Disable 1Password Updates
Our organisation has the following best practice security implementations Block running executables in folders writeable to the user (ie. %appdata%) End-users are not local administrators to their device We deploy 1Password for Windows using automation and the application is installed as a machine-level application installed at C:\Program Files\1Password A recent change is that 1Password now prompts the user to complete updating the app, however the user is unable to perform the update as they require administrator privileges. We update 1Password automatically already on a schedule and would like to disable 1Password updates altogether using a central method (ie. registry, scripted, 1Password pushed-policy, etc). How can we disable updates? Thanks.
What is 1Password doing to simplify user access for companies using many vaults?
We follow role-based access, like many other companies would for providing the right and lowest amount of access to their users as their role requires. In order to do this with 1Password for appropriate credential sharing, we have to setup many vaults per each of our customers, as well as our own environments/projects. With us currently sitting at around 78 vaults, the UI, search and overall functionality is really starting to show a lack of scalability for the business. Sharing feature is not feasible due to expiration (nor would it be even if expiration wasn't there for the sheer point of manual process this requires) Duplicating passwords makes everything worse as credentials do not sync back to the original item. My questions are, What is 1Password doing about this? Is it something you are currently aware is an issue and working towards a solution? If you are aware, what is the priority? Do you have a timeline for any improvements? As there is no solution, either other companies are in the same boat as me or simply setting up less vaults and accepting the security risk that people get access to credentials not required for their roles.
options for same settings across company (GPO?)
Hello, My wish would be to roll out the software including settings for the entire company e.g. - password length for suggested passwords - autolock.onDeviceLock - autolock.minutes I tried a lot and found C:\Users\User1\AppData\Local\1Password\settings\settings.json but probably the authtags are encrypted and individual on each PC, so I can't just copy this file? { "version": 1, "browsers.extension.enabled": true, "security.autolock.onDeviceLock": true, "security.clipboard.clearAfter": true, "appearance.interfaceDensity": "comfortable", "updates.updateChannel": "PRODUCTION", "security.autolock.minutes": 1, "authTags": { "appearance.interfaceDensity": "*", "browsers.extension.enabled": "*", "security.autolock.minutes": "*", "security.autolock.onDeviceLock": "*", "security.clipboard.clearAfter": "*", "updates.updateChannel": "*" } } Do you have any idea how I can distribute identical configurations? Thanks! Tobias
Accessing Vaults on a New PC
Hey again - One more question -- we seem to struggle with moving a vault from one computer to another when we replace computers. Do we need to export that vault somehow and move it to the new machine? Or just log into the 1PW extension and/or app on the new machine and the vault comes with it? Thanks!Offboarding Best Practice
Is there a "best practice" for handling terminated employees' vaults? All we have found is the recommendation to suspend the account, log in as the user and change all their site passwords, then delete/deprovision the account. Seems like there should be a way to transfer that vault to a manager, then suspend/delete the user? thx
