What happens when you reimage or lose your only trusted instance of 1Password?
We have just setup unlock with Azure and are testing it. Let's assume we have a staff person who has the desktop app and browser on one laptop and that laptop needs to be re-imaged or has a failure and you replace it.
You setup the new machine for the user and through the integration with Azure - the user can use their M365 credentials to unlock 1Password. However, since this is NOT a trusted machine - the process will ask the user to approve themselves from their other browser - which no longer exists.
Since Unlock with Identity Provider is turned on for the user - they won't be able to use their original password. And I'm not sure their Emergency Kit will work. Or will it?
Reimaging Machines or failing laptops happen all the time. I'd like to know there's a process for this that's not onerous.
Thanks.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Referrer: forum-search:validate
Comments
-
Hi @AdaminDC,
In the scenario you've outlined, where a user has no access to a trusted device, an owner or admin on the team will need to start the account recovery process for the user. This will allow them to set up a new trusted device and then set up others. After a user has successfully migrated to SSO unlock (and the grace period has ended), they won't be able to sign using an account password or Secret Key, so the Emergency Kit won't be helpful here).
Recover accounts for family or team members
You can also point your team members to the following support article on the subject:
If you’re having trouble unlocking 1Password with SSO
0 -
Thanks. I can confirm this. We tested the option to de-authorize all trusted devices for one user, which started the process and we recovered. I think it was good to figure this out BEFORE we rolled it out to all staff.
0 -
Happy to assist, and I'm glad to hear you were able to test this on your end.
If our team can be of any help going forward, please let us know.
0