It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
How do I transitioning from 1:1 mapping of authentication to authorization to simpler options?
I have never taken the following suggestion: In this example, let's say I work for Consult-o-rama, and the account referred to is Microsoft here is a login called Consult-o-Rama in my Consult-o-Rama vault dedicated to all things Consult-o-Rama. (I'm an employee of Consult-o-rama) the Sharepoint referred to here, then, is a SharePoint of a company which was a joint venture 30 years ago and with whom we have a close relationship. They have their own AD, but federatio nis such that we are allowed to log into their sites separately using our same login. Likewise we can switch orgs in Teams and use their separate teams with the same credentials. Sites appear in this login record in 1Password so that this credential can autopopulate on any sites i've put into the sites fields there. Other background: I have 4+ vaults. consult-o-rama, client 1, Client 2, Persional, and then Client <#> for however many clients I need to have them for. I use separate browser identities and have the vaults in the plugin filtering only on the relevant vaults. the login credential record "Consult-o-Rama' is one of 5-10 microsoft account. I log into at least that many SharePoints None of my login credential records are named Microsoft or SharePoint. How can I best use the funtcionality I'm being prompted to use without: Creating duplicate records of login credentials. Being clear about mapping identities an being able ot lble "Microsoft" in this example instead as "Consult o Rama', and "SharePoint" instead as "consult-o-rama" SharePoint. So that in the future I can map 1 to many and many to 1 logically and without confusion? Thanks!,
Failed login attempts
Hello, it appears that one may hack away at 1Password logins w/o concern for the number of failures. Is this true: if not, where may I find doc regarding such? The admin "Sign-In Attempts" report is eye-candy and of limited practical use. The Activity Log has a "Login Attempts Exceeded" option, but the value of the count is no where to be found. For a serious enterprise offering, the following should be available: 1. Account lockout after organization specified number of failures. 2. Alert mechanism to inform owners or admins of high number of login attempts (or at least the lockout occurred.) 3. A easy-to-find report showing suspicious activity. Please let me know I'm mis-informed on these items.Password entropy
I would like to see the password entropy when creating a password. For example, What is the strength of this? Consider this article: https://blog.syss.com/posts/passphrases/ It would be very helpful to have some confidence of the strength. Note this password generator doesn't provide any sort of length information. While the specific length may reveal too much information, if this could at least provide a some idea what the entropy is, its better than nothing. Even the character count of the generated password is good feedback. As it is, this feature is designed for novice users and doesn't provide significant confidence when looking for fitting in with technical requirements. Finally, this random password: was generated by 1Password. Rather than simply putting "Weak", given that the generation specs were known, it would be really helpful to include the entropy alongside of this. How "weak" is "weak"? Thank you for the consideration.
Help with 1Password SSO Unlock Across Multiple Desktops
Hi, I’m looking for some assistance with 1Password in a small office environment (around 45–50 desktops) that runs Hybrid AD. We’ve enabled Unlock with SSO, and it works fine on a user’s first workstation. However, when the same user signs in on another workstation, 1Password prompts them to transfer their encryption key. The challenge is that our users often move between desktops throughout the day depending on their work schedule. This constant key transfer prompt is disruptive. Is there a way to disable this key transfer requirement or a recommended best practice to allow seamless use of SSO across multiple desktops? Thanks in advance for any guidance!
Can not sign in Desktop Application after SSO integration
We integrated Google Workspace SSO to our 1Password team accounts. After that I can not sign in to desktop application. It does not redirect me to single sign on user interface. But I can log in to system on browser. When I click sign in with google then it gives the error pop up like below:
Issue re-instating employee
Hello, We provision 1Password from AD. We had a user resign and return shortly after. We had not wiped their device so we returned it to them. They were removed and re-added to the group we use to control who gets invited and their account and profile look normal on the 1Password admin console. We initiated a recovery which they completed. Upon trying to sign-in they are prompted with the message: This device was deauthorized. You will need to re-enter your Secret Key and sign in again. We have not encountered this before nor can we figure out how to re-authorize the device. The used does not have their original Secret Key.
