Can I share a vault with another 1Password user that is not part of my family?
If I have a 1Password family account and I have a friend who has their own personal or family 1Password account and we want to share a vault, can we do that?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Referrer: forum-search:share vault with other 1pass user
Comments
-
@Jon1993 You can invite your friend as a guest in your family or vice versa. Either way you get to share one vault.
https://support.1password.com/guests/
If you invite them to be a guest in your family then they will have two sets of 1Password account login details. However, the apps allow you to be logged into more than one account at a time. So there is no need for them to log-out/log-in to switch between accounts.
0 -
It seems pretty strange to me that there isn't better support for multiple paying customers to have the ability to share "cross" accounts more intuitively. Having native sharing between different 1Passsword accounts would also help increase the network effect of 1Password since if people you interact with regularly use 1Password and need to share information with each-other they would encourage people in the group that don't have 1Password to get it as well to improve interoperability.
I used Lastpass for years before switching to 1Password and one of the things Lastpass had that worked super well was the password sharing feature. If I wanted to share a login with another Lastpass user everything just worked how I'd expect it to. Friends who I worked on projects with regularly ended up switching to lastpass just because it made password sharing on projects easy.
0 -
@Jon1993 I agree it seems over-complicated to require additional accounts for sharing outside your family. I suspect 1Password chose this option because it avoids you needing to trust them with distributing encryption keys outside your family. 1Password's security is built on encryption, so you don't need to trust that they won't give access to your items to someone else. They cannot give access to your items to someone else because they don't have the encryption keys required.
I have no insight into how LastPass implemented that feature, but it must involve encrypting the shared item with a key available to both of you. For example, it could store two copies of your vault encryption key, one encrypted with your public key and one encrypted with the other persons public key. In that case, you are trusting that LastPass is only going to serve them the shared item as they have the encryption key required to decrypt your whole vault.
0 -
My assumption is that when you share passwords between accounts you locally encrypt your password with the other accounts public key and then only the encrypted version ever actually touches their servers and we still don't need to trust them not to share access (basically just end to end RSA)
0 -
@Jon1993 That would work for sending a password to an individual on a one-off basis. It doesn't allow two directional sharing or sync'ing their local copy to the latest changes in the vault. For that you would typically have a single vault key encrypted with each user's public key.
It's possible that LastPass gets around this by creating a separate shared vault with its own key for each combination of users with access to a particular group of items, but I have not seen them publish anything on this.
0 -
Hey folks,
Thanks for the feedback on this. I'd love to be able to say 'yes' here, but there are technical hurdles that have thus far prevented us from pursuing this functionality. I don't think it is impossible, but it would be a big lift requiring foundational changes to how we encrypt items. It may be something we can tackle down the line. For now I'd point to our Psst feature, which allows you to send a copy of an item to anyone (1Password user or not):
Securely share 1Password items with anyone
Or the guests feature, as rootzero mentioned.
Ben
0