What in case of Yubikey loss?

@vapre

I'm happy to help. 😊

Thank you for the very precise and committed response. Good luck with future developments – I will wait with excitement.

@vapre

At the moment, it's not possible to remove your authenticator app as a second factor for a 1Password account. Historically the reason for this was because not all of our client apps supported Security Keys as a second factor so it was still necessary to enter a six-digit code from a user's authenticator app in order to add a 1Password account to those client apps.

However we've now added the ability to use Security Keys are a second factor to all of our client apps and that sets the foundation for us to be able to offer users the choice to only use a Security Key as their second factor. I don't have any public-facing information on when and if this work will be completed but I can confirm that it's something that our developers are looking into.

For the moment, if you'd like to avoid using an authenticator app you can print the TOTP secret to keep with your Emergency Kit (as a backup) then delete the Authenticator app from your phone once everything is configured.

-Dave

Thank you for your response 1P_Dave . Great for the option of a second key. Makes one sleep more soundly. On your last second comment, however, the question arises though: why use one or even two Yubikeys if a possible attacker simply needs the OTP as 2FA to get in? I thought the Yubikey was "in addition," but maybe I am missing something. Thanks again!

Hello @vapre! 👋

That's a great question! You can absolutely add a second Security Key to your 1Password account so that you can still authenticate even if you lose the first Security Key. Follow these steps: Use your security key as a second factor for your 1Password account

If you only have one Security Key added to your account and you lose it then you can still authenticate by using a one-time password from your authenticator app.

Let me know if you have any questions. 🙂