Feature Request: Unlock 1Password 6 with TOTP Code
The new feautre from Microsoft, letting you login only with a TOTP is a great thing in Usability and it would be great if Agilebits could implemented this unlock method optional.
Looking forward to hear from you guys!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
@heubergen: It isn't technically possible, but it's certainly fun to think about! There are a few fundamental problems:
- 1Password doesn't use authentication to secure your data (the way a website does to protect your account)*
- Something other than 1Password would have to be used to generate the TOTP code, since you'd need to have access to that outside of 1Password
- Even if 1Password worked in this way, you'd have to be online to authenticate like this, which removes some utility
*It should be pointed out that, unlike with local vaults in the standalone app, 1Password.com is doing authentication _in addition to_ encryption, but the core security of 1Password is due to the "keys" (Master Password and Secret Key) being needed to decrypt the data, and that isn't something multi-factor authentication can do for us.
It's really cool that there's so much going on in this space (biometrics, push notifications, etc.), so we'll have to see how things develop and what opportunities there will be. Cheers! :)
0