On the latest iOS app, I see an option to setup 2FA authentication codes using 1Password, see screenshot. How exactly is toss feature used? I've been using Authy for several years, I was not aware that iOS even offered this option now. I realize this is an Authy question but I've chosen Authy currently but I don't see it kicking in, how does this work? https://ibb.co/fr7yfzf

rudy I went to a site and signed up for 2FA. Change iOS Settings > Password > Options to choose 1Password to generate verification codes. It produced the usual page with a QR code and the corresponding alphanumeric key and a text box to enter the generated TOTP code. The iOS Safari extension did not appear to recognize any of these elements. In contrast, the browser add-on Scan QR code feature is such a pleasant experience. Am I missing something?

Hmm when I tried again I do see that the link is clickable on this page but when I click it in get an error I'm not sure if you are a 1Password team member and I realize this is beta software but I'm still unclear on what the user experience here should be. What was the intent 1Password had when the app was enhanced to add 1Password as an option on the iOS Settings Password Options? As I mentioned, the desktop experience provided by the Scan QR code feature is superb. I just don't understand how the iOS feature provides that functionality. Are you expecting users to copy paste otpauth URLs manually?!

I think the purpose of this iOS platform feature is two-fold: it both allows induction of codes (as rudy describes) and auto-fills codes when needed. Rather, this is how the feature is supposed to work. For example, this article shows how it functions using iCloud Keychain: https://tidbits.com/2021/10/07/add-two-factor-codes-to-password-entries-in-ios-15-ipados-15-and-safari-15/. See this screenshot from the article: If 1Password fully supports this feature, the benefit is not with websites. As @shhh says, the 1Password browser extension already does a fabulous job with that. The real win would be when logging into apps: iOS would offer the OTP in that strip above the software keyboard, pulled from 1Password. In other words, we wouldn't need to use the "copy OTP to clipboard" feature of 1Password anymore. I hope the team is working on full support for this feature, because it is in my book the only "less than perfect" aspect of filling passwords in an app. Don't get me wrong: I am grateful for the cleverness of the "copy OTP to clipboard" feature. Filling OTPs with the platform "verification codes" feature, however, would just smooth out the user experience.

Hello @shhh! 👋 This is a new iOS feature that I believe we're started testing with the latest beta version of 1Password for iOS. It allows you to ingest TOTP seeds so that you can easily setup two-factor authentication for the apps that you use on your iPhone or iPad. So, for example, if you try to setup two-factor authentication for an account via an iOS app on your iPhone, and 1Password is enabled for the "Setup Verification Codes Using..." feature, Password AutoFill should offer to save your one-time password in 1Password without you having to scan a QR code or save the secret manually. I hope that helps! 🙂 -Dave

1P_Dave How can I take this for a spin? And I am guessing this works only on Safari browser on iOS? I use Firefox so I am out of luck?

Setup verification codes | 1Password Community

17 Replies

rudy
1Password Team
3 years ago
It seems to not actually be clickable, but if you copy it and paste&go in Safari's url bar then it'll do the expected behavior (ask if you want to open it in 1Password). The iOS Settings -> Passwords -> Options path doesn't have anything to do with the Safari extension, it is solely telling the OS that the main iOS application can handle being provided an otpauth:// url. I'm not sure if Apple's intent there is to have sites displaying those directly going forward or not, but it's not generally applicable when a QR code or the OTP secret is on that device's screen. It's possibly helpful if you're using the iOS device's camera to open a QR code's url from another device or paper or something.
Former Member
3 years ago
I'm still not sure I understand. I opened this page in iOS Safari but the otpauth:// link you provided is NOT clickable. Should it be?

Besides, I have NEVER seen a "raw" otpauth:// URL on any 2FA sign up flow. Sites provide a QR code and/or the alphanumeric code that represents the TOTP seed.

Even when I go to your test page at https://fill.dev/form/registration-2fa in Safari, I do not see the 1Password extension kicking in.
rudy
1Password Team
3 years ago
@shhh,

You're not missing anything, that's not how that OS feature works. If you had an otpauth:// url on that page, or extracted it from the QR code and you tried to load that url, that would've bounced you over to the iOS app and it would have let you pick an item to attach it to (or create a new item to contain it).

example:
otpauth://totp/?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ
Former Member
3 years ago
rudy

I went to a site and signed up for 2FA. Change iOS Settings > Password > Options to choose 1Password to generate verification codes. It produced the usual page with a QR code and the corresponding alphanumeric key and a text box to enter the generated TOTP code. The iOS Safari extension did not appear to recognize any of these elements. In contrast, the browser add-on Scan QR code feature is such a pleasant experience.

Am I missing something?
rudy
1Password Team
3 years ago
@shhh,

You should be able to use it with any site that produces an otpauth:// url for their 2FA enrollment.
Former Member
3 years ago
1P_Dave How can I take this for a spin? And I am guessing this works only on Safari browser on iOS? I use Firefox so I am out of luck?
1P_Dave
Moderator
3 years ago
Hello @shhh! 👋

This is a new iOS feature that I believe we're started testing with the latest beta version of 1Password for iOS. It allows you to ingest TOTP seeds so that you can easily setup two-factor authentication for the apps that you use on your iPhone or iPad.

So, for example, if you try to setup two-factor authentication for an account via an iOS app on your iPhone, and 1Password is enabled for the "Setup Verification Codes Using..." feature, Password AutoFill should offer to save your one-time password in 1Password without you having to scan a QR code or save the secret manually.

I hope that helps! 🙂

-Dave

Forum Discussion

Setup verification codes

17 Replies

Featured discussions

September at 1Password: Browser versions, enhanced security, and new integrations

Recent discussions

Auto Locking after a few seconds

ICICI Bank

1Password Chrome asks for password every time

Generating Passkey on Second Account

Blue Screen for OTP Prompt in Browser