Azure SSO Unlock - Is backend less secure?



I have configured 1Password to unlock with Azure SSO. In my testing I have noticed that there is no Secret Key function using this method. My question is regarding securing of the back end data.

Without being presented a Secret Key as compared with a non-sso login, are there still additional hashing or encryption mechanisms that help to secure the back end when using Azure SSO as the unlock option?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided


  • Hello @Charles82,

    Thanks for asking about the security model of 1Password with SSO vs a Secret Key. While the security model of 1Password with SSO is subtly different, 1Password accounts using SSO rely on a trusted device model to protect the encryption keys, instead of using the Secret Key (in part) to derive encryption keys. The end result is the same: Strong encryption, with both the 1Password team, and the identity provider, having no way to decrypt the contents of your vaults.

    There is a fantastic support article on our website with more detail, which you may find helpful: About 1Password Unlock with SSO security

    Check it out and let me know if you have any questions.

This discussion has been closed.