Passwords alone are not enough to keep your life safe online. Two-factor authentication adds an additional layer of security. Here we consider the integration of your 2FA authenticators with 1Password.
I'm a big fan of 1Password, so I've been slowly moving my two-factor authentication authenticators (2FA ) from SMS and Google Authenticator to 1Password. We've covered Authy before, which is a great product, but if you're already using a password manager, why not integrate your factors?
Why two-factor authentication?
Although we have already covered it before, passwords alone are not secure enough to protect you and your data. Databases are hacked, people are cheated by email phishing, and sometimes you (gasps! ) Reuse passwords. Two Factor systems are based on something you know, such as a password, and something you have, such as a special code. That code can be sent by text message, it can appear on a keychain or you can use software to create that code.
Moving from two factors to code
At first glance, text messages seem easy. You probably always have your phone with you, so you know that only you can access the system.
However, your mobile phone is not always with you and accessible. Surely you may have the obvious problem, such as losing your phone or a dead battery. Sometimes you will not be within the reach of mobile telephony. That happened to me on time when I was on a plane and had Wi-Fi on my laptop. I could not log in to a site because I could not receive a text message.
Even if your phone is with you and working, someone can "sim-jack" your phone. That is when hackers use social engineering or other methods to convince your mobile phone provider to reissue your phone number to another person. The average person is unlikely to make that happen. If he is being attacked, the person can use sim-jacking as part of a campaign to rob him.
Why 1Password instead of Authy
Before 1Password supported login codes, I used Authy. However, since I am so fan of 1Password, it seems to make sense to combine them both. Authy allows you to manually add a code for 2FA on the Mac, but 1Passwords gives you the additional option to add according to a QR code. I find it easier to make the addition by scanning. 1Password also scans your accounts and lets you know which systems support 2FA and takes you to the link to enable it. I like that proactive approach to security.
If you have a 1Password account, it gives you the additional option of setting up an emergency contact. That way, if I'm not available, other family members can access my stuff. With the 1Password travel mode, my 2FA and my different passwords are protected when I cross the border.
Adding 2FA codes to 1Password
After following the 1Password link to enable 2FA on a site, that site will usually present you with a QR code. If 1Password does not know that 2FA is available on the site, it will need additional work. Go to Edit and then to the Section area and select One-time password . After that, click on the QR Code icon. This will introduce the 1Password Code Scanner.
Align the look with the QR code, and that's it. 1Password will generate the timed code, so all you need to do is click save. Most sites will ask you to enter a code to verify that it is configured correctly.
How to use your timed code with 1Password
Depending on When you log in to a site, 1Password will automatically fill in your credentials. The advantage with a 2FA site is 1Password copies the code to our clipboard automatically.
If you are using Apple Watch, the code also appears on the watch. That feature is useful when you're on a plane and you're juggling devices.
Enable 2FA before the next security breach!
With security violations so common, the sooner you enable two factors, the sooner you are sure. Passwords are not enough to protect your important and confidential data.