Forum Discussion
1Password for Chrome - Doesn't autofill 2FA if on same page?
Coming from the old extension, and from Safari.
I have a login form that asks for all information on a single page - username, password, 2fa.
In Safari/Old Chrome I could just Cmd+\, then paste the 2FA code.
But the new extension doesn't copy the code, nor does it fill it in.
Is there anything I can do to force 1P in Chrome to either Copy the 2FA, or help it know that it should fill it in?
I have some control over the login page as it's for a backend system we use, but I can't move the 2FA to a separate page.
1Password Version: 7.9.10
Extension Version: 2.10.0
OS Version: macOS 13.3.1
Browser:_ Chrome - Actually it's Arc, but it's Chrome.
5 Replies
- 1P_Blake
Community Manager
Hey pslinn​! 1Password doesn’t prompt for 2FA on every app unlock because once your device is authorized, asking for it again wouldn’t meaningfully improve your security.
1Password’s security model works differently than many other services you might use. Most apps rely solely on authentication to gate access to your data. 1Password, on the other hand, is built around encryption—and that changes how things work under the hood.
When you first sign in on a new device, you authenticate with your account password, Secret Key, and second factor. After that, a local encrypted copy of your data is stored on your device, and 1Password doesn’t require a constant connection to our servers to function—that’s also why you can still access your vaults even when you’re offline.
That local data is protected by encryption, not ongoing authentication, and what decrypts it is your account password. Requiring a second factor every time you open the app wouldn’t actually block a local attacker, as they could just grab the encrypted data file directly. In that scenario, your second factor wouldn’t help because the app wouldn’t even be part of the equation. So prompting for 2FA again would be more security theater than actual added protection.
The most important thing you can do is make sure your account password is strong and unique, as that’s what really protects your vault on your device.
You can read more about how this all works here: Authentication and encryption in the 1Password security model