This may be a bit of a corner case request, but here goes... There are some websites (looking at Etrade.com!) where the 2FA TOTP code needs to be silently appended to the password in the same field. There is no visual indication to remind you that a 2FA code is required, and if you forget it just tells you you entered the password wrong[1]. Another example is the login page to opnsense (and maybe pfsense?) router/firewall software. You can enable 2FA on your router, but then have to remember to concatenate the TOTP code just like on etrade. It would be nice if I could edit or otherwise flag that login item so 1Password knows to automatically concatenate the password and the 2FA code for me so I don't forget. [1] Admittedly, there's a "use security code" checkbox that reveals a 2FA field, but if you've remembered to check that box, you've remembered you need a 2FA code, so that's not really the issue 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided

Adding my support to this as well. I dont think this is a "special case" feature at all. I have several sites that I use daily where I find the lack of 1Password field concatenation really annoying (USAA and my OPNsense router admin page are two that immediately come to mind). Its not 1PW's fault of course, as this is a really silly hack method to not have the OTP code as a secondary input field on these login pages, but the reality is, there are sites that insist on doing it this way, and it's a real pain to not be able to auto-fill credentials this way via 1PW. I saw a 1PW team member mention (in one of the numerous previous--and now closed--threads about this feature request) that implementing this feature poses a UX challenge, which I can understand. But it seems to me that it doesnt have to be any more complicated than having a special "dynamic password" (or something better named than that!) field type where you can construct fill-in data based on existing fields in the same vault item, using a "tag" based UI. For example, here's how a theoretical "dynamic password" field could work, where I can build a single "dynamic" fill-in field by using concatenated "tags" that represent the names of existing fields in the vault item. This way, you could (at best) map the "password" form field entry to the "dynamic password" field for seamless auto-fills, or (at worst) manually copy and paste the contents of dynamic password field into the form. This way at the very least, you wouldnt have to manually copy and paste data from multiple fields every single time you want to login. You'd just have to copy a single field!

motivio I don't have any updates to share but I can share your request for this feature with the team. Are you able to provide examples of websites that you've encountered that require the password + TOTP to be entered into one field? 🙂 -Dave

My team would be a +7 looking for this feature to be implemented in all 1Password apps. The "dynamic password" mockup proposed by melorama looks perfect! We would use this for login to Sophos firewall portals and when using the VPN app. Password is a concatenation of our network password plus the one-time password (ie. Password123456). Currently we need to juggle the app to copy/paste multiple values before the OTP expires. Dave

Bhellx Thanks for following up. The feature request is still open with our product team but I don't have any news to share. Hopefully this is a use case that can be better accommodated in the future. -Dave ref: PB-43137543

Until the 1PW devs add this functionality, here's https://gist.github.com/melmatsuoka/7c8bee12c64096d462db128633b7c3da.

Accounts where TOTP code should be appended (or prepended) to the password

63 Replies

melorama
Occasional Contributor
10 months ago
Just bumping this request again, as I just realized how much worse this is when trying to login to my OPNsense router while using a mobile device! It’s only a minor annoyance on a desktop computer, where you can quickly switch between apps (or by using a macro based system with the CLI tool, as I mentioned earlier in this thread). But on mobile it’s next to impossible!
1P_Dave
Moderator
11 months ago
ckwebz

Thank you for the feedback! I've filed your request with our product team. 🙂

-Dave

ref: PB-43597300
ckwebz
New Contributor
11 months ago
My team would be a +7 looking for this feature to be implemented in all 1Password apps. The "dynamic password" mockup proposed by melorama looks perfect! We would use this for login to Sophos firewall portals and when using the VPN app. Password is a concatenation of our network password plus the one-time password (ie. Password123456). Currently we need to juggle the app to copy/paste multiple values before the OTP expires.

Dave
1P_Dave
Moderator
12 months ago
Bhellx and zcutlip

Thank you for those examples! I've passed them, and your feature requests, along to the team. 🙂

-Dave

ref: PB-43137491
ref: PB-43137543
Bhellx
New Contributor
12 months ago
I just ran into this while attempting to add MFA to our Sophos VPN. It wants it appended to the password, so please consider adding this feature. Any reason a user has to NOT use our password manager works against our user adoption efforts. We are very pleased with 1password and your efforts to make improvements.
zcutlip
Dedicated Contributor
2 years ago
Hi, it's been a while since I checked in on this thread (I'm the original poster for this one).

I'm seeing requests for examples, so I'll go ahead and mention again the website that brought me here to start with: etrade.com.

The Etrade login dialogue has an optional checkbox for to reveal a third entry field for the security code. However this doesn't help the case where you forget you've got a 2FA code on this site, or you're using 1Password to auto-fill the login.

See attached screenshot.

I'll also second (third?) the OpnSense firewall (and I suspect PFSense as well?).
1P_Dave
Moderator
2 years ago
btr

Thank you for the clarification. I've passed your use case along to the team. 🙂

-Dave

ref: PB-41768991
btr
New Contributor
2 years ago
Hi 1P_Dave

I use the standalone https://openvpn.net/client/ client for Windows to connect to our VPN, so I need to manually copy/paste the TOTP value from 1Password.

Taking my hand off the mouse to type the PIN before pasting the TOTP each time is the annoying part.
1P_Dave
Moderator
2 years ago
btr

Thank you for the example! So that the team can look into this further, could you please send the page structure of the webpage in question to our support team? Follow these steps:

Open the website in question until you can see the password/PIN field that you're referring to.

Right-click on the page and click "1Password - Password Manager" > Help > Collect Page Structure.

Attach the resulting JSON file to an email message addressed to support+forum@1password.com.

With your email please include:

A link to this thread: https://1password.community/discussion/comment/716339/#Comment_716339

Your forum username: btr

Please do not post the file here on the forum.

You should receive an automated reply from our BitBot assistant with a Support ID number. Please post that number here. Thanks very much!

-Dave
btr
New Contributor
2 years ago
1P_Evon

Thank you for the report! Can you provide examples of websites you've encountered that require a
one-time password to be entered with a password into one field?

-Evon

Just to add another example, we use pfSense for our VPN, which requires TOTP + PIN.
https://www.netgate.com/blog/freeradius-on-pfsense-for-2fa

Forum Discussion

Accounts where TOTP code should be appended (or prepended) to the password

63 Replies

Featured discussions

August at 1Password: Android filling updates, Pax8 Marketplace, and AI security insights

Recent discussions

1Password and the GNOME system icon tray

sign-in does not work on mahix.org

Nightly for arm64 not generated

"1Password is trying to set up Touch ID for your account"

1password as contacts manager?