Our approach maintains zero knowledge, and is end-to-end encrypted, as decryption still occurs on device. Your data will remain protected and now it’ll be even easier to sign into new devices that you own. This is because a bad actor would still need a trusted device in order to prove your identity and access the data locked away inside your vaults. Unlock with Okta shifts away from needing the Secret Key that you are used to with your 1Password account, but it does so in a way that keeps all data secured on-device and at the same time increases your convenience. We opted for using a trusted device model, which means that if your identity provider credentials are ever compromised, attackers still won’t have access to your 1Password data. Neither of these approaches meet our stringent security requirements. The second is a shared encryption key, which means if a single employee is compromised, the entire company is put at risk. The first is an auth bridge, which creates a large and attractive target for an attacker, and requires customers to maintain on-premise infrastructure. Other enterprise password managers support SSO by taking one of two approaches. The SSO project officially kicked off in 2022 and since then, we’ve had over a dozen unique teams and over 100 people here at 1Password working to bring this feature to our users in the most secure way possible. Unlocking with SSO has its own risk considerations that differ from 1Password’s traditional unlock model, and we wanted to make sure our solution was truly secure.Īfter many months of research and listening to our customers, we’ve engineered a solution with the same careful consideration for our customers' privacy and security as every other feature we’ve rolled out. While the value and benefits were clear, we didn’t pursue this feature because at the time we didn’t have a way to build it that met our stringent security standards. How did we get here?Ī few years ago, unlocking 1Password with SSO began to come up more and more in conversations with our customers. This allows admins to set up their 1Password account so that team members sign in to 1Password with their Okta username and password, rather than their account password and Secret Key. We’re pleased to announce that a public preview of Unlock with Okta is now available for all 1Password Business customers. ![]() A public preview of Unlock with Okta is now available.
0 Comments
Leave a Reply. |