Must I exempt 1Password cookies from deletion?
My employer has just bought 1Password and I'm tasked with deploying the app, the browser extensions, and related browser settings. I've been asked to push out settings to Edge, Chrome, and Firefox such that when a user deletes their browsing History, 1Password cookies aren't deleted.
I've searched the Community and have found posts wherein1Password staff say that cookies aren't necessary, but those posts are at least 2 years old. So, my question is, do I need to futz around with preserving cookies? I'm also having to lift and shift from on-prem tools to Intune and it sure would be nice to NOT have to fiddle with these settings.
And while I'm here... Where can I find administrator docs that might be helpful? I think I've pretty much got it sussed, but if there are docs I need to see, I'm all ears (all eyes?).
Deployment details (installers, silent switches, etc), settings that need to also be pushed, anything else?
TIA!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Hello @GrigorBundage! 👋
Thank you for reaching out! I recommend that your users avoid clearing 1Password's cookies so that they don't have to sign back into 1Password.com over and over again. Clearing history/cookies won't sign them out of the browser extension on Chrome/Edge/Firefox but it will in Safari due to the nature of how extension data is stored in that browser.
Regarding deployment of 1Password we have some great guides here:
Let me know if you have any questions. 🙂
-Dave
0 -
Thanks, Dave. A couple further questions:
We're using SSO to sign in to 1Password. Does that change your "don't delete 1Password cookies" stance?
Any chance you have docs on using Intune to configure Edge/Chrome/Firefox to prevent deletion of these cookies? I've set up a config profile for Edge/Chrome but they're not having the desired effect. That might just be result of how sloooow Intune can be. I only set it up just this morning. Or it might be that the config profile is wrong. There's nothing in Intune settings that says explicitly, "Don't delete
cookies from _____," so I took my best shot at the closest thing.0 -
When a user signs into 1Password.com with SSO, that browser becomes a trusted device that can verify new devices. If the browser's cookies/cache is cleared then the user will need to use another trusted device (or the 1Password desktop app on the same device) in order to sign back into 1Password. You can read more here:
Any chance you have docs on using Intune to configure Edge/Chrome/Firefox to prevent deletion of these cookies?
I don't have much experience with Intune personally but perhaps another community might be able to provide advice on that. Alternatively, it might be best to reach out to Microsoft support for dedicated advice on how to best configure Intune and your browser policies across your organization.
Let me know if you have any other questions about deploying 1Password itself.
-Dave
0 -
Thanks, Dave.
I think this is an example of an XY Problem*. I've been asked to do Y in order to resolve X, but I don't think Y is the correct pathway to get to X. I mean, how often will our users be deleting 1Password cookie(s)? I would expect the answer is "not very".
I'll read over the doc you linked to and holler back if I have any other questions.
Thanks much for your time.
0 -
That's an interesting Wikipedia article, thanks for sharing! I also don't think that most users will clear their browser's cache/cookies regularly. To make sure that users retain access to 1Password, I do recommend deploying the 1Password desktop app and advising users to sign into the app so that they have a trusted device that they can use to sign back into the browser if necessary.
-Dave
0
