Standard disclaimer about the site not supporting using a non-proprietary app meaning weird things could happen still applies, but as I said before, I'm not one to stop folks from taking risks they understand and want to take.Ībsent additional knowledge about WinAuth and the underlying design of Steam's TOTP, I'm not sure I'd personally be of much further help, but if anyone would have some insight here, I'd think would be a good bet. If they do use standard TOTP and the workaround is generating a proper URL (URI? My non-coder is showing here) for you, then it honestly should work fine with 1Password out of the box. :lol: Honest, I'm guessing at best re: both companies' motivations for trying to keep things proprietary and that answer may be of no relevance in the end.
Haha, much as I hope with you that Blizzard and Valve change their policy, I don't know if it will ever happen, given that providing users with added security is only a secondary goal to having their own apps. That said, the plaintext export from WinAuth lists the Steam Guard info as follows: "otpauth://totp/Steam:Steam?secret=", so I think it might not actually be HOTP? That said, I'm not a coder and could well be wrong. So adding the functionality to 1Password, especially in scenarios where the end-user is technical enough to use a workaround, shouldn't in effect really cause a significant overlap between people who go this roundabout method, and people who are careless enough not to have their backup codes on hand. I'd hyperlink where the functionality is, but I think it's steam-desktop-client only to generate those. Steam provides recovery codes (up to 20 of them) that can be used from within their app in case the 2FA fails. Hi of all, thanks for the super prompt response (at 5pm nonetheless). I've had to swap my Authenticator between phones often enough, I'm well acquainted with that struggle and wouldn't wish it on anyone. How much does their system for recovering your account if you lose your authenticator device depend on you having used SteamGuard specifically, for example? Will you get locked out if you store it in 1Password instead? We just can't say we support using 1Password for TOTP when the account you're protecting doesn't support it.Īll of that said, I'd be more than happy to pass your feedback along to the team, and I sincerely hope Steam and Blizzard both open up 2FA to whatever app you'd like to use one day.
Yes, it's your choice to put in some extra effort to work around this and, if you manage it, we're not going to stop you but! We really can't account for how Steam will react to this. In addition, Steam really wants you to just use SteamGuard. For one, given the letters, it sounds like Steam may use something other than TOTP (HOTP, maybe? That's another popular one) and we only support TOTP in 1Password. Hey, Much though I'd love to say yes (I hate having any 2FA outside of 1PW and SteamGuard bugs me too), I don't think this is something we're likely to do. I'm aware that this is an extremely rare use-case scenario, but can the app be updated to support Steam Guard (or character string based 2FA outputs)?
BITWARDEN AUTHENTICATOR GENERATOR
I tried to replicate this with Steam Guard, but:ġ) The 1Password code generator correctly recognizes that the output is 5-characters long.Ģ) It outputs numbers instead of letters.
BITWARDEN AUTHENTICATOR PASSWORD
I then took the whole otpauth://totp/BattleNet: secret URL and pasted it in 1Password's One-Time Password field, and received back a functioning, correct code that helps me login to my account. I deactivated my Authenticator from my phone, installed WinAuth on my computer, generated an Authenticator app within it and verified it with Blizzard, then exported the Authenticator app information from WinAuth in plaintext. Today I finally found a workaround for the first. Two main longstanding apps that got in the way of that were the Authenticator from Blizzard, and Steam Guard from Valve. Something I've been trying to do lately is consolidating all my 2FA within the 1Password app.
0 kommentar(er)
