How To - Add MFA to Shared Accounts

Owned by Johnny Verkaik, created
Last updated: Aug 21, 2024 by Lori Atkin
3 min read

Some accounts will require access from multiple users, potentially in different locations and without access to a physical security key or SMS verification code. In this case, we can still secure the account with MFA, add it to 1Password, and then configure 1Password to act as the MFA point.

WARNING: Do NOT do this with highly privileged/ultra-sensitive accounts. As we saw with LastPass, there is no 100% secure solution for storing credentials and MFA is the last line of defense against a full compromise should malicious actors gain access to our 1Password vault.

 Instructions

Do these things

Note that not all accounts will support this feature, even if listed in the 2FA Directory. For example, Apple only allows SMS or trusted device MFA and will not provide a QR needed for this process.

  1. Create a new password entry for the account in 1Password if needed.

  2. Search 2fa.directory for the account service’s website.

  3. Click the blue book icon.

     

  4. Follow the instructions on the service provider’s website for their MFA setup instructions.

  5. When you reach the point of scanning a QR code, choose whichever option is presented to convert the QR information into code.

  6. Copy the text from the red box above and flip back to 1Password

  7. Locate the account and click the sideways ellipsis icon at the top right, then choose “Edit”

  8. In the Labels section of the page that opens for the account, click the ellipsis icon and choose “One-Time Password” from the dropdown.

  9. Paste the code from Steps 5 and 6 above into the notes box as shown.

  10. The code will convert to a standard 6 digit timed one-time password field after saving. This can then be used to authenticate as needed and can also be auto-filled along with the rest of the login information if you’ve set up the 1Password entry that way.

  11. Ensure any required users can access the account entry in 1Password and never deal with sticky MFA situations again! Note that this may require additional setup/licensing etc. depending on the department.

 Related articles

Filter by label

There are no items with the selected labels at this time.