OneLogin is an identity and access management (IAM) product from One Identity since the October 2021 acquisition, featuring single sign-on (SSO), multi-factor authentication, provisioning, cloud directory, and more.
$4
per month per user
Yubico YubiKeys
Score 9.2 out of 10
N/A
Yubico YubiKeys make the internet safer with phishing-resistant multi-factor authentication (MFA) by providing simple and secure access to computers, mobile devices, servers, and internet accounts. The Yubico YubiKey stops account takeovers at scale by mitigating phishing and ransomware attacks, and delivers users authentication with a simple touch or tap.
$3.94
per month per user
Pricing
OneLogin by One Identity
Yubico YubiKeys
Editions & Modules
Advanced (bundle)
$4
per month per user
Professional (bundle)
$8
per month per user
No answers on this topic
Offerings
Pricing Offerings
OneLogin by One Identity
Yubico YubiKeys
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
Yes
Entry-level Setup Fee
No setup fee
Optional
Additional Details
Aside from the bundle options, OneLogin offers its services a la carte, and therefore these prices can vary depending on your business's needs.
OneLogin is very convenient. Users can register their own iPhone or Android to act as their authorization device, meaning they will likely always have access to the OneLogin security code. The OneLogin application then allows the users to hit a button instead of inputting the security code to validate their two-factor authorization. OneLogin is great for businesses who need to enforce secure access into their various systems and tools. By consolidating the security into a single login with security device two-factor authorization, it makes it safe and easy to manage.
Yubico YubiKeys will likely always be my default recommendation for hardware security keys. It's well suited for environments where key portability is necessary, and for privileged environments where step-up or separate authentication hardware benefits the situation. For example, I can step up my Microsoft rights through PIM, but I'm required to use a Yubico YubiKey (AAGUID filter) even if I'm already using Windows Hello. This means that accessing my workstation doesn't grant rights, accessing my device AND my Yubico YubiKey does. I wouldn't necessarily recommend deploying Yubico YubiKeys to entire user populaces unless the situation calls for it (shared workstations, compliance environments, etc.). This is primarily centered around user training (which is a low bar, but still different), and dealing with loss (you'll want to budget for a % of key loss and be ready to rapidly issue replacements).
Connects with a lot of different vendors, tools, and sites. It is also customizable to where you can add almost any site you are logging into. This makes it especially useful for team members who may use a tool that other team members within the company do not use.
It works. I've used a few keychain apps that work for a little while, or never work, and this app works 99.99% of the time. Only on one experience have I experienced issue access sites and that was due to user error.
It's easy to update passwords and usernames within the app. It allows password resets to be an easy process and lowers the time in updating items everywhere.
So as I said, the second-factor authentication that it does is really well. The response time is really good and all you have to do is just enter the second factor code and that's about it. Right? So that's the good part about using Yubico YubiKeys.
Lack of administrative APIs for creating or setting up new connectors: This prevents the automated integration to federations and requires manual setup rather than discovery-based automated setup.
Customization of the interface: The potential configuration of the interface are still limited at the moment (logo, primary and secondary colors, background). This prevents the usage of the platform as a communication medium or to organize the space in a more standard fashion (for our institution)
There are some limitations with using the apps provisioning APIs that can lead to some termination or provisioning actions not being completed
It can be about access control because either right now it's just you have access or you don't have access. I think there can be a use case where you are allowed a particular set of servers and not a particular set of servers. I think maybe it's there or we don't use it, but I haven't seen that. I think I've used Yubico YubiKeys at two companies and I haven't seen that. Maybe that's something that can be added.
As for implementing YubiKey its simple so I don't see us using anything else as we have experienced no issues so fare. Adding these to our environment is still new for us currently but in the transition phase I only see us buying YubiKey. It is highly rated and well known and cost is reasonable so no need to find another solution.
OneLogin is very easy to use. The most complicated part is the user setup and even that is not difficult. After everything is working, using it day to day is trivial. All you have to do is have the application ready on your phone and you can use a single set of login credentials to access all of your tools securely.
I give slightly better than average rating because of the complexity in using a Yubikey. It is not as easy as native push notifications for 2FA products, however, it provides much better strength. Rating this higher or lower would be a disservice to people reading this review. If you are in the market for a hardware 2FA tool, Yubikey will be a great asset in your toolbox.
We have not experienced any issues with availability which is very important when you are dealing with a company that holds the keys to the gate. We have had more issues with availability from our SaaS providers before with authentication but that was on their end. YubiKey has worked every time for us over the course of the last 6 or so months we began testing phase.
We have not seen any lag in loading pages and getting into systems or sites. In comparison to other 2FA and MFA options it is actually faster most of the time to authenticate due to not having to type in. We require users to have long passwords and when there is an option given for password less they jump on it with excitement. As we explore going password less on their PC's the YubiKey is going to make their lives a lot easier to access the resources they need.
There has never been an issue where I have needed to use the OneLogin support so it would be unfair to rate them anything other than a 10 on their ability to provide support. Like I said its a very basic platform that we use it for with no issues.
I figured it all out on my own with the excellent product documentation provided by Yubico. I even managed to produce a backup YubiKey in case I lost my frequently used one. This was crucial when I temporarily lost the original.
OneLogin has a lesser cost as compared to other solutions. It also has a successful POC, partner expertise, integration with in-house and cloud-based apps, and provides restriction of access from unauthorized devices. It is a secure solution with industry-standard encryption, a good dashboard, and a cloud-based solution. In my opinion, there is not too much effort involved in the integration and it provides good OEM support.
Yubico YubiKeys has been a leader in the security key market, and I think they have a new product we just read about two days back and they can store up to a hundred private keys now. So I think this is what it distinguishes them from the market, apart from this, whatever features we need personally and for our customers. So they provide all those features, but versus the other brands.
For us I feel like the ease of deployment has made this product very appealing, overall this will make the scalability very easy for us to push out once we roll out to our users and the management tools that we have looked at will make the admins like me happy as it is clear and easy to use. The rollout process looks to be very straight forward from the demos that we have looked at regarding the enterprise tools.
I think it's the flexibility in being able to let users pick the type of authentications that they want to use. Some are comfortable with the touch device on the physical Yubico YubiKeys. Others prefer the mobile app. So it provides flexibility for our users to choose how they want to authenticate without running a file of our security requirements.
