Enterprise SSO prompt is really disruptive

gerges
gerges
Community Member
edited July 2021 in Business and Teams

Hey, I'm a 1password that has an enterprise vault. It looks like my company has opted for pretty aggressive session length which means that multiple times a day I open 1password (via the chrome extension or mac app) and I'm immediately prompted with an Okta login and two factor. I've gotten in the habit of just dismissing these because I know the items in my vault haven't changed since the last time it checked.

Would it be possible to allow for some preflight "am I up-to-date" check that didn't require the full auth for sync? Would be great if I only saw that prompt if there was actually something to sync.

Thanks!


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @gerges,

    Welcome to the 1Password Support Community. I'm sorry to hear about the disruption to your workflow.

    From your description it sounds like your company may be relying on Duo to act as two-factor authentication for your 1Password account. I also see that you mentioned Okta may be at play here. If that's the case, it may also be prompting you to authenticate another service or application on your system, though I cannot be sure.

    Just to check, are you seeing a prompt similar to the one shown in the following support article?

    1Password wants to use 1Password.com to sign in

  • gerges
    gerges
    Community Member

    Yup. I see this prompt maybe 2-3 times daily. When I unlock my vault, even if there's no need to sync. I can press cancel (or close the window) and keep logging in but it's pretty disruptive

  • I appreciate the confirmation. For some background, that Duo prompt is occurring on the operating system level, and we at 1Password don't have the ability to modify this or to take item updates into account, unfortunately.

    Clicking Cancel will ensure Duo continues to prompt you to authenticate. While this won't lock you out of your existing data saved to the local encrypted cache on your device, as you're aware, any recent updates won't be downloaded to the 1Password app from our server until authentication occurs by accepting the prompt. The frequency in which you receive this prompt is determined by your administrator.

    The best recommendation I can give, and while I fully understand how it can be disruptive to your daily workflow, is to always accept the prompt to ensure everything runs properly.

    However, if you happen to be using the 1Password app on a personal device with both accounts signed in (employer-provided and personal), you can opt to sign out of the employer-provided account to bypass this. You can instead access the employer-provided account from 1Password.com if you need to view any work-related information.

This discussion has been closed.