Using 2 vaults with the desktop app: Why don't I need to provide the password of the second vault?
I am using the the macOS 1password desktop app, which is connected to two vaults: V1 and V2. I would like to know why when I open the 1password app with the password for my default vault V1 that I am given immediate access to the passwords in vault V2. For increased security, I would much prefer that I enter the password for V2 before accessing the passwords in this secondary vault.
As far as I can remember, this is how the two vaults were set up. I created a default vault V1 with password P1. Then, later, I added a pre-existing vault V2, at which point I was asked to enter the password P2. However, ever since this was setup, whenever I restart 1password, I only need to enter password P1 to access the two vaults V1 and V2. I assume that P2 is somehow stored in V1.
You might be wondering why I care. It turns out that the vaults V1 and V2 are shared between two family members. I would like to ensure that if one family member's password was compromised, that it would be more difficult to access the passwords in the other vault.
To solve this problem, I would probably add two options in the preferences:
- Require passwords for all vaults when 1password is restarted? (y/n)
- Unlock secondary vaults with primary vault password? (y/n)
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @MarkWieczorek!
Our security team wrote a summary of the technical process in our white paper, section Local client Master Password has control of other account Master Passwords.
In the meantime, I have let our developers know about your suggestions :+1:
ref: dev/projects/customer-feature-requests#61
0