1P 8 Unlocking Multiple Vaults

The last point of people losing the password of the secondary vault IMO it's just silly because they should have used the same 1Password to store that in the first place.

Anyway is not possible to have a simple option that you need to check in Preference to allow the 'one password open them all' behaviour? Maybe when the user check that option you'll ask then all the master password for all the connected vaults, but at least you ask them once.

Even if I do understand that your security concerns are legit I have to say that it"s really time consuming when you do it multiple times a day. On top of that I am not used to type my company password and now each time I have to use something stored in the company vault I have to unlock my private vault, search for the company psw and paste it. I am a keyboard kind of guy but many of those steps require the use of a mouse because I'll spend even more time navigating the UI with the keyboard.

If you really want to take care about company security policies it should be up to them to allow or not the 'merge' of the vaults.

At the ends this will involve just a couple of settings:
* the company has an option to allow or deny the feature
* the user is able to activate it

This will not require the change of the master password of the second vault.

I really miss this one.

@HenryY

Thank you for the reply. There are several security considerations that led us to make the changes that we did in 1Password 8:

• When someone chooses an account password they intuitively expect that only that password will be able to unlock their account. With 1Password 8 only the account password associated with a 1Password account can ever unlock the vaults stored in that 1Password account.
• Organizations often enforce password policies to make sure that their employees/members are using a password that fits their organization's security requirements. With the previous way of doing things it was possible to unlock a 1Password account with a password that didn't meet the password policy that an organization set for that organization's 1Password accounts if another 1Password account with a weaker account password was added to the app first.

There are also other considerations that we considered, especially from a usability perspective. For example, we had many reports of users who would get used to unlocking the 1Password app using the account password of one account and who would forget the account password of their other account due to lack of use and end up being locked out. By enforcing that users regularly use their specific account passwords we prevent users from forgetting their account passwords.

-Dave

This is a huge security issue. Cant use same passwords on different accounts. Anyone from AB suggesting this should be reported for promoting security issues on v8. If AB is offically recommending this its clearly not in the Password Manager business anymore.

1P_Dave There have been a lot of regressions in 1Password 8, and I'm coming into 1Password 8 with an open mind with the belief that it will improve. However, this is a major security regression from a security company.

1P_Dave Touch ID doesn't work on my keyboard that doesn't have Touch ID. I also just read the explanation you linked to. It still doesn't address the concern that Vault B is under a different account that is not necessarily owned and managed by the user, in this case my Work vault is in a corporate 1Password account that is separate from my personal. If something happened, like say I was ordered to surrender my 1Password (Work) password, I would be putting my own personal information in my Personal 1Password account in jeopardy under this system.

@HenryY

Thank you for the reply. You're right that our advice in this instance seems to go against general advice when it comes to reusing passwords and the difference in this case is 1Password's architecture and security/authentication design. Our Principle Security Architect wrote a detailed explanation here: Two accounts - now needs two different passwords every time you login? — 1Password Support Community

If you'd like to avoid using the same account password for all of your 1Password accounts then enabling Touch ID unlock for 1Password is the best way to unlock all accounts at the same time.

I hope that helps. 😊

1P_Dave Yes, isn't the whole principle of using 1Password to avoid using the same password for multiple logins? Doesn't sharing the same password between multiple vaults violate this principle? In addition, I have shared vaults in different accounts (Personal, Work). If one password was somehow compromised, it would be reassuring to know that the other vault is safe. Also, since one of the accounts is not owned by me personally, it seems dangerous to have my most closely guarded secrets sharing the same password in an account that's controlled by another entity.

@HenryY

Thank you for the reply. I would be happy to pass along your feedback to the team, can you tell me a little more about your concerns with using the same password for both 1Password accounts? Your employer does not have access to the account password of your work account and your account password never leaves your device: How Secure Remote Password protects your 1Password account

I look forward to hearing from you. 🙂

Thanks 1P_Dave . Any chance you can revert the previous functionality? I don't really want my Work vault (controlled by my company) to have the same master password as my personal vault.

Hello @HenryY! 👋

B0rg is correct, when you enter an account password into 1Password 8 only the account that the password belongs to will be unlocked. The best way to use multiple 1Password accounts at the same time is to use the same account password for each account: How to use multiple accounts

You can also enable Touch ID unlock for 1Password which will allow you to unlock all accounts at the same time using just your fingerprint: Use Touch ID to unlock 1Password on your Mac

I hope that helps. 😊