How do you activate YubiKey for 1Password-win-application without hassle?
Hi There,
I have successfully set up 2FA on my 1Password.com using a recently purchased YubiKey 5 NFC. Please advise me on how to secure my 1Password-application (Windows 8.10.16) that I am running under Win11 with the same Yubikey.
I have read your January 2022 Discussion with "Canadian". But the solution you suggested was extremely complicated. Moreover, I want to do something other than download an authenticator or use a mobile device.
I invested in YubiKeys and 1Password because your and YubiKey sales pitches are: insert the key during setup, and that's it; everything is done automatically. This is not the case if I understood it well. It is quite a hassle.
BTW, I am also a Canadian; perhaps we understand English differently. Why can't you allow the setting up of YubiKey in the application directly?
Thank you for considering in advance.
1Password Version: 8.10.16
Extension Version: Not Provided
OS Version: WIN11, Version 22H2 X64
Browser: Edge/Chrome
Comments
-
Hello @Geza,
Thanks for your message.
I'm sorry to hear that you have been having difficulties setting up a security key (YubiKey 5 NFC). I've included a guide here to help with the steps:
Why can't you allow the setting up of YubiKey in the application directly?
The ability to enable 2FA is only available through your account on 1Password.com (or .ca/.eu). We're continuing to work on more improvements to more closely align the experience between the app and web interface. I don't have any additional news to share at this time.
Take a look at the above guide and if you continue to have troubles, please let us know at which step you are getting stuck. We'll be happy to help further!
0 -
Hi @ag_mike_d
Thank you for your response and the link to setting up YubiKey 5 for my 1Password Account. But I have already completed this step, as I mentioned.
I hope I understood your message correctly about the 1Password Application, which one can turn to plain English as follows:
Currently, 1Password Application does not offer 2FA or 2FA with a physical key.
Do I understand it well? Because if this is the case, the Application is more vulnerable than the Account, and the former undermines the latter's security. Therefore, the secure solution is deleting the 1Password Application. Unfortunately, the info stored in 1Password Account is inaccessible without an internet connection. So, one has a dilemma:To delete or not to delete.
Would you agree with these conclusions?
Thank you,
Geza0 -
I hope I understood your message correctly about the 1Password Application, which one can turn to plain English as follows:
Currently, 1Password Application does not offer 2FA or 2FA with a physical key.
What @ag_mike_d means is that the only place you can perform the setup or configuration of 2FA, is using the 1Password website.
Once you do setup 2FA on your 1Password account using the 1Password website, then 2FA is active for new sign-ins everywhere (including web/desktop/mobile apps).You just can't setup or modify 2FA from within the desktop app, but if you attempt to sign into the desktop app on a new computer for example, then the desktop app will require you perform 2FA.
Note that 2FA is only for new sign-ins, where you haven't signed into 1Password on that device before. If you are already signed into 1Password, unlocking your vault only requires the master password (or Touch ID / Face ID / Windows Hello).
0 -
As ajh0912 mentioned (thank you for adding your thoughts here!), once you've added a security key to your 1Password account through 1Password.com you'll be prompted for that security key when you try to add your 1Password account to the desktop app on a new device.
Your security key will be required whether you try to access your account on 1Password.com or in the desktop app. Let me know if you have any other questions. 🙂
-Dave
0 -
Thank you @ag_mike_d , @Dave_1P , and @ajh0912 for the clarification.
I understand it now.
Could you advise me on how to enforce my Application (which I have been using for quite a while, so it is not a new device) to prompt for the security key I recently registered on my Account? Should I delete the Application and reinstall it?
Thank you,
Geza0 -
Hello @Geza,
It's not possible to always require 2fa authentication once a device has been authorized. Uninstalling 1Password from a device will not deauthorize it. However, there are two options available within 1Password.com to View and manage trusted devices:
- Deauthorize Device: Your account will be removed from the device.
- Require 2FA on Next Sign-in: Your account will remain on the device, but changes you make on other devices won’t appear until you reauthorize using a second factor.
Please let us know if you have any additional questions or concerns.
0 -
I believe I get it now. Thanks @ag_mike_d!
0
