Archive during a resignation
I'm leaving my job in a few weeks, and they don't use 1Password, but since the password system they use is terrible I have been my personal (family) 1Password account to store work passwords.
I obviously need to delete all work related passwords - however I also don't want my employer to lose those passwords, especially since some of them might not be stored elsewhere (they should be, but their system is terrible and I'm not making that assumption).
What is the best way to securely archive passwords? It's about 50 passwords and I have them in a separate vault.
1Password Version: 8.9.8
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Comments
-
I would ask my boss what to do.
If he says that do what you want, or if he orders something that makes the passwords get lost, put the passwords in the "terrible" system. It's what your employer provides for password storage, so you use it. If it breaks, it's the employer's fault.
If there is still danger the passwords get lost, print them on paper, put them into an envelope and give it to your boss/to some secretary who has access to a physical vault and tell them to put the envelope there, just in case.
If this is not possible, give the envelope with the printed passwords to your boss. It's his problem now.
If your boss orders you to put the passwords into an Excel sheet and put it onto some shared filestorage, do it (after you tell him that's not secure).
After all, it's company property. And if the company stores passwords insecurely and you did everything possible to store passwords securely (but in vain), you did everything you can do.0 -
My boss isn't qualified to answer that question.
I'm not doing anything that involves printing out passwords (seriously, some of them are 2048 bit encryption keys... you expect me to make someone type that reading from a sheet of paper?).
An excel spreadsheet would be worse, since it will be backed up 12 ways to Sunday and any one of those backups might be compromised six years later handing people critical credentials.
At this point, it seems like the only thing I can do is export my entire account including a thousand or so passwords that are not work related, then import it into a different password manager, hope it doesn't screw anything up, delete all the passwords that aren't work related, and finally export that to an encrypted vault. Sounds like a good 2 hours of work and it may not be successful — is there really no other option?
0 -
I would place the passwords and work records in a vault, export your account data, and use the onepux converter in the mrc-converter-suite tho create CSV files for the selected vault(s). This converter has an option to specify which vault to be included in the export.
0