Disable "Two Factor Authentication Available" messages?

rlf
rlf
Community Member

I'm using 1P v. 7.0 for MacOS. Is there any way to disable these "Two Factor Authentication Available" messages I see in right-hand details pane whenever I search for a website login for a website that supports 2FA? I'm well aware that some of the sites I go to support 2FA. But using 2FA isn't warranted on every site that offers it and I'm really tired of seeing these messages. At the very least, if you display that message for around six times and I've chosen not to use it, you should stop showing the message. It's just an annoyance.


1Password Version: 7.0
Extension Version: Not Provided
OS Version: 10.12
Sync Type: 1Password

«1

Comments

  • JadC
    JadC
    1Password Alumni
    edited July 2018

    Hi @rlf, we have a "secret tag" that you can use to ignore this 2FA message on certain entries: enter the tag 2fa onto the entry you want to ignore the message on. Please let us know if you have any other questions or concerns.

  • rlf
    rlf
    Community Member

    Thanks! That will work just fine.

  • JadC
    JadC
    1Password Alumni

    Glad it worked @rlf. Hopefully we will revisit how we ignore these warnings in the future, but for now, this is what we got :smile:.

  • FishingAddict
    FishingAddict
    Community Member

    I had the same question and ended up here. The "2fa" tag is actually not a bad solution as it also lets us quickly display a list of sites that we are actually using 2FA in the various forms available.

    Can someone confirm my assumption that the "Two-factor authentication available ... but you havn't enablied it" indicator in 1Password is simply based on if a TOTP field has been used in that entry? I understand that 1Password cannot actually know if I am using 2FA on any given site and am assuming that not having a TOTP field is just the proxy indicator that causes this notice to be displayed.

    I am a firm believer that neither TOTP nor 2FA recovery codes belong in any password manager (completely defeates the purpose of 2FA) but am interested in how 1Password works so I can use it well. For those of us that store and use TOTP outside of 1Password, or that use U2F or other hardware devices for 2FA, I guess using a "2fa" tag will work fine to supress the notices though.

  • WGBeekhuis
    WGBeekhuis
    Community Member

    I think 1Password can check in your item when you have defined an OTP field for the desired website. How this functionality is build thats a blackbox but it is possible by checking an internal checklist.
    I am glad to be notified by 1Pwd. Now I can decide to increase my loginsecurity by an TOTP check.
    Maybe it’s a relative low-value control but some security experts declared this feature as an improved security measure. I hope Jeffrey Golgberg will explain this feature in a more technical way.

  • AGAlumB
    AGAlumB
    1Password Alumni

    1Password recognizes logins as supporting two-factor authentication based on twofactorauth.org, and will consider any logins with a "one-time password" field or the "2FA" tag is having it enabled. I hope this helps. Be sure to let me know if you have any other questions! :)

  • JamesHenderson
    JamesHenderson
    Community Member

    ugh - I have a similar problem (a site is being tagged as 2FA incorrectly) but I use "2FA" as the tag for those sites where I am using 2FA. That "secret tag" is the exact opposite of my my needs...

  • rlf
    rlf
    Community Member

    How do I opt out of this message thread? I'm almost sorry I asked. :)

  • WGBeekhuis
    WGBeekhuis
    Community Member

    Does 1Password7 have more “undocumented secret” features? I think 1Password should describe this features in the kowledgebase.

  • AGAlumB
    AGAlumB
    1Password Alumni

    ugh - I have a similar problem (a site is being tagged as 2FA incorrectly) but I use "2FA" as the tag for those sites where I am using 2FA. That "secret tag" is the exact opposite of my my needs...

    @JamesHenderson: I'm not sure I understand. That's what it's for. The "2FA" tag tells 1Password you have two-factor authentication setup for that account.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @rlf: lol no worries. You cannot opt-out of specific threads, but you can disable "Notify me when people comment on my discussions" and keep "Notify me when people mention me" on:

    https://discussions.agilebits.com/profile/preferences/

  • JamesHenderson
    JamesHenderson
    Community Member

    @brenty I use the "2FA" tag when I am actually using 2FA in 1Password.

    I don't want to use the tag "2FA" when I am not using 2FA but it is the only way to stop it from nagging me.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Does 1Password7 have more “undocumented secret” features? I think 1Password should describe this features in the kowledgebase.

    @WGBeekhuis: There have been some defaults.write commands, but we're not going to document obscure stuff that doesn't apply to 99.99% of users. If there's a specific thing you need help with we'll be happy to assist though. This, however, is documented. :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    @JamesHenderson: If you're using two-factor on a site, having the "2FA" tag on that item will have no impact on your usage.

  • JamesHenderson
    JamesHenderson
    Community Member

    @brenty I am not sure what you are trying to say, but sometimes 1Password nags me for not using 2FA when there is no 2FA to use (ie the nagging is incorrect).

    I don't want to use the "I am using 2FA" tag, where I am not.

  • ie the nagging is incorrect

    Can you provide an example?

    Ben

  • JamesHenderson
    JamesHenderson
    Community Member

    sure - will need to dig it out, but if I remember its the forum subdomain which doesn't support 2FA even though the main website does.

  • JamesHenderson
    JamesHenderson
    Community Member

    hmm, the example I was going to give you was a Zendesk support one, but the company in question is no longer using them - problem solved.

  • Lars
    Lars
    1Password Alumni

    @JamesHenderson - heh. Well, every now and then random chance operates in your favor. ;-) If you can think of/find any other examples, we'd love to know. I haven't seen any so far, but heaven knows I'm not on every site on the internet (yet!). ;-)

  • JamesHenderson
    JamesHenderson
    Community Member

    cheers, my observation is that this has typically shown itself with a subdomain

  • Lars
    Lars
    1Password Alumni

    @JamesHenderson - we'll keep an eye peeled; thanks for the heads-up. :+1: :)

  • ckellsworth
    ckellsworth
    Community Member

    How do i just 100% disable this notice for ALL items? having go through and tag a lots of items is just a waste of my time! make a global setting to disable this.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Disabling Watchtower would ensure that you get zero notices for security issues. Or if you mean specifically two-factor authentication, it's pretty easy to add the 2FA tag to multiple items at once. :)

  • [Deleted User]
    [Deleted User]
    Community Member

    Is there anything than can be done for a site like Wikipedia? Wikipedia is listed at twofactorauth.org but only supports 2FA for a very limited subset of users (administrators and other highly privillaged accounts).

  • AGAlumB
    AGAlumB
    1Password Alumni

    @lmcm: I wasn't aware of that. Interesting. Certainly, if you are unable to use two-factor authentication there, you can add the 2FA tag to the Login to ignore it. But we are looking into other, more discoverable options as well, and this is a helpful example. Thank you! :)

  • xz4gb8
    xz4gb8
    Community Member

    I just wish the tag you invented was "2FA-NO". Then many of us might be less confused.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Point taken. I think long-term we probably don't want to use tags for this at all. But it's what we've got at the moment. We're looking into other options though. :)

  • [Deleted User]
    [Deleted User]
    Community Member

    @brenty. Cool, using the 2FA tag now, thank you!

  • Lars
    Lars
    1Password Alumni

    @lmcm - great! Let us know if you need anything else. :)

  • I just wish the tag you invented was "2FA-NO". Then many of us might be less confused.

    Seconded. Before I found out about this, I had started using the 2FA tag to label accounts that had some form of 2FA set up, so I don't want to use it for a site that doesn't actually have it now, but might get it in the future.

This discussion has been closed.