To protect your privacy: email us with billing or account questions instead of posting here.

Feature Request - add PIN to 2FA functionality

RobertLakes
RobertLakes
Community Member
edited May 2021 in Memberships

First of all, I would like to apologize if this is the wrong place for suggestions/feature requests.
If so please point me in the right direction and I can update this question to just be "Where do I submit feature requests?"

TLDR;
Protect your 2FA Codes within 1Password by a pin number, aka when you are ready to reveal the 2FA code you must enter a 4-8 digit pin that reveals it (only for 1 minute) then it re-hides the code.
Improves security from the current method.

My personal opinion and what I believe to be the general consensus is that
Separate 2FA App is better than:
1Password 2FA & Password Storage, which is better than:
No 2FA

I would like to add another step in between Separate app and 1Password 2FA.
1Password 2FA protected by 4-8 digit pin number.

The idea is that the 2FA within 1Password will work identically to the way it does now, but instead of the 2FA code being permanently revealed (or automatically filled into the web page) it will just prompt you to enter a PIN.
Once the PIN is confirmed the code will reveal for 60 seconds (allowing for 2 full cycles of the 2FA code) before masking the code again.

The idea that in the unlikely scenario where your 1Password has been compromised, your 2FA accounts are still technically safe (the 2FA secrets could potentially be encrypted with this separate PIN/PASS to make this security true).
Although with good security management, having your 1Password breached is quite a low possibility.
It is not unthinkable that if you left your computer unlocked at work, a cafe or other location (yes ignoring the fact you can set auto-lock after x seconds, etc) this protects the most important accounts that you have 2FA enabled on (such as banks, primary email accounts and the like).

Another side note: I'm so glad to see the integration between browser and desktop (for biometric authentication) introduced in the latest beta's
I have just installed this, so I'm keen to see how well it works.
For a while, I had used the old legacy chrome extension to get access to this feature, but that lacked a lot of other nice features so i moved back to the modern extension.


1Password Version: 7.6.800 (Beta)
Extension Version: 1.25.6 (Beta)
OS Version: Windows 10
Sync Type: Not Provided
Referrer: forum-search:2fa

Comments

  • ag_ana
    ag_ana
    1Password Alumni
    edited May 2021

    Hi @RobertLakes!

    Thank you very much for taking time out of your day to to share this feedback! We appreciate every idea that could make 1Password even better.

    I can see how this could be useful to you, so while I cannot make any promises, I can tell you that I have shared your feedback internally :)

    Once again, thank you and have a wonderful day!

    ref: dev/projects/customer-feature-requests#687

    I have just installed this, so I'm keen to see how well it works.

    Since the feature is in beta, any feedback is very welcome!

  • RobertLakes
    RobertLakes
    Community Member

    Thanks for replying, that's great.

    I am assuming this means this is a suitable place for such feedback/suggestions/feature/requests

  • ag_ana
    ag_ana
    1Password Alumni

    @RobertLakes:

    I am assuming this means this is a suitable place for such feedback/suggestions/feature/requests

    Yes, you can open discussions in the relevant forum section anytime :+1:

This discussion has been closed.