Blog

Introducing in-browser app banners: Set guardrails for cloud apps | Learn more →

Ready to help

How do I remove a login method from Push?

You can remove a login method that Push has observed for either an entire app or a specific account.

To remove a login method, go to the Push admin console and select the app or account you wish to modify from the Apps or Accounts page.

For apps: Select the app on the Apps page and open the app slideout. Then select the arrow next to Login methods. Use the trash icon next to the login method you wish to remove.

Forget login methods gif - KB 10107

For accounts: Select the account on the Accounts page and open the account slideout. Then select the trash icon next to the login method you wish to remove.

Forget login methods - account details - KB 10107

Use cases

A few examples of how you might use this feature:

  • Clean up after onboarding an app to SSO: You might wish to clean up password login records after onboarding an app to SSO. This can help you detect whether password accounts are still being used.

  • Remove outdated login records: Push does not expire login methods it has observed, so you may want to remove outdated login methods that no longer reflect your reality.

  • Remove incorrectly observed login methods: Occasionally, you may find a login method that was observed incorrectly.

What happens when you remove a login method?

If you remove a login method for an entire app, Push will clear that record type for all associated accounts. For example, if you have 20 accounts on Dropbox observed using OIDC and you forget that login method, Push will remove it for all 20.

If you want to forget a login method for a specific account, go to the Accounts page and select the specific account to remove it only from there.

Note: If you choose to forget a password login for a specific app or account, Push will also resolve any password-related security issues for the related accounts. That includes any MFA-related findings, too, as Push only raises an MFA security finding on an account if MFA is not registered and a password is also in use.