Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Issues saving and signing in with passkeys on the Mac
Hi, With 1Password having added Passkeys I decided to see if they are useful. I now have several accounts that have passkeys. Several times over the past couple of days I have been in a situation where an app or a website in my browser requires that I log in using a passkey. However 1Password is not detecting the request and as a result there is no way I have found so far that I can tell 1Password to use my passkey to sign in. A key "feature" of 1Password's use of an app and a "paired" extension in web browsers has been that when the extension is not working properly or when I am logging into a standalone app I can always open the app and copy and paste my credentials into my browser or into the app. My inability to use my passkey is breaking 1Password for me. In addition when I have generated passkeys I am finding that the 1Password stores it in its own login item and not with the credentials I used to use for the site. I may be wrong but I am not sure it even asks if I want to upddate an existing login. Once done there is no way for me to merge the username, passwords and 2FA codes also associated with the same account together. So now I have duplicates that will take me time to merge. Also good luck finding the items with passkeys if you are trying to figure all of this out. I understand the potential security benefits of passkeys but using them in 1Password so far has me baffled. What am I missing?
Best practice for user terminations?
Hi 1Password Community! Long time lurker first time poster here. We've been using 1Password Business at our company for a little under 3 years and love it. Our team has been debating on how best to handle user terminations in the scope of 1Password. Currently all users are manually managed (we're not using SSO with AD or anything). Two goals for user terminations: Goal 1: restrict access so the terminated user cannot access their company 1Password data Goal 2: no loss of any shared 1Password data So far we've simply been disabling users' 1Password accounts when they leave the company, achieving Goal 1, and leaving their 1Password data intact to set the potential stage for Goal 2. We're thinking we might have to just spend some time setting up dummy accounts and learning/testing behaviors, but I thought I'd try to shortcut that process and ask you good folks of the community :) The questions we have are: If the user created a shared vault, how can we reappropriate ownership of that vault and its items to someone else? We don't want to lose the information/passwords in the shared vault. If the user was a member of a shared vault and submitted items to it, are those items "owned" by the vault, or are they still tied to the user? (More specifically, if we delete a user's account, will all their submissions to a shared vault also be deleted?) If the user didn't follow training and was saving data to their "Employee" vault instead of a correct vault location, what is the best way to access their account to get at this data? We do have access to the user's email and company phone after termination, so impersonation comes to mind, but we're not convinced that's the best option to use. Are there any other things we should be considering when terminating a user from our environment? Thanks for reading :)
Recovery code vs Emergency Kit
I'm an individual user. Per your advice, I've created an Emergency Kit, saved that file in the cloud, printed out several copies that I've given to executors, and placed one in a safe deposit box. Last week I learned about recovery codes. Do I need both? I searched for a handy chart which compares why and when I'd use one versus the other, but didn't find one.
MFA for a subset of Users or all?
I am reaching out to gain a clearer understanding of our options regarding the scope of Multi-Factor Authentication (MFA) implementation. Specifically, as an administrator for our business, I would like to know if enabling a new password policy is a prerequisite for turning on MFA. Additionally, I am interested in exploring the possibility of enabling MFA for a specific subset of our business users as a test measure. As an Administrator, I cannot see the policy options to choose a specific group of users or team of users to target MFA to. Thank you for your time and guidance.Admin of multiple vaults vs overall security
My mom and dad have their own computer each. They are elderly and are awful at understanding how to secure their multiple websites access, and installing 1password on their computer and asking them to learn how it works is not an option. So I'm using password caching in their browsers and it works fine. But to create these multiple passwords, I've created two vaults in my family account. I set up myself each items in their vaults and copy/paste the new passwords in their browser cache and they're ready to go. Easy. But here's the security issue I'm facing (and anyone managing multiple vaults): Now there's only one main password (mine) securing ALL vaults (theirs and mine). From wanting to help them secure their computers, I'm becoming the greatest weak point in that security chain. If a hacker eventually figure out my main password, I'm becoming a liability to those other vaults. But beside setting up a super crazy password as the main password, what else can I do to "spread the risks".
options for same settings across company (GPO?)
Hello, My wish would be to roll out the software including settings for the entire company e.g. - password length for suggested passwords - autolock.onDeviceLock - autolock.minutes I tried a lot and found C:\Users\User1\AppData\Local\1Password\settings\settings.json but probably the authtags are encrypted and individual on each PC, so I can't just copy this file? { "version": 1, "browsers.extension.enabled": true, "security.autolock.onDeviceLock": true, "security.clipboard.clearAfter": true, "appearance.interfaceDensity": "comfortable", "updates.updateChannel": "PRODUCTION", "security.autolock.minutes": 1, "authTags": { "appearance.interfaceDensity": "*", "browsers.extension.enabled": "*", "security.autolock.minutes": "*", "security.autolock.onDeviceLock": "*", "security.clipboard.clearAfter": "*", "updates.updateChannel": "*" } } Do you have any idea how I can distribute identical configurations? Thanks! Tobias
