Avoiding multiple copies of logins

I have a Marketing Vault. We store all logins for marketing here.

I have an external consultant (Lars) who needs access to the Google Ads Manager login.
I made a guest account for Lars and gave him a vault: Lars Vault.

My question:
How do I share the Google Ads Manager login with Lars without making a duplicate of the login..?

The reason for not wanting to duplicate is that it adds complexity in keeping passwords up to date across the organization if there are multiple copies.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:avoid duplicate

Comments

  • ag_anaag_ana

    Team Member

    Hi @tejs! Welcome to the forum!

    Can Lars have access to all the contents of the Marketing vault?

  • Hi!

    No, we have a lot of logins there that we don't want to share.

  • ag_anaag_ana

    Team Member

    @tejs:

    Thank you for the confirmation. In this case I only see two options:

    1. You create a smaller Marketing vault that Lars can also have access to, and another Marketing vault with the more sensitive items only team members should be able to see
    2. You copy just this one item to the vault Lars has access to. It's true that you will have a duplicate item in this case, but it would not require splitting existing vaults.

    I understand neither of these are ideal, but if Lars needs access to only one item inside an existing single vault, but not to the others, using the existing vault will be a no go.

  • Understood.

    I think your product team needs to consider letting a login exist in multiple vaults or sharing with individual users.

    The example described here is just one of many cases where we need this. In reality, it is not possible to use 1Password for our business without compromising on either allowing multiple copies (obviously not a good idea) or lowering security policies (least access policy).

    We really like the tool in every other aspect so it seems like a strange missing component.

    It leaves me with some questions:

    1. Have I totally misunderstood the functionality of 1Password?
    2. Is there a technical reason for this missing functionality?
    3. Does best practice guides exist on how to use 1Password in an organization?
  • ag_anaag_ana

    Team Member

    @tejs:

    You definitely did not misunderstand the functionality of 1Password. This is a request that we have received before, so I have passed your feedback to the developers :+1: The challenge is that there are a lot of technical and security requirements to consider when implementing a feature of this type. But this does not mean that there cannot be a way to do it, just that we have to be careful and make sure things works properly and securely without unintended consequences.

    ref: internal/business-roadmap#5

    ref: internal/business-roadmap#51

    As far as best practices, the closest resources we have would be our getting started guides:

    Administrators: Get started with 1Password

    Team members: Get started with 1Password

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file