how do you store one-time passwords

matgab
matgab
Community Member
in Mac

Hello guys!
Can you please explain to me, how do you store one-time passwords on your servers?
For example, when I use google authenticator for 2FA it stores locally only on my phone. If I will lose it, I could not get access to my accounts.
Now I created a one-time password in the app for a website, then I installed 1Password on my iphone and the one-time password now is on my iphone and macbook. How is it possible?

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • danco
    danco
    Volunteer Moderator

    The subscription version syncs automatically through 1password.com. But what is stored there is encrypted and cannot (barring major changes in cryptographic techniques) without the Secret Key and the Master Password.

  • matgab
    matgab
    Community Member

    I understand it. But my question was not about it.
    As I understand properly, there is no way to recover your data in google authenticator if you change your smartphone. So, it means I cannot recover one-time passwords even they were syncs with 1password service. But it this case I can.

  • Lars
    Lars
    1Password Alumni

    @matgab - I'm not quite sure I understand your question, but I'll try to answer what I think you're asking. If you choose 1Password as your TOTP (2FA) authenticator (which you can do on an item-by-item basis, it's not all-or-nothing), then the secret is stored within the Login item. This will sync to all devices you're using 1Password on. The actual code itself is something you can reveal: click "Edit" on any record that has a TOTP code stored in 1Password, then click the actual obfuscated TOTP field itself. you'll see it change to something that looks like this:

    otpauth://totp/1Password:test.1password.com?secret=IC6XZVRXOUNEWZQ7&issuer=1Password&skid=LUFNRF

    (the above is, obviously, just an example). This code can be synced because it doesn't change, which is why it can be on multiple devices. It's a way to avoid getting locked out of accounts just because you drop your phone in a river or lose it on the bus. Hope that's helpful! :)

  • matgab
    matgab
    Community Member

    I just want to find out why can’t I export my data from google Authenticator but can do it in 1password.
    Is it just because google Authenticator does not support this feature or 1password has not strong security?

  • AGAlumB
    AGAlumB
    1Password Alumni

    @matgab: We don't have any control over other companies' software, if they choose not to offer an export feature.

    And quite the contrary: if 1Password didn't have good security, it wouldn't need an export feature; anyone could take whatever they want out of it. But since everything in 1Password is encrypted, export is necessary so you're not locked into using 1Password forever. If you need or want to get data out of it, you can.

    I hope this helps. Be sure to let me know if you have any other questions! :)

This discussion has been closed.