Jump to content

2FA/MFA integration into password records and browser extension

Recommended Posts

Hello everyone, 


we use passwordstate to manage the logins and accounts of our customers. we also use 2fa with duo integration in passwordstate to authenticate our companies users in passwordstate, which works like a charm with the push authentication option by the way :)


the problem:

we also would like to enable 2fa on as many customer accounts as possible, like office 365 global admins etc. to increase the overall level of security. but currently managing 2fa for our customer accounts are a nightmare giving us serious headache. right now, we enable 2fa on customer accounts and save the 2fa secrete with the credentials in passwordstate (in the desciption or notes field) - if we need to login into a customer account, we first need to setup an authenticator app with this secrete to login and delete it from the exployee's device - every single time. with multiple logins a day from multiple admins/supporters this is very time consuming. Using a single device to managing all customer 2fa isnt a option, especially with different locations and homeoffice. 




the feature request: 

it would be such a great feature to enable optional 2fa on password records for adding a 2fa secrete which would display the corresponding 2fa code within passwordstate, and even better, also within the passwordstate browser extension


Example how it could work:



i would really love to hear some thought about this idea, pros and cons from you.


kind regards



Link to comment
Share on other sites

Ok, im feeling a bit stupid now, because i just found out, that passwordstate is exactly capable of what i want to have, it is just called OTP/TOTP within the password state templates. it even works in the browser extension. 


the only thing which is a bit annoying in the current state of the browser extension, if i search for a record with 2fa and click on it to autofill the user and password i will have to re-search the same record to display the 2fa, because the extension auito-hides. 



Link to comment
Share on other sites

  • Create New...