OneLogin is a top Identity and Access Management (IAM) software developed to make business logins easy, and enhance the security and efficiency of your system. Onelogin helps secure user access to applications and devices, as well as cut down on IT time on employee onboarding and offboarding.
OneLogin is a cloud-hosted Identity and Access Management provider dedicated to businesses and organizations, to provide its users with a unified and consolidated cloud-based system. OneLogin makes identity and access management very fast, and reliable, equipping users with factual implementation of identity policy, and greatly cutting the bulk of your IT work.
The software gives your employees access to software and application that are compliant with the certified policy by ensuring that your company’s security policy is strictly adhered to across all your users and devices, be it cloud-based or on-premise. Used by over 300 applications vendors, and more than 70 SaaS vendors, OneLogin works seamlessly with other cloud-hosted applications such as Workplace, RemedyForce, etc.
With OneLogin, users can synchronize users from different directories such as G Suite, Workday, Active Directory, and LDAP. This software will save you the stress of managing on-premise directories by acting as a secure directory in the cloud, as well as an easy to use web-based interface that gives you the ability to manage users, authenticate policies, and control access.
OneLogin provides access to clients to streamline and automate user management over different applications. Unlike manual user management which is prone to errors, and time consuming, OneLogin provides automated onboarding and offboarding processes to reduce the involvement of humans drastically, and to restrict access control based on the title, department, location, and other paradigms. OneLogin’s user provisioning allows users to import data from external directories, and send them to applications that support them such as Salesforce, Samange, and Jive.
With adaptive authentication, OneLogin makes use of machine learning to determine if users should be prompted using Multi-Factor Authentication (MFA). It utilizes network, geography, time, and device to design a user profile to process the risk of new login trials. Login trials with high-risk values get prompted for MFA by OneLogin or any third-party authentication provider.
At OneLogin, there are over 5000 applications that make it possible to enable user provisioning, and Single Sign-On (SSO) for your applications. Integrations with these applications are regularly maintained, and new ones added frequently. Some of such applications include Salesforce, Evernote, New Relic, Asana, LivePerson, LinkedIn, Yammer, Amazon Web Services, Dropbox, Slack, Office365, Google Analytics, WordPress, Workday, Marketo, G-Suite, and many others.
OneLogin provides users with five (5) pricing options to choose from. The first option which is SSO is totally free and gives users Single Sign-On for employees for up to 3 applications, and 5 personal apps. It also provides Branding, Mobile and Desktop SSO, Online Support, and Cloud Directories for users. The Starter plan at $2/user/month includes all the features of SSO, as well as VPN Integration, Standard Support, Radius, Advanced Password Reset, and Standard Reports. The Enterprise Plan costs users $4/user/month and includes all the Starter Plan features, as well as Multiple Directory Integration, Custom Reports, Security Policies, Federation, VIP Support, Custom Connectors, and Multiple Languages. Lastly, at $8/user/month, the Unlimited Plan in addition to all the Enterprise features provides users with Workday Integration, On-Premises Provisioning, User Provisioning, and Custom Field and Mapping.
OneLogin stores portal passwords, and passwords that do not enable token based integration. Password stored are usually encrypted.
OneLogin performs three types of authentication. Form-based authentication, SAML authentication, and authentication into the OneLogin platform.
At OneLogin, access to certificate and encryption keys are restricted to a very limited number of OneLogin employees. Certificates and keys are public information and do not necessarily require additional security.
OneLogin currently supports five authentication factors.
Authentication factors that OneLogin support includes Fingerprint, Security Questions, User Browser Certificates, Multi-Factor Authentication, and Passwords.
There are a number of MFA methods that OneLogin uses. Some of them include Google Authenticator, Yubico, RSA SecureId, etc.
For account authentication, unlocking accounts, and resetting passwords, end users can choose the security questions they want to answer.
Yes, you can use Biometrics applications such as Apple TouchID to access your OneLogin account.
OneLogin provides all customer accounts with a key that is used to encrypt all the passwords on that account. This key is further encrypted by a master key that is stored in a secured place, outside of the account key. This whole process is possible using the server side on OneLogin, and all the passwords are encrypted with AES-256, which provides a strong algorithm for symmetric encryption.
The OneLogin browser extension uses user particulars stored in the cloud-hosted password vault. The credentials are retrieved by the browser extensions at the time the user is signed in and launches an application that it has access to per corporate policy.
Integrated Windows Authentication is the platform that OneLogin Desktop SSO uses. It automatically signs users into OneLogin as soon as they are signed into their Active Directory domain. As such, OneLogin does not have access to see passwords used in Desktop SSO.
Yes, your OneLogin password can be reset.
You can reset your password through the administration portal, via email, or by providing answers to multiple security questions.