Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Admin of multiple vaults vs overall security
My mom and dad have their own computer each. They are elderly and are awful at understanding how to secure their multiple websites access, and installing 1password on their computer and asking them to learn how it works is not an option. So I'm using password caching in their browsers and it works fine.
But to create these multiple passwords, I've created two vaults in my family account. I set up myself each items in their vaults and copy/paste the new passwords in their browser cache and they're ready to go. Easy.
But here's the security issue I'm facing (and anyone managing multiple vaults):
Now there's only one main password (mine) securing ALL vaults (theirs and mine). From wanting to help them secure their computers, I'm becoming the greatest weak point in that security chain. If a hacker eventually figure out my main password, I'm becoming a liability to those other vaults. But beside setting up a super crazy password as the main password, what else can I do to "spread the risks".
2 Replies
- 1P_Timothy
Community Manager
Hi TheGoodGuy! Thanks for writing in. I'd like to ask a few questions to better understand your set up.
So I'm using password caching in their browsers and it works fine.
Could you share a bit more about what you mean by password caching? Are they saving credentials in their browser's built-in password manager or somewhere else?
I set up myself each items in their vaults and copy/paste the new passwords in their browser cache and they're ready to go.
It sounds like you've created a vault for each parent in your 1Password account and are adding items for them with credentials they've previously saved elsewhere. If so, is the goal to have backups of these credentials for them, or are they accessing your account to retrieve these credentials? Or, are you creating items for your parents, sharing the generated password with them, then encouraging them to use "remember me" options to avoid regular password entry?
Thanks again!
After reading your post a few times, I am still struggling to understand what you are doing, or the basis for your concern. Supporting technically disinclined folks has no shortage of concerns.
I think you are saying "I'm using password caching in their browsers" to mean that your parents are creating new accounts and storing credentials using their browsers' built-in password storage (which is unrelated to any browser cache), not the 1Password extension. How your subsequent copying relates to this is unclear since you don't explain who is using 1Password, or how they are each using it.
You also make reference to Vaults, admin of Vaults (which is not a thing), and passwords in relation to a Family plan, but make no mention of accounts or how these are used and secured.As for you and your operational security being a risk, a broader assessment will almost certainly reveal that you are a single point of failure in multiple cases. I suspect that a "hacker" figuring out whatever you mean by your "main password" is (or should not be) a high risk as long as you exercise good information hygiene.
Eliminating yourself a single point of failure for your and your parents' information lives will require sharing responsibilities with other trusted and capable family members, where family can be both logical and biological.As for "super crazy password"s, you may be overestimating the importance of password complexity. A n unbreached, unique, good, and memorable passphrase which you can reliably type will likely be as safe as you will ever need to secure your other secrets. The complexity these days is in the handling of additional factors such as 2FA Passkeys, recovery codes, Secret Keys, and Emergency Kits.
To get more and better help and advice, I suggest being careful to correctly use terms specific to 1Password and other technologies and avoid undefined constructions such as "main password", "password caching", etc. which can only have precise meaning to you. It may be worth rewriting your post entirely.
