Two Factor

pomme4moi
pomme4moi
Community Member
in iOS

Just want to confirm my understanding pls. Some sites (e.g., Google) use an app (Google Authenticator) for two-factor authenticaton. Other sites (e.g., Apple) send a code to your phone at time of login. The new 1P TOTP feature works with the former, but not the latter, correct?

Comments

  • thightower
    thightower
    Community Member

    @pomme4moi

    It will work with sites that use the Google authenticator type setup.

    It will not replace SMS / Push based authentication.

  • Drew_AG
    Drew_AG
    1Password Alumni

    Hi @pomme4moi,

    I hope you don't mind, but I've moved your discussion to our iOS forums, since the TOTP feature is available in 1Password for iOS, but not yet in 1Password for Mac (but our developers are working on that).

    If you'd like to read more about one-time passwords and how that works in 1Password, please check out this article on our blog.

    For steps to set up one-time passwords in 1Password 5 for iOS, take a look at this page of our User Guide.

    I hope that helps, but if you have more questions about that, we're here for you! :)

  • huffalumpy
    huffalumpy
    Community Member

    I have two different TOTP apps that are running on my phone, for different services, and I have multiple keyfobs, too. The guide was less than helpful in describing which tokens/apps can be replaced with the new functionality.

  • Ben
    Ben

    Hi @huffalumpy,

    We do not have a list of which sites use the Google Authenticator protocol, but any that do are compatible.

    Thanks.

  • huffalumpy
    huffalumpy
    Community Member

    That part was not made clear: that it is contingent on GA. Are there any other TOTP services that are compatible?

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    I may have misunderstood your question @huffalumpy but we only have support for the TOTP algorithm. Alternatives such as HOTP, mOTP or OCRA (and I'm guessing a host of others) are not supported. My understanding is we followed RFC 6238 which Google also follow in their Google Authenticator app. Any service using TOTP should be compatible.

    If I've misunderstood do please correct me.

  • huffalumpy
    huffalumpy
    Community Member

    It was that information that wasn't clear in the notes. You might want to list ones that you are aware of (such as GA) so that folks understand, ahead of time, what you mean.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Thank you for the suggestion, I'll pass that on.

This discussion has been closed.