Stolen or lost device when travelling
![[Deleted User]](https://wd.vanillicon.com/v2/d6098a9fb17070ee74b3ef9af35725f4.svg)
Hi all,
I have a question about losing a device when travelling abroad. I am going on vacation next week and will only be bringing my iPhone, on which I have the 1Password app. I've realised that if I was to lose my iPhone or it was stolen, I would not be able to access my 1Password account on any other device (say my partner's phone or a borrowed laptop). This is because I would not have my Secret Key to hand, but also I have two-factor authentication enabled for my 1Password account and so would not be able to generate a code.
Aside from bringing another device with me - e.g. an iPad which I could use to generate a two-factor code and also access my Secret Key - are there any steps I can take before I go? Surely I shouldn't have to disable two-factor for 2 weeks?
Can I generate some single-use recovery codes? Should I have a witten copy of my Secret Key stored in my luggage? Any other suggestions?
Thanks in advance.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: iOS
Browser:_ Not Provided
Comments
-
PS I am aware of the Emergency Kit which I can print and would have my Secret Key, but that doesn't solve the problem of not being able to generate a two-factor code. The only thing I can think of currently is to disable two-factor on my account until I get back, which I don't really want to do.
0 -
PPS I do not have a Family account and my partner does not have a 1Password account. But I also want to consider if both our phones were lost.
0 -
Can I generate some single-use recovery codes?
That option is not available. The Secret Key is 1/2 of the combination for unlocking your account. It would be needed in full.
Should I have a witten copy of my Secret Key stored in my luggage?
I would not advise this action.
Any other suggestions?
Do you have a trusted relative or other individual that you could contact in an emergency situation? I have seen others here in the community go that route. You could possibly provide them with a copy of your Secret Key via your 🚒 Emergency Kit (minus password) and alternatively set up an authenticator app on their device. There would be no need to disclose what the TOTP code would be used for. You could optionally provide both to them without disclosing their use.
I would recommend ensuring they understand the need to protect these until your return. Another possibility is to share a copy of the information above with your partner or possibly both individuals for redundancy.
Please look into the use of Travel mode; you may find it helpful. ✈️ Use Travel Mode to remove vaults from your devices when you travel
0 -
Thanks @ag_tommy.
Can I even setup another two-factor app? If I go to the Manage Two-Factor Authentication page under My Profile, I can't see how to view the QR code again. The only option I have is 'Replace'. So not sure how I could even setup a relative's device to generate two-factor codes for me. Happy to be corrected if I'm wrong.
Travel Mode I don't need to utilise as I only have one vault - Personal.
0 -
It's not possible to add another device directly. I (personally) set up 2FA again, and before confirming, I save a copy of the QR code as a screenshot and save that within 1Password. This will allow any future authentication apps, yours and others (partner), to be set up by scanning that code at any time in the future. I hope that makes sense.
0 -
@ag_tommy Yes, that makes sense. Just a bit of a pain having to go through that process.
Otherwise, it sounds like I either need to take another device such as my iPad and try to secure it in my hotel room, or disable two-factor on my 1Password account for the next couple weeks. Both not ideal.
Two-factor is great until you can't generate codes... Maybe 1Password should offer the ability to generate one or more temporary codes which are only valid for a defined period of time, therefore not requiring a code to be generated from an authenticator app. With no context, these could just be written down or shared with others. And the Secret Key would still be required.
Some services such as Reddit provide backup or recovery codes during 2FA set up, which are single-use. But I do appreciate that these need to be stored securely.
0 -
I'll admit it is a pain at first to get into this mind set. I started doing this more than several years back and it's second nature now. That said, most 2FA would be within 1Password, hopefully. 😊 So there would likely be a lower need to do this on a broad scale. I undertook steps like this long before we support 2FA. It was sure a complicated thing to do back then.
Note: 2FA only applies on new linkings or when accessing 1Password.com. Turn on two-factor authentication for your 1Password account
When turned on, a second factor will be required to sign in to your account on a new device, in addition to your 1Password account password and Secret Key.
Thanks for the suggestions and candid feedback. I'll send it to the rest of the team.
0 -
Ok that wasn't too painful. I did the Replace step and set it up again in my same authenticator app, but screenshotted the QR code during the process and will now save that in my 1Password vault.
I'll share this QR code with a couple trusted relatives who can generate a code for me, if needed, whilst I'm away.
And yes, all my other multi-factor codes are already stored in 1Password :)
Thanks @ag_tommy
0 -
You're most welcome. Enjoy your trip!
0
