Family Orgainzer able to delete users private vaults
What is the status of this? Was reading this thread and want to know if there is any progress toward providing a pathway for deleted users to keep their private vaults?
I see this as a major flaw, and something that should be a priority to solve. As it is 2023, is there a plan? Does this work differently now, and I just don't know the features? (I am a new user convert from LastPass Families)
Thanks!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Referrer: forum-search:Converting LastPass Family to 1Password Family account
Comments
-
Hello @rallyn1password! ๐
The family organizer of a 1Password Families membership has the ability to do, among other things, the following:
- Invite new family members
- Remove existing family members
When a family member is removed from a 1Password Families membership their Private vault is deleted and they'll lose access to all shared vaults, you can read more about this here: Add and remove family members
It's important that, if you do join a 1Password Families membership, you trust the family organizer. Otherwise it's better for you to start your own account whether that is a family account or an individual account.
Was reading this thread and want to know if there is any progress toward providing a pathway for deleted users to keep their private vaults?
It's certainly an interesting idea to give removed family members the chance to setup their own accounts before their vaults are deleted and I've let our product team know that this is something that you'd like to see in the future. ๐
-Dave
ref: PB-30754829
0 -
Dave,
It's certainly an interesting idea to give removed family members the chance to setup their own accounts before their vaults are deleted and I've let our product team know that this is something that you'd like to see in the future. ๐
No disrespect, but this need has been voiced by users for years now. Is this on the roadmap or not?
I am having to tell every one of my Family account users that they are agreeing to be in this situation where any Family Organizer, and there will be multiple for account recovery safety, could delete their account by mistake and they would lose everything. The idea of paying for a second subscription is quaint. Why would I want two personal vaults, or the added expense, all just to protect against accidental deletion of my personal vault? (What, that is not a feature? is the response I get.) In my situation it is not a trust issue, but a user mistake issue with huge consequences.
Please let me know if this is on the product roadmap. If it is, please bump this up the priority list. If it is not, can you explain why so I can make a decision if we all stay with 1Password?
Thanks,
- Robert
0 -
We tend to keep things close to the chest and we usually don't pre-announce features so that we don't disappoint folks if there's a delay or those features don't actually make it to release. I personally think that a mechanism to allow removed family members the chance to spin off into their own account before their vault is deleted is a good idea and I'll continue to champion this internally.
If you have family members that are concerned about the family organizer arbitrarily or maliciously removing them from the 1Password Families membership (and deleting their vaults) then them setting up their own separate account is the best option at the moment.
-Dave
0 -
It is absurd that this is still not possible from a company that touts security. I understand losing access to a private vault if a family organizer decides to suspend the user, they are paying for it after all, but not having a mechanism in place for a family member who is suspended to spin off their private vault is borderline criminal. The things we store in a password vault are incredibly important, and sometimes unrecoverable. For example, I have a bunch of 2fa codes for logins stored in my private vault. If for some reason I lost access to that vault I WOULD NOT be able to recover those accounts via a password reset. They would be gone forever. Nobody other than the owner of private vault should have the power to take that away, not even someone they trust with their life.
0 -
Thank you for the feedback, I've passed it along to the product team. At the moment, using an individual account sounds like it would fit your threat model the best since you would have full control over your account and wouldn't have a separate family organizer.
-Dave
ref: PB-31209440
0
