Account Key and Two-Factor Authentication

124»

Comments

  • Brian
    Brian
    1Password Alumni

    Hi there, @XIII !

    Great question! :)

    One of the main reasons for the Duo integration being available for Teams is due to corporate/business requirements. Some companies require their employees or systems to have certain features available, and sometimes 2FA is one of those.

    Although Duo is currently only available for Teams accounts (enrolled in the Beta program), I appreciate you voicing your feedback for the future integration of the feature.

    Feel free to let me know if you have any further questions! I'm always happy to help! :)

  • AGKyle
    AGKyle
    1Password Alumni

    Hi @XIII

    I'll take a stab at this one.

    A trend we've noticed with our Teams customers is that many of them have a list of requirements and that list includes some form of 2FA. While 2FA may not add as much value to 1Password as it does for other sites we've found that the people who are in charge of asking these questions before subscribing often do not have the ability to change the requirements. Because of this 1Password Teams is less likely to be used in a business environment without the availability of that requirement. It's in this way that Teams and Family/Individual users may differ. It doesn't make 2FA any less valuable for other sites, but 2FA does provide a more limited value for 1Password users, as I think jpgoldberg has done a fantastic job of explaining in this discussion so far. We can try to keep our individual and family users informed of how the threat model works and they can make informed decisions, where sometimes businesses aren't able to be as flexible.

    We use Duo specifically because it was a product that we found many businesses already use and provided a platform with many options and required little overhead from us to implement. Because Duo is already used by many businesses they were already familiar with management and had the platform setup. Our options were to implement our own 2FA solution which would've required a lot more work or we could leverage something like Duo that did a bulk of the work for us and was already used by many businesses. It was a fairly easy choice for us to choose Duo in this case.

    I hope that helps answer your question.

  • XIII
    XIII
    Community Member

    I hope that helps answer your question.

    Definitely! Thanks.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited March 2017

    If 2FA does not increase 1Password.com security, why is AgileBits offering Duo Mobile to teams anyway? Just wondering why it is available for Teams, but not for Families. Which requirements do differ between these kinds of customers?

    @XIII: Great questions. I also wanted to add that, as Kyle alluded, Duo offers a lot of different options for authentication that companies already using Duo already have in place. I couldn't even tell you what all of them are off the top of my head. I'd have to check their website again. Some companies have super specific requirements for the type of 2FA used. Anyway, all of this is transparent to 1Password.com, as it's configured on the Duo account and can be enforced there as far as which options a company wants to allow. It isn't free though, so it's something we're able to offer with 1Password Teams Pro accounts only since there are costs involved. But more importantly this offers administrative security for accessing the web interface, but still doesn't increase data security since it doesn't augment the encryption the way the Account Key does. But it's nice to have there both for compliance and because web apps can't be signed the way that native apps can.

  • XIII
    XIII
    Community Member
    edited March 2017

    It isn't free though, so it's something we're able to offer with 1Password Teams Pro accounts only since there are costs involved.

    Apparently LastPass offers Duo Security even with LastPass Free: https://duo.com/docs/lastpass

    (kind of a surprise to me; I did try it once with their Premium account though and that worked fine)

    Isn't the Duo Free plan sufficient for 1Password.com Individual and Family users? https://duo.com/pricing

    I guess AgileBits has to pay per (active?) user?

  • prime
    prime
    Community Member

    One thing I've learned in life, nothing is ever truly free.

  • AGAlumB
    AGAlumB
    1Password Alumni

    One thing I've learned in life, nothing is ever truly free.

    @prime: Ain't that the truth! :lol:

    Isn't the Duo Free plan sufficient for 1Password.com Individual and Family users? https://duo.com/pricing I guess AgileBits has to pay per (active?) user?

    @XIII: That's exactly it. Even though a personal account is completely free, Duo's business model is (roughly) that companies who integrate it pay for the big features. And paid accounts get all the good stuff (APIs, phone, management) that many large companies require, so it's just included in the 1Password Teams Pro plan.

  • benfdc
    benfdc
    Community Member

    I guess this is also one of the differentiating features between 1Password Teams and 1Password Families.

  • Yep. :)

    Ben

  • Hi folks! With the launch of 1Password Business, we've also added two-factor authentication for all types of 1Password accounts. That means you can set it up with a personal account, a family one, or a team one from your profile page.

    Turn on two-factor authentication for your 1Password account

    If you have some questions, feel free to let us know. Hope you like it. :blush:

This discussion has been closed.