iOS App copying wrong 2 factor authentication password (1 time password)

JoostF1
JoostF1
Community Member
in iOS

Hi there,

Since the 7.0 update, the iOS app is copying the wrong 2 factor authentication code. (1 time password)
I have a website that uses 3 different sets of 1 time passwords.
Nothing was edited in the app since. But if I login, the website tells me I'm using the wrong password.
A login, going back into the app, manually copying the correct 1 time password, and login is the workarount at this moment.
There is no way to edit this?
It would be nice to see this fixed, and/or some new way to edit the preferences.

Thanks!
Kind regards,
Joost

1Password Version: 7.0.1
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Dropbox

Comments

  • Ben
    Ben

    Hi @JoostF1

    Thanks for taking the time to write in. I’m not entirely sure I understand the bit about 3 different sets of OTP? Could you elaborate on that a bit? How does that work? If you’ve got 3 different TOTP fields on a Login item how do you expect 1Password to know which one you want copied to the clipboard?

    Please let us know.

    Ben

  • JoostF1
    JoostF1
    Community Member
    edited November 2017

    Hello @Ben,
    First I have a login with a OTP. Which doesn’t work on iOS, as described above.
    Ever since the 7.0 update, I have to manual copy the correct OTP for the login.

    Then I have 2 different OTP for specific tasks on a website. These 2 are used manually.

    The 3 sets are created in order:
    Login
    2nd OTP
    3rd OTP

    I hope this specifies the problem a little bit more. It’s just the login that’s using the wrong OTP.
    I don’t expect 1Password to know which one I want copied. I just want the login to work.

    I haven’t tried to setup the page again from scratch, which might solve the problem, but that might take some effort.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @JoostF1: Without knowing any of the specifics, it's impossible to say. But I think you hit the nail on the head:

    I don’t expect 1Password to know which one I want copied. I just want the login to work.

    1Password cannot log you in by itself in cases like this. It can fill your username and password when you tell it to, but the TOTP code must be entered by you.

    1Password tries to help with this by automatically copying it to the clipboard — but if there are multiple TOTP fields for a single login, you will need to copy the correct one yourself to use, as there is no way for 1Password to understand which one you need at any given time.

    I don't know how we could possibly have 1Password figure that out, and frankly I have never heard of a site which uses 3 different TOTP secrets before. Most don't even use one. If this becomes more common in the future, it's certainly something we can look into. But unless this becomes a standard where everyone does it the same way it may always be problematic to try to do this programatically.

    You can certainly save this information in 1Password to keep it secure, but it will be necessary to copy and paste the appropriate TOTP code as needed for the foreseeable future. :blush:

  • JoostF1
    JoostF1
    Community Member

    Hello @brenty and thanks for your response.

    Before 7.0, 1Password copied the correct TOTP to the clipboard.
    Since 7.0, it copies TOTP number 3, used for a different action.

    Now, I let 1Password fill the Username and Password, go back into 1Password, copy and past the correct TOTP.

    I've saved 3 TOTP's for an Crypto exchange,
    1. Account Login
    2. Trading
    3. Funding

    Still, I understand 1Password doesn't know which TOTP to copy for a specific action. But I hoped I would'nt have to login twice. It has become annoying since 7.0.
    (And, I understand that I manually have to copy the TOTP for trading and funding, used within the same website.)

    Please let me know what you think.

    Thanks

  • Ben
    Ben

    The only solution I can think of for this is to create a separate login item for this website with the trading and funding TOTP fields, and have only the account login TOTP field on the item you use to login to the website. You may be able to accomplish this with the least amount of effort by duplicating your existing login, renaming the duplicate to something like Trading & Funding, remove the account login TOTP field from it, and then removing the trading & funding TOTP fields from the original.

    Ben

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited November 2017

    I agree. I'd use separate logins for that, because I would constantly be copying the wrong TOTP field otherwise even if I did it myself; I'd have trouble keeping things straight. 1Password isn't designed for multiple TOTPs per item, but it's definitely something we'll look at if this becomes common in the future. Thanks for bringing this to our attention!

This discussion has been closed.