Use 1Password as MFA Method for AzureAD
Unlocking your Device every time for agree the MFA prompt could be really annoying, even when you are working like a consult for different companies. During my late night session working for different customers, it was a real pain to unlock, hold my face in front of the device and press “agree” every time i log into my customer environment, especially then you need to do MFA every time you sign in over CLI.
Security Concerns
Yes there are some security benefits not to fall back to software token and using Microsoft Authentificator app or something similar, i think its save enough to use Software Token, unless you are not working with the highest privileged account like Global Administrator.
Step by Step
-
Log into aka.ms/mysecurityinfo and register a new MFA Method. Choose “Authenticator app”
-
Click on “I want to use a different authenticator app”
- “Next”
- “Can´t scan image?”
-
Copy Secret key
- Now goto your 1password (Android, Windows, MacOs, IOS)
- Create a new login or edit your existing login entry
-
Add OTP as a bew field
- paste the copied Secret key
- Save
- Now copy the new provided OTP from 1password and go back to your MFA Method registration this is open the Browser
-
Select Next and paste your 6-digit OTP into the field.
- If its accepted, your finished!
If you like it, it would be great if you can share it or if you have any question ping me on Twitter