"Invalid OTP" as complication

xgkkp
xgkkp
Community Member

I've tried adding one of my (microsoft) 2FA OTP keys as a complication on my apple watch. Although the app (on all platforms, including the watch app directly) can generate keys fine (as can Authy, oath-tools), adding as a complication just shows as "Invali d OTP" when I try to add it as a complication.

The "2FA key" was tkltt6yvdtvc5jh2 (old secret that I have invalidated) but the new key gives the same result. 1Password can generate the OTP tokens fine, but not as a complication.

Is this just some format of key that is incompatible? Or something else going wrong?


1Password Version: 8.10.36
Extension Version: Not Provided
OS Version: watchOS 10.5
Browser: Not Provided

Comments

  • Dave_1P
    edited July 24

    Hello @xgkkp! 👋

    I'm sorry that your one-time password complication isn't rendering properly on your Apple Watch. I'm not seeing the same issue with my own Microsoft account. Just to clarify, does your one-time password field in the relevant item match this format:

    otpauth://totp/Microsft:emailaddress?secret=secret&issuer=Microsoft

    If it doesn't then can you tell me more about how you saved the one-time password? Did you save it using the QR code scanner in the 1Password browser extension? Or did you use some other method?

    I look forward to hearing from you.

    -Dave

  • xgkkp
    xgkkp
    Community Member

    It didn’t come in that form. I didn’t scan the QR code but instead chose “put into an app manually” (I previously wanted to generate through oath-tools) at which point it gave me the base secret - so tkltt6yvdtvc5jh2 is literally the entire contents of the field I put into 1password.

    That said, manually putting it into 1password as
    otpauth://totp/Microsft:emailaddress?secret=tkltt6yvdtvc5jh2&issuer=Microsoft does work on the complication (and gives exactly exactly the same answer as all the apps did with the bare secret).

    So, apparently the complication only requires it in this explicit format. Confusing, but now working, thanks.

  • @xgkkp

    I'm happy to hear that the full otpauth:// format works. I've tested this as well and can confirm the same behaviour with complications on my own Apple Watch. I've filed an issue with our development team so that they can investigate this further.

    For the time being, you can use the otpauth:// format to workaround the issue. I'm sorry for the inconvenience.

    -Dave

    ref: dev/core/core#31791