Intro
What 1Password offers is greater convenience. Since 1Password already runs securely on Mac and iOS devices, you can have access to your 2FA codes on any of your Mac and iOS devices without having to mess around with Bluetooth (which means that it will work on any Mac, even ones without Bluetooth 4.0). The point of 2FA authentication means for an attacker to breach your Google account (or any account you set up 2FA on), they would need to gain access to two things: 1) your 1Password account where the username and password is stored, and 2) your physical phone where the separate 2FA authenticator app exists and is the only device capable of. A 1Password membership with two-factor authentication turned on a U2F security key, like YubiKey or Titan To sign in to your account in the 1Password apps or in a browser without U2F support, enter a six-digit authentication code from your authenticator app. If you lose access to your security key. The point of 2FA authentication means for an attacker to breach your Google account (or any account you set up 2FA on), they would need to gain access to two things: 1) your 1Password account where the username and password is stored, and 2) your physical phone where the separate 2FA authenticator app exists and is the only device capable of.
Multi-Factor Authentication (MFA) is a common security requirement when accessing sensitive applications or websites such as your personal banking portal. Since Tesla vehicles can be controlled via the Tesla Mobile App over the internet (thanks to the Tesla API), their website and APIs should also be considered sensitive. As a result, Tesla has finally delivered and rolled out MFA to owners earlier today, October 6th, 2020. The purpose of this blog post is to walk you through the process for setting up MFA on Tesla.com and also provide some recommendations based on personal experience. If you have any questions or comments feel free to reply at the bottom or shoot me a tweet @dburkland. Last but not least, I wanted to give kudos to @mfrunker and @tesla_raj for staying on Tesla about adding this much needed security functionality!
Requirements
- Device (desktop, laptop, phone, tablet, etc.) that will be used as the authenticator device.
- Another device such as another mobile device or personal computer that you will use to access Tesla.com.
- An authenticator app preferably one that has the ability to scan QR codes using your device’s camera. Some examples include:
- 1Password (Android/iOS) – License or subscription
- Authy (Android/iOS) – $Free
- Google Authenticator (Android/iOS) – $Free
- Microsoft Authenticator (Android/iOS) – $Free
NOTE: For the purpose of this blog post I will be making references to 1Password as it is the authenticator app that I personally use. If you haven’t yet heard of 1Password, I would highly recommend you check it out as it is one of the best password / secrets managers out there. It supports pretty much every platform and also supports the ability to store one-time passwords much like the ones used in MFA configurations. If you are not interested in using 1Password feel free to use one of the other mentioned authenticator apps above.
MFA Setup Steps
To setup MFA on Tesla.com you will need to complete the following steps:
- Download and install the authenticator app of your choice to your authenticator device
- Using a web browser, browse to Tesla.com
- Select “TESLA ACCOUNT” in the upper right-hand corner of your web browser window
- Sign in using your Tesla.com account credentials
- Select “Account” in the mid to upper right portion of your web browser window
- Select “Multi-factor Authentication” and then “Manage” underneath to formally start the Tesla.com MFA setup wizard
- With the “Get Started” page now visible, please select “Next” to proceed
- Please sign in again using your Tesla.com account credentials
- At this time please open the appropriate authenticator app on your authenticator device
- Using your authenticator app, use the scan QR functionality to capture the QR code in the middle of the page and click “Next” once you have done so
- With your authenticator app configured it should now display 6-digit passcodes that change every 30 seconds or so. At this point please take the 6-digit passcode that is currently visible in your authenticator app, enter it into the “Passcode” field, and then select “Submit” to continue.
- To generate the necessary backup passcodes that are only to be used in an emergency, please select “Get new Passcodes”
- Make sure to record the (10) generated backup passcodes that can be used in the event something happens to your authenticator app and/or authenticator device
- IMPORTANT: Do not lose these backup codes otherwise you will lose access to your Tesla.com account and be forced to go through the account recovery process.
