Login access for teams

We use VAs in our business and I would like to share with them accounts without showing the VAs the passwords.
This looks like it is not possible according to this forum post: https://discussions.agilebits.com/discussion/97780/do-not-show-password-for-team-members
If that's the case, I dont really see the difference between using 1Password and having a Googlesheet with all my passwords for staff to access.
Can you confirm. Thanks


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:sdfasdfsdaf

Comments

  • ag_ana
    ag_ana
    1Password Alumni

    Hi @albatrossdigitalgolf! Welcome to the forum!

    This permission is already available in our Business accounts, as per the discussion you have linked to :)

  • Hi

    Thanks. What concerns me though is the VAs ability to copy the password and then paste into textedit and reveal the password.

    No difference to having a google sheet with all my passwords on it then unless im mistaken and will save me $80 / month.

  • ag_ana
    ag_ana
    1Password Alumni
    edited September 2019

    @albatrossdigitalgolf:

    You are right that we cannot protect your data when it leaves 1Password, we can only protect it while it is inside 1Password. Indeed, with the Reveal Password permission enabled, they will not be able to copy it and paste it into textedit.

    What they could do, if they are interested in knowing what the password is, is find a way to reveal it once it's pasted into a browser. We mention this for completeness, because once the data is outside 1Password, a team member who is willing to access your secrets could potentially find a way around this.

    My colleague Jin said this perfectly in the discussion you linked to:

    When you share a password with someone it is always best to assume that person now knows the password. Regular rotation of shared passwords is the only way to protect against people who used to have access to shared passwords being able to access accounts once you've removed their access.

    The difference between 1Password and a spreadsheet is that data would not be encrypted at all in this second case, so anyone could see it, not just your VAs, and you would be missing out on all the other security features that 1Password offers.

    Overall, while in this specific scenario of an untrusted VA the situation would be similar, the security improvements coming from all of the other features makes it worth it.

This discussion has been closed.