Azure SSO Unlock - Is backend less secure?
Hello,
I have configured 1Password to unlock with Azure SSO. In my testing I have noticed that there is no Secret Key function using this method. My question is regarding securing of the back end data.
Without being presented a Secret Key as compared with a non-sso login, are there still additional hashing or encryption mechanisms that help to secure the back end when using Azure SSO as the unlock option?
Thanks!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Hello @Charles82,
Thanks for asking about the security model of 1Password with SSO vs a Secret Key. While the security model of 1Password with SSO is subtly different, 1Password accounts using SSO rely on a trusted device model to protect the encryption keys, instead of using the Secret Key (in part) to derive encryption keys. The end result is the same: Strong encryption, with both the 1Password team, and the identity provider, having no way to decrypt the contents of your vaults.
There is a fantastic support article on our website with more detail, which you may find helpful: About 1Password Unlock with SSO security
Check it out and let me know if you have any questions.
1
