top | item 42567729

(no title)

eblume | 1 year ago

The point here, I believe, is that 1Password will only prompt you to enter the 2FA code if the domains match, same with the password. Your point that if you've already decided to enter your password then entering the 2FA code isn't much of a hurdle is sound, but from the perspective of a user of 1Password, it is indeed very surprising (and rare!) when I try to log in to a page and find that 1Password won't show my log in because the domains don't match. It happens, usually due to some cross-origin login flow, but it's rare. So I think the claim isn't false, it's just based on a premise that might not factor in for different people.

discuss

watermelon0|1 year ago

If domain doesn't match, password manager of choice will not suggest to populate credentials. In that case it doesn't matter if 2FA is saved by the password manager, or is managed on another device, because you won't have the chance to use the 2FA.

If domain doesn't match, and you manually copy the password, and login, you can as well manually copy the 2FA code.

Dylan16807|1 year ago

> The point here, I believe, is that 1Password will only prompt you to enter the 2FA code if the domains match, same with the password.

Yes, same with the password.

So it is not an advantage of 2FA.