惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
Recent Commits to openclaw:main
Recent Commits to openclaw:main
H
Heimdal Security Blog
SecWiki News
SecWiki News
H
Hacker News: Front Page
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
TaoSecurity Blog
TaoSecurity Blog
AI
AI
C
Cybersecurity and Infrastructure Security Agency CISA
Scott Helme
Scott Helme
PCI Perspectives
PCI Perspectives
S
Securelist
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Cyberwarzone
Cyberwarzone
A
Arctic Wolf
Forbes - Security
Forbes - Security
T
Tor Project blog
Spread Privacy
Spread Privacy
WordPress大学
WordPress大学
I
Intezer
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
P
Proofpoint News Feed
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
博客园 - 司徒正美
W
WeLiveSecurity
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
V
V2EX
P
Palo Alto Networks Blog
Google DeepMind News
Google DeepMind News
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
V
Vulnerabilities – Threatpost
Jina AI
Jina AI
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
Simon Willison's Weblog
Simon Willison's Weblog
Project Zero
Project Zero
T
Threatpost
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research

Blog on 1Password Blog

Why secure-by-design is an incentives problem, with Bob Lord | 1Password NIST and AI agents: 1Password’s approach to agent identity | 1Password Go beyond device health with External Checks in 1Password Device Trust | 1Password Natoma and 1Password help enterprises scale AI securely with governed agent access | 1Password New integrations between 1Password SaaS Manager and EPM | 1Password A first step toward post-quantum security | 1Password RSA 2026: Leading the way to secure agentic AI | 1Password How 1Password is Building a Culture of AI Fluency Through AI Champions | 1Password 1Password vs. Keeper Security: A comparison | 1Password 1Password vs. LastPass: Which is right for you? | 1Password Secure MCP credentials with 1Password and Runlayer | 1Password The next layer of AI security | 1Password Building the next chapter of Go-to-Market in EMEA | 1Password Automating SOC workflows with 1Password Enterprise Password Manager | 1Password Automated Provisioning hosted by 1Password: A Simpler, Smarter Way to Manage Access | 1Password Introducing 1Password® Unified Access: Identity Security for Humans and Their AI Agents | 1Password Next-generation automated provisioning, without compromising zero-knowledge security | 1Password Bitwarden vs. 1Password: Which password manager is right for you? | 1Password Password Manager for Families, Enterprise & Business | 1Password | 1Password How to wrangle SaaS contract renewals | 1Password Stop trusting consumer browsers with work credentials | 1Password IAM stops at sign-in. Your credentials do not. | 1Password Your digital pit crew: a 10-minute pre-race security checklist | 1Password 1Password Device Trust is coming to EMEA | 1Password The identity transformation: Analyst and CIO insights | 1Password Why now is the moment to join 1Password Go-To-Market | 1Password Identity and Accountability in the Age of AI Agents | 1Password How 1Password secures agent architectures | 1Password 1Password becomes the first global partner to transact through Express Private Offers in AWS Marketplace | 1Password Start Learning on 1Password Academy | 1Password Expanding Programmatic Access to 1Password | 1Password Zero knowledge vs. a malicious server: A look at ETH Zurich’s research | 1Password Agents are making filesystems cool again | 1Password Black History Month employee spotlight: Joseph Ojelade | 1Password 1Password's new benchmark teaches AI agents how not to get scammed | 1Password Streamlining SaaS onboarding and offboarding | 1Password 3 common SaaS Management challenges and how to avoid them | 1Password How 1Password Is Evolving Its Partner Ecosystem | 1Password How to build secure agent swarms that power production-grade autonomous systems | 1Password From magic to malware: How OpenClaw's agent skills become an attack surface | 1Password Solving the unsanctioned SaaS problem | 1Password 1Password and 60 Day Hustle: cybersecurity for small businesses | 1Password Security advisory for AI-assisted browsing interactions with the 1Password browser extension | 1Password It’s incredible. It’s terrifying. It’s OpenClaw. | 1Password What’s the first security tool