Reentering Master Password to unlock secondary vaults
Is there a way to keep secondary vaults locked and when I want to access them again be required to reenter my Master Password or a secondary password? I know some thing like that existed a while back and support had said they liked that feature & a reworked version may come back. I'm curious if this has been abandoned or if this is still on the roadmap?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @MONKi1P!
I am afraid this is not possible, and I am not aware of plans to implement this. I might be wrong, but I also don't remember this being a thing, at least not in recent versions of the 1Password app. We are however aware of the request, so I will be happy to pass your feedback directly to the developers :+1:
ref: dev/projects/customer-feature-requests#61
0 -
Fingers crossed :)
0 -
:+1: :)
0 -
🙋🏻♂️ I would love this feature as well!
I used to keep all three of my vaults synced but since I separated out a fourth vault to hold sensitive info that I don't want kids or their friends seeing if the kids are using 1P on my laptop at home, I don't sync all. They have their own vaults but sometimes we log into the family mac and share 1P items to the kids on their own computers and I realized that when they unlocked that 1P, they could see everything if they thought to view the other vaults.
I don't want kids or their friends seeing bank accounts, credit cards, our social media accounts, etc... those things are critical on all my macs (yeah, several), and I wish I could trust to keep them locked on the computer to which the kids have access while they can get to other secure items. A neighbor kid racked up almost a thousand dollars on fortnite v-bucks two summers ago, and then did about 500 more after he was no longer grounded and was given his xbox back almost a year later. clearly, some kids cannot be trusted near sensitive data.
If each vault had its own master password, that would even be ideal. doesn't need to be the sequence to open the main and then subsequently open others... just when the 1P field is invoked, whichever master password you use determines which vault you see if they aren't set to all be seen. I would be more than comfortable having to close that vault and unlock another rather than keeping them both open or switching vaults, if that was possible.
if there is a roadmap or feature suggestion thread (I will check), then I'll add it there as well...
0 -
actually, I've decided that since @ag_ana should see this comment, I'll let her pass my explanation on so that the implementation rationale can be seen, but I don't muddy the forum with dupe content. ;)
0 -
The type of shadow vaults that are unlocked with one Master-Password but not with another would allow for some very good security in fact. I've had this with encrypted file storage vaults where someone would see one set of files with one password but with another they would see another set. This would definitely be a very advanced feature but that would put my mind at ease for certain data. Nice idea @JeremyBechtold
0 -
I'll be happy to bring up your points with the team.
ref: dev/projects/customer-feature-requests#61
0 -
indeed @MONKi1P ... the ability to have a fake vault as well works on several levels... kinda like how the ios app (used to and maybe still does) ha(s/d) a dummy vault so that you could use it to show people how the app worked without showing your sensitive data. that was awesome. I showed many people that way back years ago. it sold a lot of people on buying the app too.
0 -
Ah yes, the old Demo vault :)
0 -
It was a great promo tool for evangelists like myself!
I used to joke (or perhaps lament) that if you had a referral program I could be set for life with 1P credits. I've indoctrinated :p 4 family members, two in-laws, countless friends, and numerous clients (pre business plan days) to 1P for both their business and personal use. I think some have moved to the plans since. Not only did it make my life easier knowing that when I showed up to be their "tech support" I would then easily have access to all the credentials I needed, but it also made it super easy to create accounts for clients and then just send then a zip file with a bunch of share strings and they could just click them to add them. Processes like setting up email accounts and ftp access to their servers and whatnot all became telephone-capable tasks combined with a 30-second screencast (if that was even necessary).
0 -
Thank you for the support @JeremyBechtold, we appreciate it :)
I would then easily have access to all the credentials I needed, but it also made it super easy to create accounts for clients and then just send then a zip file with a bunch of share strings and they could just click them to add them. Processes like setting up email accounts and ftp access to their servers and whatnot all became telephone-capable tasks combined with a 30-second screencast (if that was even necessary).
Thank you also for sharing the actual use cases, this is very interesting!
0