Missing entry in “Inactive 2FA” list of Watchtower 2.0: 1password.com

XIII
XIII
Community Member
edited May 2018 in Families

Watchtower 2.0 is really nice!

However, I miss at least one entry in the “Inactive 2FA” list: 1password.com

Is that intentionally? (Since you don’t want individual users to use 2FA?)


Sync Type: 1password.com

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited May 2018

    @XIII: Ironic? hehe

    I think it's a bit recursive, but you make a good point. I could argue it either way. It's something we'll have to discuss further.

    But it's worth noting that the purpose of this feature is to help people identify site for which they can use 1Password as the TOTP generator. So I'm not sure it makes sense to have 1Password in that list. It might encourage people to lock themselves out by saving their TOTP secret for 1Password inside 1Password.

    Anyway, thanks for bringing it up!

  • XIII
    XIII
    Community Member

    Ironic? hehe

    Like winning the lottery when you turn ninety-eight and then dying the next day... Or a black fly in your Chardonnay.

    ;)

  • Jasper
    edited May 2018

    Yeah, this is intentional.

    We don't recommend using 1Password as the authenticator app for your 1Password.com account, as stated in our support article:

    https://support.1password.com/two-factor-authentication/

    Although 1Password can be used to store one-time passwords for other services where you use two-factor authentication, it’s important to use a different authenticator app to store the authentication codes for your 1Password account. Storing them in 1Password would be like putting the key to a safe inside of the safe itself.

    For that reason, we won't be recommending this action on a login item for 1Password.com.

  • XIII
    XIII
    Community Member
    edited May 2018

    But it's worth noting that the purpose of this feature is to help people identify site for which they can use 1Password as the TOTP generator.

    Is that mentioned somewhere? (I thought it was generic)

    If it’s meant like this can you please filter out sites that do not support TOTP as well? (See my other topic; it’s inconsistent now)

  • AGAlumB
    AGAlumB
    1Password Alumni

    Is that mentioned somewhere?

    @XIII: Not that I'm aware of. I'm not sure how we could present that in the UI.

    (I thought it was generic)

    I think it's pretty unhelpful if 1Password complains that you're not using TOTP on sites where you can't, since it can't help you with any other methods.

    If it’s meant like this can you please filter out sites that do not support TOTP as well? (See my other topic; it’s inconsistent now)

    We definitely want to. Thanks for your input on this! :)

This discussion has been closed.