Our community is getting an upgrade on July 2nd! Learn more in the FAQs →
Nested folders in department vaults
The issue I am having is that we save a very large number of credentails and details in 1password, and currently, I am creating vaults with names of the department and a subsection name as part of the vault name As an example for illustration only: for HR, I have a vault called HR-References, another vault called HR-AnnualLeave, and another called HR-Attendance But this means we end up with a massively long list of vaults. It would be much much better if we could have nested vaults, or even folder to contains to store all the different sets of data in an organised manner under the one parent vault. so ideally we would have a vault called HR, and then within that vault, either subvaults, or folders/containers that could contain specific items by topic Hope this makes sense. Thanks
options for same settings across company (GPO?)
Hello, My wish would be to roll out the software including settings for the entire company e.g. - password length for suggested passwords - autolock.onDeviceLock - autolock.minutes I tried a lot and found C:\Users\User1\AppData\Local\1Password\settings\settings.json but probably the authtags are encrypted and individual on each PC, so I can't just copy this file? { "version": 1, "browsers.extension.enabled": true, "security.autolock.onDeviceLock": true, "security.clipboard.clearAfter": true, "appearance.interfaceDensity": "comfortable", "updates.updateChannel": "PRODUCTION", "security.autolock.minutes": 1, "authTags": { "appearance.interfaceDensity": "*", "browsers.extension.enabled": "*", "security.autolock.minutes": "*", "security.autolock.onDeviceLock": "*", "security.clipboard.clearAfter": "*", "updates.updateChannel": "*" } } Do you have any idea how I can distribute identical configurations? Thanks! Tobias
Feature Request: Rename Employee Vault in 1Password Business
Hello 1Password Team, I’m writing on behalf of our organization, which uses 1Password Business. We find the default “Employee” vault name misleading for individual use, as many mistakenly assume it contains passwords for all employees. This confusion is even greater in the German translation where it appears as “Angestellte” making it unclear that this vault is for personal credentials. It would be far more intuitive if this built‑in vault could either be renamed freely or, at minimum, default to “Personal” as it does in Family and Individual plans. Proposed Improvement Clearer Naming: Changing “Employee” to “Personal” (or allowing custom names) eliminates ambiguity, especially in non‑English locales. Consistency: All other vaults in Business plans can be renamed; extending this to the default vault aligns with current functionality. Improved Usability: Allowing organizations to set a meaningful name (e.g., “Personal,” “Private,” “My Vault”) streamlines onboarding and vault management. References: Reddit: https://www.reddit.com/r/1Password/comments/ukj3rr/why_cant_i_change_the_name_of_the_personal_vault/ 1Password Community: Can’t Re‑Name my Vault 1Password Support: https://support.1password.com/create-share-vaults/ – “The built‑in Personal, Private, or Employee vault can’t be renamed or deleted.” 1Password Community: Any way to rename a vault in 1P8? 1Password Community: Renamed vault, can’t rename back 1Password Community: https://1password.community/discussions/1password/how-to-rename-main-vault/132742
Transfer Item Ownership to Different User - Feature Request
I'm the SysAdmin for a small company and often set up accounts for people like new employees or new services for existing employees. I haven't found a good way to transfer an item to a different user. Example: I recently created a T-Mobile credential for my boss where I set the username and password. I configured some settings in the account and now want to fully transfer ownership of the 1Password item to him without maintaining access to it. It also contains some extra notes I've added. The only ways I know to give him the credentials are to: -Send the password in plaintext via Teams/email/etc. for him to recreate the item in his own vault. He then has the hassle of resetting the password and manually copying the notes over. -Share a link to the item, but I can't delete my copy until he has copied it to his vault. (this option has actually improved since I tried it last) -Drop it into a shared vault, so he still has to copy it out and he or I need to remember to delete the shared copy. I'd love to be able to shove it into his vault and forget about it. It would also be great if he gets some kind of notification that it's been added. Thoughts? Maybe this is just an admin feature, but maybe there's not much harm in making it available to all users.Storing TLS cert and general private keys in 1password
