Additional features
I'm evaluating 1Password as a possible enterprise solution for a client. It meets all the mandatory requirements but there are a handful of desirable requirements and I am unable to find any information as to whether these are supported or not. They are:
• The ability to configure a custom declaration that the user must read and agree to before being given access to the password management solution.
• The ability to configure a prompt to inform users to change their passwords after a configurable period.
• The ability to enforce password strength for user accounts stored in the password management solution (as opposed to password strength for access to the password management solution).
• The ability to receive administrator notifications on password infringements, e.g. passwords not updated on time.
Are you able to advise if these are available or if not if they could be implemented either by you or by the client using your development tools/API.
Thanks
Steve Mustard
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: kb:secure-by-design, kb:sync-options
Comments
-
*1 could be just done via normal contract sent by mail. Tedious, but possible.
*2-4: +1
That password change prompt sure would be useful, since most websites / platforms don´t offer it.0 -
Hey @mustards
It is great to hear that it meets all the mandatory requirements :)
We don't have a custom declaration that is automatically sent new users. There is a comment section that you can use when sending out invitations. Perhaps you could add a link in there to a page that has your declaration. It wouldn't automatically prevent them from gaining access however.
I do like the idea of a password change prompt and/or password requirements. It can be challenging however as different sites and services have different requirements and you'd have to be careful not to set a password requirement that can't be supported by one of the sites being used. While there is no such feature in place today, your users can use the Security Audit feature of the desktop apps to see which Logins have not had their passwords changed recently.
Thanks
-Jeff0