If you’re like me, you’re accustomed to setting up 2FA by having 1Password detect a QR code on-screen, but this doesn’t work with Lemmy’s 2FA since it never displays a QR code. Here’s what you should do instead.
Start in Lemmy by enabling 2FA in your settings. When you save, scroll down again to the bottom of your settings. You’ll now see a 2FA installation button. My first inclination was to click this button, but my Mac wanted to open it in the macOS keychain instead of 1Password. Instead, right click the button and copy the link. (It’s styled as a button, but it’s really just a plain link.)
Now, in 1Password, add a one-time password field to your Lemmy login. Paste the URL you copied from the button into the one-time password field. Save the login, and you should now see the one-time password displayed in 1Password.
You’re actually done at this point. One thing that threw me off is that Lemmy’s 2FA does not require a code validation step like many 2FA systems do. I validated it manually by logging out and logging back in. Lemmy asked me to enter the 2FA code, and I was able to copy/paste it from 1Password to log back in.
Hope this helps others who are confused like I was!
Thanks for the detailed post.
I encourage those of you who use your password manager for 2FA to consider that by having your second factor together with the password, they can both become compromised at the same time. Storing your second factor separately, e.g. using a different app with a different password, could help if your password manager database ever gets compromised, because then the attackers would only have access to your password, not your 2FA codes too.