Protect what matters – even after you're gone. Make a plan for your digital legacy today.
1Password Access after Death, Legacy Contacts
I am not planning to die anytime soon, but sometimes things happen. Beyond securing my 1Password details in an Escrow account, or with a lawyer, or in a bank lockbox, does 1Password offer any means of allowing one or more designated member of the 1Password Families account to access the 1Password account in case of the primary owner's passing? Apple now offers the ability to add one or more https://support.apple.com/en-us/102631 so that in case of your untimely demise, an Access Key and a Death Certificate allows Apple to grant the holder of both of these to get a new Apple ID that has access to your Apple ID Account. It may be something 1Password wants to consider, though I realize that reviewing Death Certificates may not be on the high list of priorities for the team! 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not Provided
Experiment #3 - Nearby Items
Hi y'all! I can't believe we are already shipping Experiment 3?! This one has a very special place in my heart. This project actually came out of a Hackday we did internally. Everyone was SOOOO excited about it, we wanted to share it with our users to get your feedback. Nearby Items allows you to assign a location to an item. Then, on mobile only for now, we've added a section to the home tab that shows you items that are close to you physically. Pretty awesome, right? The basic hypothesis here is that because people are more and more mobile, the items you need quick access to might be different based on where you are in the world. If your building at work has a door code, we'll show you that when you pull up. If you've got a storage shed, we'll show you the combo to the lock when you arrive. This experiment is our first exploration into physical space. We know we're not "done" but wanted to get early feedback to help shape how this project evolves from here. We're eager to hear your thoughts on Nearby Items. Let us know what you think below in this thread. The primary questions I'm trying to answer are: Does adding a location to an item help you get things done faster and with less friction? Do you see value in continuing to explore physical locations for items in any form? What are the use cases where you think having an item's physical location would be valuable? We have some ideas, but I'm sure there are tons of things we aren't even thinking about. This is a v1. If we continue to work on Nearby Items, what should we add, change, or modify to make it more valuable to you as a user? Does it make sense to also show "nearby items" on Desktop computers? Do you think that the current form of Nearby Items is good enough to ship in the Stable product?
Issue: Account Owner Permissions & Vaults
Firstly, I want to share that this issue/concern was raised by my company's infrastructure leaders and cybersecurity/information security leaders while discussing rolling out 1Password for our global IT teams. Issue/Concern: 1Password account "Owners" have full permission to manage ANY vault and their vault access cannot be restricted. Therefore, they can add and remove themselves or anyone in the organization to any vault, at any time, without any guardrails. Why is this a problem? As many organizations, we have a broad IT department broken out between application teams, security, cloud and on-premise infrastructure teams as well as deskside and helpdesk support. Our IT teams have a separation of duties for operations and security reasons. Therefore, whoever is a 1Password "Owner" should not be able to see highly sensitive passwords, API keys, etc of another team. So if our cybersecurity/infosec team does not have access to make administrative changes to our server infrastructure but they are supposed to manage the access at the highest level for our 1Password account, should they be owners? What if one owner assigns themself to a vault with sensitive passwords that should only be accessible to our server team? What we found 1Password does not provide native email alerts to notify all 1Password Owners/Administrators when an employee is added or removed from a vault. This would be a great feature at least for 1Password Enterprise accounts. There is no ability to remove the "Owners" group from a vault if the "Manage Vault" permission is granted to a different group. (e.g. A group with only the server team managers and/or director) But if an "Owner" can't manage every vault, then what if the non-owner group member(s) lose access to 1Password or leave the organization? Answer: An Owner or other authorized 1Password Administrator recovers their account or the vault is lost permanently with the only option for it to be deleted by an "Owner". -- Yes, an enterprise will need to accept this risk but they should be offered this level of granularity for certain password/credential security use cases! Shared vault credentials and other data are not secure enough for use within our IT teams with the current and only available way of structuring shared vault permissions with "Owners". Shared vaults are useful for non-IT teams for internal team account sharing. (e.g. Marketing, sales and social media teams) Conclusion We do not feel comfortable using 1Password as our exclusive password management solution due to the lack of available permissions that essentially allow the Owner(s) to elevate their shared vault permissions with no available native 1Password platform warnings, alerts or options to implement guardrails. I hope this drives a strong discussion and would be happy to speak to 1Password leadership on this topic in a private meeting as the only available solution is what is outlined in the link below which was also the only recommendation by a 1Password solutions architect. Due to this lack of permission granularity, our IT teams do not feel comfortable using shared vaults. https://www.1password.community/kb/1password-launch-kit/setting-up-1password-for-large-organizations/687
