Okta MFA codes stored in 1Password

Question

Hey all,I ran into an issue when integrating 1Password with our IdP Okta, a good amount of our users use 1Password as a means to store their MFA codes, including Okta.&nbsp;This meant that when the users tried to login to 1Password, they found that they could no longer access the MFA code for Okta to login to 1Password. And that left them stuck in a loop, need Okta MFA code to login to 1Password, can't login to 1Password sine they need the MFA code.Is there a solution for this other than asking users to use another MFA method for Okta?We don't provide company mobile devices, and our company is fully remote meaning some labour laws restrict me asking our users to install another MFA app (like Okta verify) on their personal devices.

dunecat · Answer

Great question. Would something like this help?

Employee creates a separate, personal 1P vault. This separate vault is not subject to MFA.
Employee stores Okta MFA code in the personal vault.
Employee unlocks personal 1P vault.
Employee uses unlocked 1P vault to open the Okta MFA vault.

I've not used 1P with unlock SSO--only re-auth SSO--but I hope this could help.

Forum Discussion

Okta MFA codes stored in 1Password

1 Reply

Recent Discussions

Unable to launch the 1Password app

Push notification on login expiry iOS - Feature Request

Improve speed of login - Feature Request

Importing from dashlane does not properly parse OTP

Clickjacking mitigation for 1Password business