Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Some accounts will require access from multiple users, potentially in different locations and without access to a physical security key or SMS verification code. In this case, we can still secure the account with MFA, add it to 1Password, and then configure 1Password to act as the MFA point.

WARNING: Do NOT do this with highly privileged/ultra-sensitive accounts. As we saw with LastPass, there is no 100% secure solution for storing credentials and MFA is the last line of defense against a full compromise should malicious actors gain access to our 1Password vault.

\uD83D\uDCD8 Instructions

Do these things

Note that not all accounts will support this feature, even if listed in the 2FA Directory. For example, Apple only allows SMS or trusted device MFA and will not provide a QR needed for this process.

  1. Create a new password entry for the account in 1Password if needed.

  2. Search 2fa.directory for the account service’s website.

  3. Click the blue book icon.

  4. Follow the instructions on the service provider’s website for their MFA setup instructions.

  5. When you reach the point of scanning a QR code, choose whichever option is presented to convert the QR information into code.

  6. Copy the text from the red box above and flip back to 1Password

  7. Locate the account and click the sideways ellipsis icon at the top right, then choose “Edit”

  8. In the Labels section of the page that opens for the account, click the ellipsis icon and choose “One-Time Password” from the dropdown.

  9. Paste the code from Steps 5 and 6 above into the notes box as shown.

  10. The code will convert to a standard 6 digit timed one-time password field after saving. This can then be used to authenticate as needed and can also be auto-filled along with the rest of the login information if you’ve set up the 1Password entry that way.

  11. Ensure any required users can access the account entry in 1Password and never deal with sticky MFA situations again! Note that this may require additional setup/licensing etc. depending on the department.

Filter by label

There are no items with the selected labels at this time.

  • No labels