Vault Naming Convention – Security & Usability Concern
The recent decision to name all core vaults as "Employee" in 1Password is highly counter-intuitive and introduces unnecessary risk.
In environments where multiple 1Password accounts are used, we've observed that users frequently misplace credentials in the wrong "Employee" vault. As a result, sensitive data—including API keys, passwords, and banking details—has been inadvertently exposed to unintended users with access to these vaults, despite the correct Primary Vault being set.
This naming convention creates significant ambiguity. Why wasn't a more logical format such as "$AccountName - Employee" considered to differentiate vaults across multiple accounts?
