cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dineshdb
Making moves
Status: New idea

I keep my all passwords in firefox. SMS is insecure for 2-FA. Having to install second app for 2fa is cumborsome. If this can be done securely, it would be best if TOTP codes could be managed via Lockwise, giving it feature parity with standalone password managers.

9 Comments
Status changed to: New idea
Jon
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

Serg
Employee
Employee

@dineshdb  that is a good suggestion! I've filed a Bug 1773857 to implement this. Can't promise anything at this moment, but we will consider it for sure!

Anonymous
Not applicable

Authentication applications are compatible with each other, so if you have one you already use, you may be able to use it. Note that I have confirmed that Microsoft Authenticator can be used. However, I cannot promise that this method is secure.

dineshdb
Making moves

@Anonymousthis one is about firefox itself acting as a replacement for Microsoft Authenticator. Since the data in Firefox servers are end to end encrypted, it can safely act as a sync for TOTP secrets.

tuttifrutti
Strollin' around

We could have the browser autosuggest the TOTP when the input box appears as well just like passwords.

noe
Strollin' around

Great idea!

The best process I've found for TOTP (two-factors authentification codes) is replacing Google Authentificator with Twilio Authy app because it allows syncing your accounts across multiple desktop and mobile devices for 2FA.

To avoid data loss I store backup codes in Firefox passwords with a specific label.

It would be great to integrate all of this in FF just like 1Password does

dineshdb
Making moves

I'm the original author of this idea. And I think, Firefox supporting passkeys (passwordless is the future) is the way to go forward. Passkeys are like TOTP but for the first factor and automated and less error-prone. There is no fishing and a chance of user error. Hence, focusing on passkeys should be the number one priority.

dineshdb
Making moves

I think passkeys are the future. Please go and upvote the passkeys idea: https://connect.mozilla.org/t5/ideas/support-webauthn-passkeys/idi-p/14069

dineshdb
Making moves

Now that passkeys are kind of supported, 2FA should still be Mozilla's priority. It provides a backup method when passkeys aren't available (old devices).