Two Factor Auth backups in 1Password
Hi,
Sorry if this is a stupid question, but...
I am using Authy for two factor authentication. I would like to make a backup of my 2FA secrets and my 1Password data. Currently, I have the password for my 2FA backups in 1Password, but this concerns me, because then it's not "One thing you know, and one thing you have", it's just 1Password (and my MP & Backup data). Is this still secure? Or should I avoid it?
Thanks!
Ari
Comments
-
Hi @AriPorad,
By keeping your two factor authentication secrets in 1Password (or storing the password to access the secrets in 1Password), it does kinda kill the "two factor" security aspect of it. If an attacker was somehow able to get into your 1Password data, they would have access to a site's password and its two factor authentication secret. Though if you're already using strong, unique passwords generated by 1Password, you aren't gaining much from a "second factor" anyway (compared to someone who uses weak and/or re-used passwords).
With that said, even if you keep your two factor authentication secrets in 1Password, you still get the security benefits of a "one time password". For example, this help would help if you do things over insecure networks (such as hotel Wi-Fi). If an attacker was able to capture your password and one time password in transit, they would not be able to access your account after the one time password expires.
Please let us know if you have any other questions. We're always happy to help!
0 -
Hi @AriPorad,
Storing your two factor authentication secrets elsewhere would technically be more secure, so you get the true "two factor" security. But like I mentioned, if you're using strong, unique passwords, the benefits of a "second factor" likely aren't as important the benefits of a "one time password" (and you still get the benefits of one time passwords even if you keep your two factor authentication secrets in 1Password).
But it's really up to you, it depends if you feel secure enough storing that information in 1Password.
0 -
Ok, Thanks! I think I probably will store them in 1Password, It's easier, and nobody's going to ever guess my master password (I hope)
0 -
You're welcome! Please let us know if you have any other questions. :)
0
