“Isn’t the data saved in 1Password protected by only one password, just like SSO?” Which brings me to another question we receive quite often that I didn’t mention at the beginning. There are fewer passwords for your team to manage with SSO, and the passwords people do have need to be stored properly. And, as we know, strong passwords used throughout an organization help guard against a variety of things, including brute-force and password reuse attacks.Īpart from the automatic suggestion of complex and unique passwords, each password created by the generator is saved automatically - safe and secure. It’ll do the same for existing accounts, too, if people want to strengthen current passwords. 1Password has a built-in Smart Password Generator that automatically suggests passwords for new accounts as they’re created. The strength (or entropy) of passwords doesn’t increase magically, though. But when 1Password is implemented alongside an SSO, the logins created outside the SSO - and the login for the SSO, for that matter - are much stronger. Beyond the accounts ITOps are aware of lie many they know nothing about. The point of my colorful parallel is that, while your attack surface may be reduced when you use SSO - people will have fewer passwords - it’s definitely still vulnerable. If only you had that two-way offensive defenseman/attacking defender… Before you know it, your opponent scores and you lose the game. You have a big advantage, but you let your guard down and play loose. You won the draft lottery the previous year and signed the league’s top center/quarterback (choose your own adventure here) in the off season. I’m a sports fan, so let’s use a fun (maybe) analogy since I seem to be well on my way to another post littered with figurative language. SSO and 1Password make a great team and, when they work together, they go a long way toward risk reduction. Now, let’s explore all this in more depth. 1Password, at its core, is a password manager that allows users to securely store, fill, and share (if they choose) credentials, personal information, and documents. SSO solutions allow users to authenticate with one username and password and use the same login session to access other websites and services. While SSO and password managers aren’t the same - they aren’t mutually exclusive, either. SSO, identity access management (IAM) solutions, and password managers are often conflated because they have similar high-level protocols: one login provides access to multiple accounts. Let’s start with a brief overview of the fundamentals.
I’m about to cheat and answer (hopefully) every question at once: You absolutely can (and should) use 1Password alongside a single sign-on solution. We get questions like ‘ Can we use 1Password and SSO?’ and ‘ Why do we need 1Password if our organization uses SSO?’ We’re often asked about single sign-on (SSO) solutions here at 1Password.
0 kommentar(er)