your small business should buy? | 1Password As AI Supercharges Phishing Scams, 1Password Introduces Built-In Protection | 1Password How to interview with confidence at 1Password | 1Password Five tips for successful SaaS Management | 1Password SaaS Manager | 1Password Why SaaS License Waste Is a Cost and Security Problem | 1Password AI is changing the IDE. With 1Password, security keeps up | 1Password How IT teams can get a handle on shadow IT | 1Password Bringing secure, just-in-time secrets to Cursor with 1Password | 1Password The Chasing Entropy Podcast Season One is in the Books | 1Password Now available via QBS Software: 1Password Enterprise Password Manager – MSP Edition | 1Password The role of credentials in the AI espionage campaign reported by Anthropic | 1Password The hidden offboarding step draining your budget | 1Password AWS and 1Password: Innovation in AI and beyond | 1Password Simplifying credential security on OpenAI Atlas | 1Password From Social Work to Social Impact: Growing at 1Password | 1Password Improving in-page notifications in the 1Password browser extension | 1Password Password Manager for Families, Enterprise & Business | 1Password | 1Password Now available via Renaissance: 1Password Enterprise Password Manager – MSP Edition | 1Password Behind the wheel at Oracle Red Bull Racing | 1Password Securing MCP servers with 1Password: Stop credential exposure in your agent configurations | 1Password What’s new in 1Password Enterprise Password Manager - Q4, 2025 | 1Password Belonging as a catalyst for high performance | 1Password Password habits are worsening, but leaders see a path to passwordless | 1Password A simpler, faster way to unlock 1Password | 1Password Oracle Red Bull Racing Episode 4, CIO Matt Cadieux | 1Password 70% of IT and security pros say SSO is falling short | 1Password 1Password's Phishing Survey: Avoid Holiday Phishing Scams | 1Password Securing the Win | 1Password SaaS optimization: How to maximize value and reduce costs | 1Password The enterprise AI crisis: Unsanctioned tools and unenforced policies | 1Password An Identity Security taxonomy for Agentic AI | 1Password Introducing new .env file support in 1Password environments | 1Password Speed and security: Mark Hazelton on protecting Oracle Red Bull Racing’s most valuable asset – its data | 1Password 1Password for Good: Giving back during cybersecurity awareness month | 1Password Utah Mammoth and Utah Jazz score with identity security | 1Password Oracle Red Bull Racing CEO and Team Principal | 1Password Three signs you need a SaaS Management Platform | 1Password Closing the credential risk gap for AI agents using a browser | 1Password Microsoft and Dropbox password managers are sunsetting: What it means and what to do next | 1Password From hackathon nerves to internship wins: Kavya’s journey at 1Password | 1Password 1Password now available in Comet, the AI-powered browser by Perplexity | 1Password 1Password announces new integration with Zscaler | 1Password Breaking the mold: Why more women should consider a career in sales | 1Password What security leaders need to know about mergers and acquisitions | 1Password Clickjacking: What it means for 1Password users | 1Password AI and security at Black Hat: 5 key takeaways from a security expert panel | 1Password Blog | 1Password Do any CISOs feel lucky? | 1Password How to lead with confidence in the AI era: a conversation with Nancy Wang, VP, Engineering | 1Password New Device Trust Check makes browser extension enforcement easier | 1Password Purpose, performance, and trust: Inside the culture powering 1Password’s next chapter | 1Password Now available on Pax8 Marketplace: 1Password Enterprise Password Manager - MSP Edition | 1Password The security principles guiding 1Password’s approach to AI | 1Password Choosing the right SaaS management platform for your business | 1Password Simplify access reviews with 1Password SaaS Manager | 1Password How great usability tripled Duke University's password manager adoption | 1Password
Managing the risks of social logins | 1Password
info@1password.com (1Password) · 2026-01-25 · via Blog on 1Password Blog

Social logins like ‘Sign in with Google’ make life more convenient for employees. Employees no longer need to remember numerous passwords, and IT teams can reduce the risk of reused credentials. But there are several security risks. 

