community Member
    edited May 22
    Options

    Thank you. You're saying you use passphrases for 1Password and your AppleID only, correct? It hadn't occurred to me to use a passphrase other than with 1Password. I've read that random password are the way to go when possible. But I suppose if there's an account you really want to remember (like a bank account, maybe?), a passphase is a good option.

  • ag_tommy
    Options

    @1AI

    Things like a period could have less entropy as it is a single character. If in doubt I would recommend using a strong password that uses many characters and symbols. I have some that are all numbers and symbols and also well over 50 characters in length. Yes, a passphrase is a good option for those accounts you absolutely need to recall. Incidentally, I have zero clue about my bank password. It was entirely generated by 1Password.

    You may also find this blog posting helpful. How Strong Should your Account Password be?