How-To

Moving your Two Factor Authenticators to 1Password

Passwords alone are not enough to keep your online life secure. Two-Factor Authentication adds an extra layer of security. Here we look at integrating your 2FA authenticators with 1Password.

I’m a big fan of 1Password, so I’ve been slowly moving my Two-Factor Authentication (2FA) authenticators from SMS and Google Authenticator over to 1Password. We’ve covered Authy before, which is a great product, but if you’re already using a password manager, why not integrate your factors?

Why Two Factor Authentication?

Although we’ve covered it before, passwords alone aren’t secure enough to protect you and your data. Databases get hacked, people get tricked with email phishing, and sometimes you (gasp!) reuse passwords. Two Factor systems rely on something you know, like a password, and something you have, like a special code. That code can be texted to you, can appear on a keyfob, or you can use software to create that code.

Move From Two Factor Text to Code Based

At first glance, text-based messages seem easy. You probably always have your phone with you, so you know that only you can access the system.

However, your mobile phone isn’t always with you and accessible. Sure, you might have an obvious problem like losing your phone or the battery dying. Sometimes you won’t be in mobile phone range. That happened to me on time when I was on an airplane and had Wi-Fi on my laptop. I couldn’t log into a site because I couldn’t get a text.

Even if your phone is with you and working, someone can “sim-jack” your phone. That’s when hackers use social engineering or other methods to convince your mobile phone provider to reissue your phone number to another person. The average person is unlikely to have that happen.  If you’re being targeted, the person can use sim-jacking as part of a campaign to steal from you.

Why 1Password rather than Authy

Before 1Password supported login codes, I used Authy. However, since I’m such a fan of 1Password, it just seems to make sense to combine them both. Authy lets you manually add a code for 2FA on the Mac, but 1Passwords gives you the additional option of adding based on a QR code. I find it easier to do the add by using the scan. 1Password also scans your accounts and lets you know which systems support 2FA, and takes you to the link to enable it. I like that proactive approach to security.

If you have a 1Password account, it gives the additional option of setting an emergency contact. That way, if I’m unavailable, other family members can get to my stuff. With 1Password’s Travel Mode, my 2FA’s and different passwords are protected when I cross the border.

2faavailable

Adding 2FA Codes to 1Password

After you follow 1Password’s link to enable 2FA on a site, that site will typically present you with a QR Code. If 1Password doesn’t know 2FA is available on the site, you’ll need some additional work. Go to Edit and then the Section area and select One-Time Password. After that, click the QR Code icon. That will present the 1Password Code Scanner.

onetimepassword

Align the crosshairs with the QR Code, and you’re done. 1Password will generate the timed code, so all you need to do is click save. Most sites will ask you to type a code to verify it’s set up correctly.

How to Use Your Timed Code with 1Password

Depending on how you log in to a site, 1Password will autofill your credentials. The bonus with a 2FA site is 1Password copies the code to our clipboard automatically.

passwordcopiedtoclipboard

If you’re using the Apple Watch, the code appears on the watch, too. That feature is handy when you’re on a plane and you’re juggling devices.

Enable 2FA Before The Next Security Breach!

With security breaches so common, the sooner you enable two-factor, the sooner you’re secure. Passwords aren’t enough to protect your important and sensitive data.

2 Comments

2 Comments

  1. esteban

    The type of websites that need to use 2fa, such as the ones that handle or hold your money refuse to use 2fa, except ocassionally sim swappable sms 2fa. On the rare occasion when I see one of them use software tokens its proprietary one. Which I guess means I not only have to use that specific one, it will guaranteed be a phone app when I really want to mess with money on a pc where I can actually see what i’m doing. Guess i’m out of luck till we get options. I’d prefer FIDO 2fa at online banks and credit unions, but they don’t really give a hades. they really really don’t.

  2. Ian Morris Nieves

    Authy has allowed input via QR code for a long time. At the moment, this is the default method of inputting the key to setup 2FA on Authy.

Leave a Reply

Your email address will not be published. Required fields are marked *

 

To Top