How to get into 1 Password account without Authenticator app working

BBal835
BBal835
Community Member
in iOS

I had to restore my iPhone and lost the Authenticator app settings. I downloaded the 1Password app from the App store, but cannot get it to login my 1Password account without the Authenticator code. I tried using my Emergency Kit but it still asks for the code from the Authenticator. I have a subscription which is working fine on my iPad and Mac,

1Password Version: 7
Extension Version: 7.2.1
OS Version: iOS
Sync Type: 1Password

Comments

  • Ben
    Ben

    Hi @BBal835

    Do you have a backup of the authenticator app data, or is it synced anywhere? Are you still able to unlock 1Password on your Mac? Are you able to log in to https://my.1password.com/ in a web browser on your Mac?

    Ben

  • BBal835
    BBal835
    Community Member

    I do have a backup of the data, but the backup data may be corrupted, and Apple had me restore my phone and do a manual setup, which erased the Applicator App and its settings. I can still use 1Password on my Mac, but every time I try to log in to the site I get asked for the Applicator code. I've tried to use the Scan Setup Code to set the App on my phone but it still asks for the Applicator code, which was, of course, on my iPhone.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @BBal835: If you've already signed into a web browser using your account (and you would have had to in order to setup two-factor authentication), you should be able to sign in there again using only your Master Password to disable two-factor authentication. Have you tried that?

  • BBal835
    BBal835
    Community Member

    I tried that, but it still asks me for the authenticator code.

  • Ben
    Ben

    @BBal835

    In that case the only way forward would be to have a discussion with our security team about getting the 2FA feature disabled for your account. Please send an email to support+forum@1password.com from the email address associated with your membership. In your email please include a link to this thread: https://discussions.agilebits.com/discussion/97998/ as well as your forum username: BBal835.

    Once you send the email you’ll get a support ID back from BitBot. So that we can get the message to the appropriate people please post that support ID here.

    Thank you.

    Ben

  • BBal835
    BBal835
    Community Member

    Ben, thank you. I sent the email.

    This is an interesting dilemma. When one gets a new phone the 2FA authenticator apps have to be reset since they're tied to a specific phone, but without the correct 2FA code one can't login to reset it. I had to call my bank to get their 2FA app reset and working again. Many sites offer an alternative way to log in if their 2FA code isn't working, but I could not find or get that choice at 1Password.

    I greatly appreciate your advice and help!

    Bruce

  • Ben
    Ben

    Right; you’d either need to take action on the old phone prior to erasing the authenticator from it, or (better) have multiple devices set up to generate codes. Alternatively you could use an app that syncs the TOTP secrets, so that you can set up the new phone to sync with that app and have all of your codes available on the new phone. Having to use a back door every time isn’t ideal, and won’t help for services that don’t offer a back door.

    Our security team should be in touch soon with further info.

    Ben

    ref: UHK-22333-656

  • BBal835
    BBal835
    Community Member

    Not sure if I'm supposed to include it here, but if so, my support ID is [#UHK-22333-656].

  • BBal835
    BBal835
    Community Member

    Ben, I did not realize that I could set up multiple devices to generate codes. My bank does not allow, so I didn't think another entity would.

    Also, can you suggest an app that syncs the TOTP secrets? I don't know anything about that, but will look into it.

    Thanks
    Bruce

  • Ben
    Ben

    Not sure if I'm supposed to include it here, but if so, my support ID is [#UHK-22333-656].

    Yes, thank you. I’ll make sure your ticket gets routed appropriately.

    Ben, I did not realize that I could set up multiple devices to generate codes. My bank does not allow, so I didn't think another entity would.

    TOTP can inherently be used on multiple devices by inputting the same TOTP secret on multiple devices. There isn’t really a way for a site/service to disallow this, so if your bank is using TOTP it would be possible regardless of what they may say. When you get the QR code or TOTP secret for setting up 2FA for a site/service just scan / input that on each device. You can even print the QR code as a backup to scan on new devices. If the site doesn’t “allow” that... take a screenshot of it and print the screenshot. :)

    Also, can you suggest an app that syncs the TOTP secrets? I don't know anything about that, but will look into it.

    I believe the Google Authenticator and Authy both have ways of doing this but I don’t have personal experience with either so I couldn’t say for sure. My personal strategy is more along the lines of what I mentioned in the paragraph above.

    Ben

  • BBal835
    BBal835
    Community Member

    Thank you for all of the above!

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited November 2018

    On behalf of Ben, you are most welcome! We'll continue the conversation via email to get any additional information required.

This discussion has been closed.