Why can't an admin deauthorize a device a team member is using?
As an admin I want to restrict one of my team members from using 1password on their phone. I don't see where to select this device and deauthorize it. However, when this member logs in on the web browser they can go on their profile and restrict the device themselves. Is there anyway I can do this from the admin console?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:deauthorize
Comments
-
@coopjmr: No. It isn't possible to "restrict" specific devices. When signing in to a 1Password.com account in the app or web browser, these are all treated equally: if you enter the correct credentials you can authorize it. You can deauthorize a previously-authorized device, but there's no way for you to tell 1Password.com in advance that a specific type of device or browser should not be allowed to connect for your own account in the first place, and similarly this isn't possible for you to do with someone else's account either. I'm not sure that would even be appropriate in most cases, and frankly restricting people from using 1Password on their devices won't stop them from signing in to accounts; it just encourages them to do so less securely (emailing passwords, using weak ones, etc.) I appreciate that you you may have legitimate reasons for wanting to do this though, so while it isn't something 1Password can do for you, I'd love to hear about the specific use case, as it could inform what we do in the future.
0 -
We also would appreciate this feature in the future. We want to restrict some team members from using 1Password on their phone for security reasons. They should not carry around all our company passwords with them - they should only have access within the company building. Maybe even an access restriction based on our company IP address would be helpful.
0