Protect what matters – even after you're gone. Make a plan for your digital legacy today.
What’s new in 1Password Enterprise Password Manager (Q4 2025)
Hey everyone! 👋 We’ve been working closely with customers across industries this past year to understand where they need more flexibility, clarity, and control. That feedback shaped a new round of improvements that help teams deploy faster, manage more consistently, and stay secure without slowing anyone down. Here’s a quick rundown of what’s new: Security without friction New App Unlock presets give admins more flexibility in how people unlock 1Password. Organizations can align unlock behavior with their existing device policies, like allowing 1Password to unlock when the device unlocks while still enforcing auto-lock where needed. Teams can decide which presets are available, override them where required, or let users choose the option that fits their workflow. Vaults remain protected by device-level encryption – this simply changes when 1Password unlocks, not how it’s secured. Get teams set up in less time A couple of updates make it easier for new users to get started confidently: The new Browser Extension policy helps guide new users to install the 1Password browser extension during setup. Guided Setup now introduces people to the essentials of using 1Password in their environment and adapts to each organization’s configuration. Together, these reduce confusion during onboarding, minimize IT overhead, and help people start saving and filling credentials right away. New policies provide more control As organizations scale, admins often need fine-grained control over how credentials are saved and submitted. New policy options now allow admins to configure: Autosave: Choose which item types (Logins, Credit Cards, Addresses, 2FA) are saved automatically. Autosubmit: Turn off automatic form submission. Sign-in Attempts: Define how many failed login attempts are allowed before an IP address is temporarily locked for that user, helping safeguard against brute-force attacks. These updates help standardize behavior across the organization while still giving teams the right amount of flexibility. Set up your 1Password instance to reflect how your organization operates Multi-tenancy introduces a new account model designed for scale that brings more clarity and consistency to large or distributed organizations. Linked Accounts let you connect a parent account to any number of child accounts within the same data region, organized by geography, department, or business unit. Policy Templates make governance easier by letting the parent account create reusable templates, decide what child accounts can override, and apply standards instantly. It’s a flexible way to maintain consistent security while letting teams operate independently when they need to. Coming in 2026 A couple of updates already in motion: Automated Provisioning hosted by 1Password connects directly to Okta and Entra ID, eliminating the need for self-hosted SCIM bridges so teams can deploy faster with less infrastructure to maintain. A redesigned Audit Log that brings all user and admin activity into a unified, human-readable view, making investigations and compliance reviews much easier. These improvements are all steps toward making enterprise deployment smoother, governance clearer, and day-to-day work less of a lift for admins and teams alike. If you’d like a closer look (including screenshots and examples) you can find the full breakdown in our latest blog post.
Eliminated Entra user keeps stuck in 1password
A user removed from a group in EntraID is still active in 1Password with an active license. What can I do to remove them directly from the 1Password console? I've tried adding them back to the group, removing them from the group, and they're still there. Please help.
[Feature request] Planned suspension of user accounts
In many corporate environments, security and compliance policies require that when an employee or collaborator leaves the company, their access to critical systems is revoked immediately, typically on the same day or the next. Given how sensitive the data stored in 1Password can be, it’s essential to be able to enforce timely account deactivation. Feature request: Allow administrators to schedule a future suspension date for user accounts. When this date arrives, the account should be automatically suspended, and all active sessions (including on native apps and browser extensions) should be invalidated (ideally even if the user is offline at that time). While SSO integration can centralize user lifecycle management, it’s a relatively heavy setup for many organizations. A built-in scheduled suspension feature would help teams that rely on manual user management achieve better compliance and security without the overhead of SSO.
How long after leaving a company do users have access to 1Password?
How long after leaving a company do users have access to 1Password? For example, when an employee leaves accompany that offered 1Password business and the user also set up a personal one password through the business account offer of adding family members to free 1Password. How long will that user have to pay for a personal account before their account gets deleted?
Research opportunity: Help shape the future of 1Password + gift card for your time
Hey 1Password community 👋 Our team is running 1:1 research interviews with current 1Password Business customers, and we’d love your insights. We’re especially interested in hearing from folks using the 1Password Enterprise Password Manager (with or without 1Password Device Trust or Trelica by 1Password), and who are involved in managing access, identity, and device posture at their company. Our goal with this research is to better understand how access is managed in the real world, especially in places where SSO, IdPs, and MDMs may not reach. Your feedback will directly influence how we evolve our products and features going into 2025. Who we’re looking for: Admins, IT, or Security leads at companies with 500–3,000 employees in North America, Europe, or Australia Decision-makers, or those with hands-on experience managing access tools Current users of 1Password Business and/or Extended Access Management What to expect: A 60-minute live interview Flexible scheduling between August 4th and 15th A $100 gift card from popular retailers as a thank-you We only have 10 slots available, so if you’re interested, please fill out this short screener survey. Thanks for being part of the community, we’re excited to learn from you!
Cleaning up old passwords in company account
Hi community, I am looking for experiences with using 1Password in medium-sized companies. We have been using 1Password very reliably for several years now. However, I am still dissatisfied with our processes for cleaning up entries in 1Password. Especially after employees have left the company, password entries remain in various vaults, and it soon becomes unclear whether they are still valid and needed. I would like to have a process for marking such passwords and assigning them to other colleagues. They should then be tasked with checking the password and removing entries that are no longer needed. It would be good if there were a process for this within 1Password so that we don't have to rebuild references to the passwords in other tools. It would also help me if there were a status for passwords that would allow me to see whether not only the password entry can be deleted, but also whether the corresponding online account has already been deleted. (In this process, the Google account would first have to be deactivated, for example, and only then would the associated password be deleted from 1Password.) Are there already options within 1Password for such clean-up processes? How do other companies implement such processes? It is important to me to keep our content in 1Password up to date so that no outdated passwords and accounts are retained for the company. Thank you very much for your tips and experience reports! ThomasUser account still active in 1Password even though disabled/deleted in Okta
Hello everyone, we recently found out we still have an active user in 1Password that was created using User Provisioning through Okta. Now, the user has since been disabled and deleted in Okta, but in 1Password it still shows as active. How can we disable the user in 1Password? I can't find an option for that.
