We opted for using a trusted device model, which means that if your identity provider credentials are ever compromised, attackers still won’t have access to your 1Password data. Neither of these approaches meet our stringent security requirements. The second is a shared encryption key, which means if a single employee is compromised, the entire company is put at risk. The first is an auth bridge, which creates a large and attractive target for an attacker, and requires customers to maintain on-premise infrastructure. Other enterprise password managers support SSO by taking one of two approaches. The SSO project officially kicked off in 2022 and since then, we’ve had over a dozen unique teams and over 100 people here at 1Password working to bring this feature to our users in the most secure way possible.
Unlocking with SSO has its own risk considerations that differ from 1Password’s traditional unlock model, and we wanted to make sure our solution was truly secure.Īfter many months of research and listening to our customers, we’ve engineered a solution with the same careful consideration for our customers' privacy and security as every other feature we’ve rolled out. While the value and benefits were clear, we didn’t pursue this feature because at the time we didn’t have a way to build it that met our stringent security standards.
How did we get here?Ī few years ago, unlocking 1Password with SSO began to come up more and more in conversations with our customers. This allows admins to set up their 1Password account so that team members sign in to 1Password with their Okta username and password, rather than their account password and Secret Key.
We’re pleased to announce that a public preview of Unlock with Okta is now available for all 1Password Business customers. A public preview of Unlock with Okta is now available.
0 kommentar(er)
