First Impressions

Occasional Contributor

5 years ago

From a security standpoint, it doesn't matter what the company does or does not want, they must assume that the employee has an independent copy of every credential and therefore all passwords/credentials/2FA codes/etc must be revoked or rotated.

You cannot rely on a remote wipe being effective, even if you have positive confirmation from the device that it was completed. From a security standpoint the only safe position is to assume the user has a backup, because they just might.

"Might have a backup somewhere" isn't a good disaster recovery plan, but from a security standpoint "might" is functionally identical to "Absolutely has multiple backup copies", so we may as well get the benefits of a local backup in a disaster recovery scenario.

if this is your personal data then every business account comes with a free 1Password Family account for every employee and the company has no control over them

... But as the family administrator, I do, so the exact same issues exists.

Forum Discussion

Featured discussions

November at 1Password: the Access-Trust gap, planning your estate, and an updated unlock experience

Recent discussions

Autofill without unlocking vault.

1Password desktop app refuses to run/open

YouTube login not working with 1Password

Bug? Browser extension not unlocking or filling in password

"1password quit unexpectedly" at every startup