How To Use The Trezor Model T As A Password Manager And A Second Factor Authentication (2FA) Device
A Trezor hardware wallet can be used not only to secure your cryptoassets, but also as a password manager and second factor (2FA) authentication device.
Trezor devices use the same sophisticated recovery seed security method for their password magement and second factor authentication features, as they do for their cryptocurrency hardware wallet features.
This method recovery seed method is highly effective and secure, which is part of why the device has received such good reviews across the internet (including on our own blog).
This guide shows you how setup and use your Trezor Model T as a password manager and second factor authentication device.
These are two different features of the Trezor Model T, and you can have either one or both of them activated simultaneously.
This guide uses the Trezor Model T for demonstration, but the Trezor One can also be used as a password manager and a second factor authentication device, and the setup process is near identical.
How to Use the Trezor Model T as a Password Manager
Why Use Trezor Second Factor Authentication?
How to Use the Trezor Model as Second Factor Authentication Device
Why Use the Trezor Password Manager?
Remembering all of your passwords to various online accounts can be a hassle. Password managers relieve you of this inconvenience by saving your username and password information. Password managers automatically enter this information when you login to an account.
Most password managers work by having a master password that is used to access all of your username and password information. The obvious flaw with this method is that if your master password is compromised, then all of your other passwords are compromised. Furthermore, the master password must be entered in on the computer to access all of your username and password information.
Whenever you enter any information into a computer connected to the internet, there is a risk the information will be stolen by malicious software that records every keystroke. This means that there is a significant risk that a master password and all of the stored passwords could be compromised.
The Trezor Password Manager provides an alternative to the master password method. With the Trezor Password Manager, you need to actually have access to the physical Trezor hardware wallet to gain access to all of your login information. Instead of a master password, the Trezor Password Manager uses a recovery seed to store all of you login information. This recovery seed is stored completely offline in the Trezor hardware wallet.
The recovery seed is also backed up on paper, in case you lose access to your Trezor hardware wallet. The recovery seed is only entered into the Trezor hardware wallet and never into a device connected to the internet. So there is no risk of the seed being compromised by keyloggers or other online malicious software.
If your Trezor hardware wallet is lost, stolen or broken then you can recover all of your password information by entering the recovery seed into another hardware wallet. The Trezor Password Manager gives you the convenience of automatic logins to various accounts, but without the security risk of a master password.
A shortcut for the Trezor Password Manager will now appear in the address bar.
Sign in with Dropbox or Google Drive. Follow the instructions and allow the Trezor Password Manager to have access to your Dropbox or Google Drive.
Connect you Trezor Model T hardware wallet. You will need to have setup your Trezor Model T with a recovery seed backup, PIN code and device name. If you have not already done so, follow the instructions from this article.
On the chrome page for Trezor Password Manager, select the name of your device.
Confirm the Trezor Password Manager on the Trezor Model T’s touchscreen.
You will then be logged in to Trezor Password Manager. If you have your password information saved in a CSV file then you can click your account name in the top right corner and “Import Storage.”
To manually add account login information one by one, click on “Add Entry.” Enter in the login information and click “Save.” There is no limit to the amount of passwords you can save. Click on “Add Entry” again to enter in another online account.
You can now scroll over the account and click on “Login.” You will need to confirm on the Trezor Model T touchscreen that you want to login to this account.
Once you have confirmed, a new tab will open with the login information automatically entered. All you have to do is click on “Login.”
To edit an account in the Trezor Password Manager, scroll over the account, click on edit and confirm on the Trezor Model T’s touchscreen.
When you are editing or adding an entry, you can generate a strong password by clicking the second button next to the password box. You also have the option to add secret notes for each password and tags to organize your passwords.
To logout of the Trezor Password Manager, just unplug the Trezor Model T. When you need to log back in, click on the Trezor Password Manager Chrome extension. Then enter in the PIN Code in the Trezor Model T and confirm that you want to sign in on the device’s touchscreen.
If your Trezor Model is ever lost or stolen, you can recover all of your password information by entering in the recovery seed into another Trezor Model T or Trezor One. Then you can open up the Trezor Password Manager, sign in with your new Trezor device and all of you password information will be there.
Get free crypto investing & security guides, exclusive discounts, and more!
Why Use the Trezor Second Factor Authentication?
Two factor authentication increases the security of you online accounts by requiring you to confirm the login on another device. Google Authenticator is a popular example of two factor authentication that requires you to confirm your login on a mobile app in addition to entering the username and password into a computer or mobile device.
However, a downside to this service is that Google Authenticator and many other popular two factor authentication apps use a method known as Time-based One-time Password (TOTP). With TOTP the master key is sent over the internet during the setup process. Trezor Second Factor Authentication uses a more secure method known as Universal Second Factor (U2F).
With this method, the master key remains offline and encrypted. U2F is also more convenient because you do not have to enter in a one-time code.
With the Trezor U2F you just have to confirm the login with one click on the Trezor hardware wallet. Trezor U2F will also display the URL of the website you are logging into and what exactly you are authorizing. Your Trezor hardware wallet can store an unlimited number of U2F identities, all under one backup recovery seed.
How to Use the Trezor Model T as a Second Factor Authentication Device
This guide will show you how to setup Dropbox to use two factor authentication with your Trezor Model T, but the process is similar for other services.
Login into your Dropbox account and go to settings.
Go to the security tab and enable two-step verification if you have not already. You will need to confirm this setup with a mobile phone or email.
You can now click on add next to “Security Keys.”
Plug in your Trezor Model T.
Click on “Key Inserted” and confirm the action on your Trezor Model T.
The Dropbox screen will now show “Key added.” You can choose to create an optional name for the security key. Then click on “Finish.”
You can now use the Trezor Model T to authorize your login to Dropbox.
The advanced security method and the accessibility of the Trezor hardware wallets makes them great password managers and two factor authentication devices.
Even if you do not need a hardware wallet for storing cryptocurrency, it is worth buying a Trezor Model T or Model One just for these secure services.