Authenticator for sites with two-factor authentication

Hello @hackettsci,

Thanks for asking about storing two-factor authentication codes in 1Password. While I understand your concerns about storing account credentials along side two-factor authentication credentials, there is some nuance to keep in mind when making this kind of a decision for your team. For that, I'd encourage you to read this old, but still useful blog post, TOTP for 1Password users.

• If your team needs the added security of a second authentication factor, you may want to encourage them to store their authentication codes on another device or app, separate from 1Password. Hardware security keys are worth considering here, since they would represent a true second factor and also benefit from being unphishable.
• If your team must use one time passwords, and is already confident in the security model of 1Password, consider using the ability to store one time passwords in 1Password for cases where you will benefit from having a one time password and from 1Password's strong security.

1Password doesn't currently have an option to disable the option to add one-time passwords from being saved, but I'd love to hear more about your teams use case for doing this. If you'd like to discuss it in private, send an email to support@1password.com and include the link to this community post. If you are comfortable sharing here in public, that works for me too.

I hope this information helps. Be sure to let me know if you have any questions.