what if spouse decide to remove you? Do I lose all my personal passwords?

Hello,

I want to migrate to 1Password as my password manager. I want to be able to share some passwords with my husband. I think for that I need a families account, right? But....what happen when 1 of us get mad at the other and without warning removes you from the families account? Does this person lose all their personal passwords? Can they be recovered? It's the only thing keeping me on my old password manager.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:what if spouse decide to remove you? Do I lose all my passwords?

Comments

  • brentybrenty

    Team Member

    If the account owner removes you, then you will no longer have access to anything in it. If that's a concern, I'd recommend setting up your own 1Password membership and keeping your data there, so that you're fully in control of what happens there. You are not obligated to join a 1Password membership that someone else controls. I hope this helps. Let us know if you have any other questions about 1Password. :)

  • Thank you for your quick answer, but as I said, I can not share passwords with a personal account and that's important for me and my family. Thing's like wifi, netflix etc.
    It should be a concern for everyone within a families account I think. You newer know what happen in the future. And to lose all your passwords and notes is a big disaster. I think that family account members who are removed should have the ability to keep their private data and transfer to a personal account.
    To have 2 accounts, 1 families (for only wifi and netflix) and 1 personal for everything else is a bit to much for me.
    I hope this changes in the future.

  • This is a serious flaw in 1Password Families, and it's stopping me from recommending to my family that we should use 1Password as a family, and I'm seriously considering moving to LastPass over this issue alone. Someone having unilateral deletion power is absolutely never acceptable, and since there's no way to share outside of your membership, there's no way to share items at all without that.

    Please please please reconsider this choice or make it possible to share to outside of your membership.

  • brentybrenty

    Team Member

    It's not possible to share outside a membership because in that case the parties involved do not have the keys necessary to decrypt data encrypted by each other. You can share encrypted data via email/messaging using GPG as well, and that has the same problem: you need to exchange public keys in order for either of you to be able to read data encrypted with the other's private keys. That's not a great experience, and therefore relatively few people use that. That's why we built this into 1Password Families/Teams/Business, to make it seamless.

    There are many, many ways to share the Netflix password within a household. 1Password is not required for that. If others are not trustworthy, it would probably be better to enter the password yourself rather than actually giving it to them. A basic level of trust is required in order to share anything with another person, such as a membership that one person is paying for. The same is true of Netflix: if you are using a membership you're not paying for, your watch list and history and ratings can be obliterated by that person at any time. Inherently, the person paying for the membership needs to be able to make any changes they feel are necessary. It's theirs after all. Should I not be able to remove someone's Netflix profile when I would like to add someone else instead, when I'm the person paying for that membership?

    Obviously people's 1Password data is probably going to be more important to them than the shows they watch. Because of that, all data is encrypted, and it is not possible for anyone to access the Private vault of another. Period. 1Password Families is meant to be used by families though, and is built with that in mind. So a situation where there are people you're responsible for who you are not able to trust to that same degree, inviting them as guests, or using 1Password Teams would be a better option for the more granular access controls it offers. But the person joining the membership inherently has to trust the owner, because they can, for both questionable and completely legitimate reasons, cancel the membership at any time. That's not something we can or should prevent an account owner from doing.

    Getting back to the specific hypothetical posed above, it is not the case that you can't "have your cake and eat it too", as there is nothing stopping anyone from being part of multiple memberships:

    • Create a membership for yourself, to safeguard your own personal data, so you have full control over that and the membership itself. This way, there is no "what if".
    • If someone else needs/wants to invite you to their membership to share something with you, use it for that purpose instead of "putting all your eggs in that basket", as it isn't your membership and therefore isn't up to you. What if they simply decide not to use 1Password at some point?
    • If you want/need to share with someone else, you can invite them as a "normal" family member (Private vault, access to any others shared with them) or as a guest (access only to a single vault explicitly shared with them). They can also maintain their own membership separately if they wish.

    Ultimately I understand the concern, but when joining a membership of any kind belonging to someone else, you're going to depend on them, not just from the standpoint of them not being malicious or making a mistake that affects you, but on the basic level of them being responsible for maintaining it. I've added a family member to my phone service recently, for example, and if something happens to me where I can no longer pay for the service, they will be cut off as well. This is part of life (and death), and we each need to plan accordingly. Losing anything important is a disaster, but that can be mitigated by taking responsibility and planning ahead. Not storing the only copy of your important data in something owned by a family member of questionable reliability (e.g. if I was apt to not pay bills on time or at all, the family member should really decline the offer to have their phone service depend on me) or your employer (maybe they switch to something else, go out of business, or you simply change jobs) is a good starting point. That may be conceptually undesirable -- in a perfect world, we wouldn't have to worry about these things and therefore have no need to plan for them -- but if the outcome you want is being able to know that you won't lose data because the bill is not paid, you get removed, etc., that accomplishes the goal we each have in mind.

  • I'm also trying to figure out how to use 1Password to support the scenario of just letting two people/spouses share a vault, but also have their own private vault which an owner can't delete at any time.

    "owner can ... cancel the membership at any time. That's not something we can or should prevent an account owner from doing" - True, but why would a family member immediately lose all access to their Private Vault? Wouldn't a more fair feature be to give them the option to migrate at least for a grace period after the family owner could cut off?

    Leaving that feature design debate aside. I just want this to work. So I'm curious @brenty if/how I can accomplish this with a Team plan instead of Family plan? I'm fine having separate billing for Partner 1 and Partner 2.

    FAMILY Plan -- Undesired Behavior
    Partner 1's Private Vault, Family Owner
    Partner 2's Private Vault If 1 decides to cancel, 2 immediately loses all access to their private passwords, so not really "owned" by 2 :-1:
    Shared Vault for 1 & 2

    Desired behavior:
    Does the TEAM Plan enable this?
    Partner 1's Private Vault always "owned" by 1, billed to 1, no matter what 2 does
    Partner 2's Private Vault always "owned" by 2, billed to whomever (assume 2), no matter what 1 does
    Shared Vault for 1 & 2

  • ag_anaag_ana

    Team Member

    @WatsonTech:

    The Team plan would not be a solution for this specific scenario. You can certainly always create two separate Individual accounts so the private vaults are under each person's complete control, but the problem with the shared vault remains: even if you created a third account just for the shared vault, the administrator of that account would also be able to delete it.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file