1Password’s recent Annual Report found that 27% of employees have used the same passwords for both their work and personal accounts. Bad actors are aware of this; a well-known technique to compromise user accounts is to take usernames and passwords from a breached website and try them elsewhere. 

One potential solution to this problem are social logins, like “Login with Google,” which allow users to use their Google username and password to login to other websites. This means that they don’t  have to create new usernames and passwords for every new website and application they sign up for. 

Social logins use a technology called OpenID Connect, or OIDC. OIDC utilizes a special protocol by which the application delegates authentication to another provider (in this case, Google) who then authenticates the user, and confirms for the web application that the credentials are correct. This makes employees’ lives easier because they do not have to remember as many usernames and passwords. For this reason, many IT managers allow their users to use "Login with Google" (technically, OpenID Connect, or OIDC) on other websites or third party SaaS apps.

What is OAuth and why it matters

OIDC is used for authentication, and it often sits on top of another layer, OAuth 2.0, which is responsible for app authorization. In short:

  • OIDC : Confirms that a user is who they say they are.

  • OAuth 2.0 : Allows users to grant apps permission to access data or carry out actions on their behalf. 

OAuth 2.0 is commonly in action when signing into a new app, when a user sees a screen saying, “Application X wants to access your Google Account.” It explains what the application wants to be allowed to do, with some smaller text urging the user to think through the risks, and a nice big blue button saying “allow."

It’s easy to click “allow” without reading the small print, but these permissions, also known as OAuth scopes, can give an app the ability to read emails, access documents, and modify settings.

This highlights the hidden risk of social login; identities outside SSO increase a company’s unmanaged attack surface. As convenient as social logins are, they can lead to security risks across SaaS ecosystems.

Even trusted employees can expose sensitive data; a single click on a social login button could create backdoors into company data, from company IP to sensitive customer data. IT teams are challenged to understand which applications are being used, who has access to which tools, and secure their attack surface before there’s an issue. 

Blocking everything isn’t the answer

Often enough, the instinctive reaction is to block all OAuth access, but this is unlikely to be practical. Thousands of apps use OAuth to help boost productivity, and blanket bans can frustrate teams and have an impact on business operations. This can even cause employees to find workarounds,  actually increasing access risks rather than reducing them. 

Another option is for IT teams to try track Oauth access manually, which may entail reviewing every app, identifying potentially risky access, and revoking permissions. While this can be effective, it’s time-consuming, can be prone to human error, and doesn’t stop users from re-granting access in the future.

How 1Password SaaS Manager manages OAuth access

This is where a SaaS management platform like 1Password SaaS Manager can help. Rather than relying only on manual tracking or Google’s admin controls, 1Password SaaS Manager gives full visibility into OAuth permissions, helping IT monitor risk without slowing users down. 

With a couple of clicks, 1Password SaaS Manager connects to a team’s Google Workspace domain and identifies the SaaS apps that users are accessing. 1Password SaaS Manager then flags risky permissions, including Oauth logins, and shows which users have access to what.

By automatically discovering SaaS apps and AI tools, 1Password SaaS Manager enhances SaaS security, makes sure that no app goes unnoticed, and reduces the chances of risky access staying hidden.

This approach allows IT teams to transition to business-led security, monitoring risk without slowing down employees. This lets employees enjoy the convenience of social logins while ensuring that organizations maintain confidence in security.‍‍

SaaS management for social logins

Google’s access control features are helpful, allowing admins to block apps and manage permissions. However, unmanaged social logins can lead to shadow IT and uncontrolled access to sensitive data. 

1Password SaaS Manager provides complete visibility into OAuth logins, with automated discovery and risk assessment for thousands of apps. This provides teams with the ability to identify , assess, and manage social logins, and the tools to automatically reach out to employees and better understand business needs. Admins can identify risky access, such as read/write permissions, and either export any findings or take action directly from the dashboard.

This combination means that teams can take advantage of the convenience of social logins while maintaining compliance, security, and visibility.

To begin discovering OAuth login risks, schedule a demo of 1Password SaaS Manager