Hi I'm sure there's perhaps a good reason as to why this is not a feature, but I was wondering if there's a way to store Apple Developer certificates in 1password in a similar fashion to how we currently store and use ssh keys? The use case is that we would like to allow certain employees to have access to our Apple developer ID keys so that they can sign binaries and installer packages. At the moment we have to give them the actual private key and then of course we have no idea what happens to that key after they are done. It would be good if 1password could be brought into play in situations like this so that the key can be referenced and used on the command line and then of course the access is audited in the 1password logs. Does something like this already exist, perhaps I am not looking in the correct place? Thanks1Password dev ressources vs IPO
Hello, since 2024, when 1Password started looking into/considered an IPO, i have the feeling all development ressources were focused solely on growing the userbase and everything else was deprioritized. For example: The terraform provider didn't get any updates (e.g. Ephemeral Values) Simple improvements are deep in the backlog: Collapsible tags Displaying the user on the "last edited" line Improvements for managing vaults/users in an enterprise context are missing: Admins still can delete Owners Vaults can be deleted by any admin without "four-eye-principle" ... There is no way to export vaults encrypted Maybe some ressources could be assigned to improvements instead of new features... /rant over
Corporate SSO user/password
I'm sorry to be opening another of these.. but I've seen several ones across the forum in all the years but none satisfying resolution. I'm in the same situation, where I have a corporate SSO login (same password, mostly same username) across a lot of corporate services where the password changes every X time. I have to update all the records every time. Isn't it possible to introduce something like a "linked password" / "linked username" type field? A sort of a symlink to the same field in another record? You'd still have to create them the first time, but they would just all point to the same username. Even better would be that - if you update its content via one of the linked items - it would just update the original. Obviously a record could not be deleted as long as it has other records pointing to it. And that would solve the audit things as well right? As you explicitly indicate it's a shared item. The audit would know to skip all linked passwords. I have been with 1P since almost the beginning (check it, I am proudly wearing my Early Earl badge), but this is one of the things that has been bothering me for many years. 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not Provided
Feature Request: Optionally allow sharing recipients to edit/update entries
Hi I love 1Password, cannot live without it in my personal and professional life. But one thing I struggle with is helping my customers maintain a safety first demeanor when it comes to sharing secrets. With 1Password it is easy enough for me to share secrets with them securely, but the inverse is not true UNLESS they also have 1Password, or similar. [2025.10.09 - Update] After looking into WHY this doesn't exist I now understand the problem that allowing an external non vault member to write directly into my vault would break the security model as that external non vault member would need my keys to write into my vault. So instead it could be something like this You initiate a “Secret Request” from 1Password: It generates a unique, signed URL. Optionally, you can label it (“Please send me your API key for X”). The recipient (your customer): Opens that link in their browser. Enters their secret (password, API key, etc.). Their browser encrypts it locally with a one-time symmetric key before upload. The key is only embedded in the returned “Send” link that comes back to you. You receive the “return link”: You open it once, decrypt locally, and copy the secret into your own vault. Optionally, the link auto-expires after one view or a set time. 1Password’s servers never see plaintext, they just store encrypted blobs. Full disclaimer, some AI servant came up with the above summary after I was trying to figure out why it may not be secure to just have people write directly into my vault and what the alternatives were. [Original not so secure feature request below] The feature I am looking for and would be willing to pay for, would be to allow sharing an entry, blank or otherwise, and then to optionally indicate that the sharing recipient may update the values or create new ones. Basically I want to allow someone external to be able to populate an entry in my vault as a mechanism for them to securely share secrets with me. Use case: I need to do an integration project with my customer's ERP system and I need a secret from them. They need to share this secret with me and may not have a great way to do that securely. So if I could securely send them a link to an entry in my vault with edit permissions, then they could easily just drop the secret in there. From a feature point of view, I guess it doesn't have to be limited to Update only, you could send someone a "Please create a new entry in my vault request", and then the entry would not have to exist prior to them getting the create request. Let me know what you think