![]() I don't think it should be considered enterprise software. To me, 1password feels like a small-time solution that tried to bolt on some enterprise features to retain customers. Again, other password managers allow more fine-grained control. You can't, for example, allow a user to initiate vault resets without giving them full admin access to the entire thing. This discourages password rotation, and increases the likelihood of orphaned passwords in other vaults.ģ. If you want to share a password across multiple teams/vaults, you need to know about and maintain those entries for the same account, which means you also have to have access to all those vaults to manage that entry. ![]() You can't create links to passwords, which would allow management of an entry from a single location. When I asked the 1password team whether they'd consider invalidating local cache on 2FA failure, they did not seem interested.Ģ. This seems like a really flawed design - a 2FA failure should prevent access. they just can't sync new/updated entries. ![]() If a user fails (or skips) 2FA, they still retain complete access to any passwords/vaults they previously locally synced. Three of the biggest issues I have with 1password:ġ. ![]() When compared to other offerings (LastPass, BitWarden) 1password consistently comes up short in enterprise features. ![]()
0 Comments
Leave a Reply. |