- Once you have saved the backup passcodes someplace safe click “Done” to proceed
- If you were not automatically logged out of your account, please select “Back to Profile” followed by “Sign Out” so we can validate your MFA configuration
- Select “TESLA ACCOUNT” in the upper right-hand corner of your web browser window
- Sign in again using your Tesla.com account credentials which will now also include a 6-digit passcode from your authenticator app
- If you were able to login to your Tesla.com account that means you setup everything correctly and are now finished with the MFA setup process, congrats!
Other Links 1password mobile app install.
Below are some additional resource(s) that go into a bit more detail on what is MFA, why do we need it, and how can we setup MFA with Tesla.com:
Your 1Password data is safe
The secrets you keep in 1Password are safe from thieves and prying eyes, even if you lose a device.
Your 1Password data is encrypted with your Master Password. As long as you have a strong Master Password, someone who has access to your device won’t be able to view your passwords, credit cards, or anything stored in 1Password.
Any information about your passwords is also encrypted. An intruder won’t be able to see, for example, that you have an account for a specific hotel website, and figure out where you stay when you travel. Everything about the items in your vaults is hidden.
If you use a 1Password account, you have even more protection if your device is lost or stolen. You can deauthorize the device and regenerate your Secret Key, preventing anyone from using it to access your account. An intruder won’t be able to sign in to your account from other devices unless they also have your new Secret Key.
Don’t change your Master Password
1password Authenticator App Download
You don’t need to change your Master Password if you lose a device, unless you have specific reason to believe that someone else knows it.
Your Master Password is never stored on your device. It cannot be compromised or discovered by someone who has access to your device, even if you use Touch ID or Apple Watch on your Mac, Touch ID or Face ID on your iOS device, or Biometric Unlock in 1Password for Android.
Change passwords for your other accounts
Although your 1Password data is secure and private, other apps or services may not have been designed to safeguard your data in the same way. If you use other accounts on your lost device, you should change the passwords for those accounts. 1Password makes this easy.
Learn how to change passwords with 1Password.
Access your data on other devices
If you have a 1Password account, your data is automatically backed up and available online. Losing a device won’t affect that data, which means you never have to worry if your device is lost, stolen, or otherwise unusable. To access your data, install 1Password on another device and sign in to your account.
Your data is also available on other devices if you sync 1Password with iCloud, Dropbox, or the WLAN server. To see your data on any other devices you own, install 1Password on them.
Find your lost device or erase it
Apple and Google offer tools to find lost devices or erase information from them:
- Learn how to find your iPhone or iPad
- Learn how to find your Android device
If you use a 1Password account
If you use a 1Password account, deauthorize the lost device and regenerate your Secret Key. Sign in to your account on 1Password.com to get started.
The WPS Resume Master has built-in tips and ready-made content designed by resume experts. Professional suggestions for each section will boost your chances of getting invited to interviews. Maximize your chances of getting a job. WPS Template is your ideal choice for a totally free, all-in-one online templates platform which contains abundant Writer, Spreadsheets, and Presentation templates. Home Presentation Writer Spreadsheet Premium Custom Service Resume Master.
1password Lost Authenticator
Regenerate your Secret Key
- Click your name in the top right and choose My Profile.
- Click Regenerate Secret Key.
- Enter your Master Password, then click Regenerate Secret Key.
- Download your new Emergency Kit, and store it safely.
Iterm2 1password. 1Password will ask for your new Secret Key and your Master Password on each device you’re signed in to.
Deauthorize the lost device
- Click your name in the top right and choose My Profile.
- Scroll down and clicknext to your lost or stolen device, then choose Deauthorize Device.
If you sync 1Password with Dropbox
If you sync 1Password with Dropbox, unlink your lost device and remove 1Password as a connected app:
- Sign in to your account on Dropbox.com.
- Click your picture in the top right, and choose Settings.
- Click Security.
- Scroll down to Devices, clicknext to your lost device, then click Unlink.
- Click “Connected apps”.
- Scroll down to “Linked apps”, clicknext to 1Password, then click Uninstall.If you see multiple copies of 1Password, uninstall all of them and set up 1Password to sync with Dropbox again on each of your mobile devices.
1password Multifactor
The device you unlinked won’t be able to sync any changes you make in 1Password on your other devices.