OneLogin is a powerful, enterprise-level password manager that is going to require some serious skills from an IT manager to get the most out of it. Individuals will likely tear their har out, though. Check out our full OneLogin review for the details.
Free plan available
OneLogin is an enterprise-level solution for password and credential management that won’t even let you sign up without at least five users and a business email address. If it already doesn’t seem like what you’re looking for, head to our best password manager roundup to find something that’ll be more suited to your needs.
That said, if you’re the head of an IT department or company, what we cover in this OneLogin review might interest you. Though the interface is inhospitable for most people, OneLogin is powerful in the right hands and can save your company and employees a good amount of time.
If you’re looking for a capable password management system that’ll keep your employees organized, OneLogin might be the ticket. It can be pricey and even require an API developer to help you get what you need out of it, but the benefits could be worth it for some companies.
- Desktop single sign-on
- Adaptive login
- Hardware keys
- Tons of options for multi-factor authentication
- Requires several users
- Difficult to use
- Time-consuming to setup
Because of its corporate clientele, OneLogin is all over the map when it comes to features. Starting with the most basic features that we expect every decent password manager to have, there’s a password generator, but, not to toot our own horn, the one on our website is more feature-rich and configurable.
Unfortunately, though, there’s no automated password changer, which means all the generated passwords still need to be set up manually in their respective accounts. Read our Dashlane review to learn more about that convenient feature.
OneLogin has a browser extension for Google Chrome, a browser interface, a desktop client and apps for Android and iOS, each of which have different features and capabilities.
Most of the account management will happen in the web interface, including setting credentials, giving levels of permission and adding or removing users. Though users can be added in bulk with .csv files, passwords can’t be bulk imported for different accounts. Instead, .csv files can be used to mass import accounts for one service, but not different accounts for one user.
We were told it’d probably be possible to have someone develop an API that’d allow for mass importing of different accounts in a single .csv file, though. That emphasis on APIs and making what your company needs out of OneLogin is one of the several things that solidify it as catering to large companies that have skilled IT people on staff.
OneLogin Extension and Mobile App
The extension is minimal and serves two functions. First, it allows users to fill password fields automatically. Second, it tracks when a new account credential is used and lets users save the new login information to their account.
The mobile app is also bare, which isn’t uncommon to see with password managers. Passwords cannot be added on the go. The app serves purely as a way for people to see their passwords and use them while out of the office.
The extension and the mobile apps share a common problem. If you’re logging in to an account that’s not one of the several thousand “apps” integrated into OneLogin’s database, they can be hit or miss as to whether the auto-fill function fills the login field or the field for registering a new account on some websites.
As for the desktop client, it’s designed to be a single sign-on solution. Users enter their OneLogin credentials when signing in to their computer and OneLogin automatically gets the user into the roughly 5,000 integrated accounts that it supports. That can be a huge time saver for the user and the company.
OneLogin Features Overview
OneLogin has three pricing tiers and the differences between them are vast and intricate. So much so, that it has provided this detailed pdf that outlines the differences between them.
Plus, to be eligible for the Starter plan, you must have at least 25 users registered. Only at the Unlimited tier, which is four times more and well over what anyone should really be paying for a password management solution, can you get a minimum team size of five people.
OneLogin offers a free 30-day trial that goes a long way toward helping businesses see if the service is right for them. It also has demos that can be scheduled with a sales rep. If you’re interested in trying a free password management service instead, check out our best free password managers article.
Any customer experience starts on a company’s website, and navigating OneLogin’s website is disorienting. There are menus inside of menus and an excessive number of options, most of which have awkward wording that makes it unclear where the menus go.
On one hand, there’s “pricing,” which is easy to find among the 13 options listed under the “product” tab. Then, there’s “IAM 101,” which is one of the 16 options under the “resources” tab. It sends you to a mass of general knowledge articles on topics such as 2FA and biometrics. That inclusion of strange pages makes the menus cluttered and the website difficult to navigate.
