Watchtower and Two-factor authentication

Moderator

5 hours ago

Thanks for the question! Passkeys are already resistant to phishing and can be considered to have the same level of security as a password plus two-factor authentication, with a lot less friction. Two-factor authentication was designed to add an additional layer of protection to passwords against phishing.

If you have a Login item saved in 1Password that contains a passkey, and that also contains a password, then you'll see Watchtower flag that item as having 2FA available. This is because most websites still allow you to sign in either using your passkey (which is resistant to phishing) or your password (which is not).

There are a few options here:

Add 1Password as an authenticator app to the websites in question for 2FA: Use 1Password as an authenticator for sites with two-factor authentication
Ignore the 2FA banner if you wish.

Why is the Watchtower flagging the three two-factor enabled sites?

Is the one-time password for those websites saved in 1Password? Or are you using a different authenticator app?

-Dave

Forum Discussion

Watchtower and Two-factor authentication

Featured discussions

November at 1Password: the Access-Trust gap, planning your estate, and an updated unlock experience

Recent discussions

High background usage on iOS 26

Support for Zen browser

Two Sites - Two IDs - One Password

Autofill not working with Chrome extension on Mac

Issues with 1Password on iOS and Windows