2FA desired each time I login

LarryMcJLarryMcJ Senior Member

I realize this could be a bit of a hassle, but there are times I'm in an environment where I'd like to be challenged for an Authy 2FA code each time I login to 1Password (on any device or 1Password.com). I currently don't see how that can be done, but perhaps I'm missing something. I'd cast my vote for DUO Mobile to be allowed with non-Team accounts...but I already know the answer :)


1Password Version: 7.3.2 (70302004)
Extension Version: 7.3.2
OS Version: macOS 10.15.2
Sync Type: 1Password.com

Comments

  • BenBen AWS Team

    Team Member

    Hi @LarryMcJ

    There is good reason this isn't currently possible. :) 2FA serves a different role with 1Password than it does with traditional authentication based services, because 1Password's security is encryption based.

    Authentication and encryption in the 1Password security model

    The function of 2FA with 1Password membership accounts is to help protect the device authorization process. Once a device is authorized 2FA is no longer required, unless the device is subsequently deauthorized through the web app, or the browser/app's locally cached copy of the secret is cleared. Essentially 2FA helps prevent a replay attack from authorizing a device. It is not designed to help in the case that someone has access to one of your authorized devices. As such 2FA does not prevent you from accessing locally cached data (e.g. while your device is offline).

    The information in this thread may help as well:

    Two-factor apps — 1Password Forum

    Ben

  • LarryMcJLarryMcJ Senior Member

    Thanks, Ben. Well...1Password has worked fine without what I was wanting for 14 years, so no sense changing now :)

  • LarryMcJLarryMcJ Senior Member
    edited January 14

    One more "thank you", Ben. The Two-factor apps thread is probably one of the most useful threads I've ever read here in all these years (not that the others aren't)...but there's a lot of good info in that single thread!

  • BenBen AWS Team

    Team Member
    edited January 14

    You are very welcome. I'm glad to hear the suggested thread was illuminating. :)

    Ben

This discussion has been closed.