Techly NewsGet the app

Get the latest tech news

1Password and 2FA: Is it wrong to store passwords and one-time codes together? (2023)


Many sites support two-factor authentication (2FA). Learn why it’s safe to store your one-time codes in 1Password, and the differences between 2FA and 2SV.

While you turn on the 2FA setting in your account, and subsequent sign-ins require your password and a TOTP, you lack a true second factor when both secrets originate from the same device. If an attacker got ahold of your 1Password login information ( and your 2FA secret if you’ve added that layer of protection to your 1Password account) but didn’t have control of your device, the separation between your passwords and TOTP could prove useful. And to those faithful hardware key crew members: Think of your true second factor as less “extra layer of security,” and more granular protection that will apply only if you’re subject to certain forms of attack.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of passwords

passwords

Photo of 1Password

1Password

Photo of time codes

time codes

Related news:

News photo

Nearly 10 billion passwords stolen by hackers — how to protect yourself | Tom's Guide

News photo

Hackers exploit critical D-Link DIR-859 router flaw to steal passwords

News photo

Most passwords are cracked in less than an hour, and many in just one minute

« VPN ban is strangling communication in Myanmar
Curl native support for –aws-sigv4 (2023) »