Is it a good idea to use 1Password's built in 2FA feature for my 1Password account?
Perhaps it seems a little recursive, and it does seem to work, but I'm a little worried I might get into a bad situation, and I wanted some experts to weigh in.
I use 2FA where ever possible -- including in 1Password. I used to use Google Authenticator for all my auth codes. I am setting up a new phone this morning (yay iphone 11!). I always get nervous setting up my 2FA codes on a new phone -- I am afraid I'm going to miss one or do something wrong and get locked out.
I decided to use 1Password's 2FA feature and its great. I love that it syncs everywhere!
The last code I migrated was for 1Password itself. It seemed to work. For a moment I thought I was screwed when it asked me for my code twice, but it worked, and now I can sign into 1Password using the passcode generated from 1Password.
Is this a good idea? is there a chance I'd get locked out of my 1Password account even if I knew my secret key and master passcode?
1Password Version: 1Password 7 Version 7.3.2 (70302003) Mac App Store
Extension Version: Not Provided
OS Version: macOS Mojave
Sync Type: 1Password Sync
Referrer: forum-search:use 2fa
Comments
-
Ok, as soon as I asked the question, I think I found the answer. On your site you don't recommend this.
https://support.1password.com/two-factor-authentication/"Although 1Password can be used to store one-time passwords for other services where you use two-factor authentication, it’s important to use a different authenticator app to store the authentication codes for your 1Password account. Storing them in 1Password would be like putting the key to a safe inside of the safe itself."
0 -
Ok, I went ahead and disabled 2FA and I'll use a separate app.
0 -
Thanks for the update @brianbolton. Yes, indeed. You can certainly also store the TOTP secret in 1Password, but it shouldn't be the only place you store it. :)
Ben
0