Forum Discussion

Former Member

3 years ago

Feature Request: True 2FA / MFA

1Password's TOTP implementation works, and it's better than nothing. However, the security geek in me can't help but feel like it's "fake" 2fa. If my 1Password master password and secret key are com...

browser extension

Jack_P_1P

1Password Team

3 years ago

Hey @jkcarter:

Thanks for your thoughts on this! We actually have a blog post here a bit that touches on this: TOTP for 1Password users

Additionally, while it's true that someone with access to your account password and Secret Key wouldn't immediately have access to your two-factor authentication codes in that situation, in many cases, it's possible to reset two-factor authentication for services using information that may be stored in your 1Password account that they already have access to. Given this, it would make sense to ensure that your account password and Secret Key remain uncompromised.

Jack

Forum Discussion

Feature Request: True 2FA / MFA

Featured discussions

February 2026 at 1Password: Benchmarking AI security & helping developers access secrets everywhere

Recent discussions

v8 not loving it - we might break up

Feature Request: 1Password on Flathub

'Compromised websites' not notifying after breach

Cannot Update Payment Method

DuckDuckGo Email Alias Integration