A business email is required to set up an account, which could be a hassle for some.
Once logged in, the web interface is barren, but, again, it has tabs at the top that show drop-down submenus with too many options when moused over. They also have ambiguous and awkward phrasing. For example, your passwords and accounts are stored in the “apps” tab and referred to as “apps” throughout the website.
Adding Users with OneLogin
Adding users is easy and can be done in bulk with a .csv file, but as we mentioned, that can’t be done with passwords. Bulk passwords for a single “app” can be imported for many users at once, but you can’t import multiple account credentials for a single user in one go. That makes setting up your company credentials quite a hassle.
Thankfully, the supported list of apps is massive and includes over 5,000 websites and services. OneLogin organizes them into dozens and dozens of categories, some of which only include one app.
This setup reinforces our belief that an IT person should handle it because once it’s done, things get much easier. Though the process is involved and time-consuming for the person in charge of the system, the user experience on the other end is streamlined.
If an employee using the service is using the desktop SSO client, all they experience is a single OneLogin password when they boot up (and a second authentication factor if that’s configured). That’s all it takes to be instantly logged in to everything.
OneLogin has covered almost all of its bases when it comes to security. The server uses AES 256-bit encryption, which is excellent and would take an eternity to crack using the most powerful supercomputers.
Plus, there are a lot of options when it comes to two-factor authentication for users. OneLogin has four that it manages, including a one-time code texted to your phone or phone call verification, in addition to many third-party alternatives.
Those third-party options include Google Authenticator and hardware keys provided by Yubico. The hardware keys can be issued to employees and generate a single-use, 40-character key each time the user logs in, which improves security.
OneLogin Adaptive Login
What’s more is that OneLogin has machine integration that operates a system called “adaptive login.” It tries to learn typical behaviors and patterns for each user, such as what devices they use and when they normally log in and access information.
Using that data OneLogin can lower or raise security appropriately. That can mean not requiring a second factor if the person is logging in from a familiar computer at a regular time or it can mean requiring multiple factors of authentication and sending a notification if the person logs in from a different country at 1 a.m.
Plus, those things can be setup manually under “risk-based authentication” settings. That gives the IT department or company heads a great deal of control over who can see what and when, such as preventing people from using the company DoorDash account at home.
OneLogin falls short in two places, though. It doesn’t operate with a zero-knowledge setup, meaning there’s no master password and all your information is available to the people who run OneLogin and its servers, and it lacks a security analysis feature, making it difficult to track how secure your company’s passwords are and how old they are.
Unusually, the main way to get support at OneLogin is by phone. Every time we tested it, we went through the same process. We sat on hold and listened to music for three minutes, then an automated voice told us we could keep holding or enter our number to be called back. We put in our number and waited each time, and the delay ranged from a couple of minutes to about 15.
Once we were called back, the person on the other end was friendly, got us the answers we were looking for quickly and did an excellent job of figuring out what we were asking, even when we didn’t make it easy on them. In some cases, we got follow-up calls if further information came to light or something needed checking on.
There’s also a respectable knowledgebase on the website that you can check before reaching out by phone. It’s well-organized, easy to search and covers a lot of topics in great detail. In fact, it sometimes include too much detail and begins to delve into IT territory.
Finally, there’s a user forum where you can post questions to get answers from fellow users or even a community manager. That said, the forum seems dead because there are posts that are months old that still have no replies.
Most people will know immediately if OneLogin is or isn’t what they’re looking for. If you’re just a single user looking for somewhere to store your personal account information, check out our catalog of password manager reviews because there are plenty of options for you there.
On the other hand, if you’re an employer or an IT person looking for a great way to save your team time in the long run, OneLogin offers a promising way to do so. Though the pricing is steep, especially for smaller teams, the service has impressive features that could improve productivity.
Have you tried OneLogin? What did you think of it? Let us know in the comments below and, as always, thanks for reading.