Single Sign-On (SSO) providers like Okta protect businesses by combining all company-approved sites and services in a single dashboard. Employees can then use a single, strongly vetted identity to log in to those sites and services using a single set of credentials. It's better for security, and easier for employees.
Now, 1Password Business customers can access 1Password with their Okta credentials, too. When they do, they can extend their Okta authentication policies to 1Password unlocks, which helps unify auditing, compliance, and reporting workflows.
It also closes the gaps that SSO alone can't fill. SSO protects logins covered by SSO providers. 1Password protects so much more, like sensitive documents, payment cards, and developer secrets like API tokens and SSH keys. The move also simplifies signing in to 1Password for employees, so there's one less set of credentials to keep track of.
1Password has long been a favorite password manager among security-minded enterprises because of its use of unique, multi-layered encryption to protect customer data. In addition to an account password, 1Password also requires a Secret Key: a unique, 128-bit, machine-generated code that's mathematically infeasible to crack—and that even 1Password can't access.
The multi-layered approach ensures that even if an attacker were to breach 1Password, they still wouldn't have access to customer data. Even if they somehow obtained an account password, they couldn't get in without the Secret Key.
1Password maintains its zero-knowledge architecture with Unlock with Okta through a trusted device model. The result is the same uncompromising security that comes with the Secret Key: Even if identity provider credentials are compromised, attackers still wouldn't have access to customer data.
Setting it all up is easy. A straightforward setup wizard guides admins through the process from the Admin Dashboard. Just enter your Okta account details, and then test the connection between 1Password and Okta. From there, choose how to roll out Unlock with Okta to employees—either in stages, as 1Password recommends for most cases, or all at once.
If employees use biometrics to sign in to Okta, they can continue to do so. None of Okta's security features are changed, weakened, or complicated by the integration.
1Password also has big plans for securing and simplifying sign-ins even further, with the recent announcement of passkey support. Passkeys are the modern alternative to passwords and are more secure and far easier to use. 1Password customers will soon be able to unlock 1Password using passkeys, and store passkeys for other sites and services in 1Password for easy sign-ins.
Unlock with Okta is the first of many SSO integrations coming to 1Password, with support for other providers—such as Azure, Duo, and Ping—coming soon.
If you’ve been hesitant about adding a password manager to fill the security gaps in Single Sign On (SSO) user authentication, now is the time to move ahead with confidence. Get started today.