Too many items in browser extension with multiple browser profiles

gabbsmo
gabbsmo
Community Member
in 1Password in the Browser

Our team use Microsoft Edge with multiple profiles. At least one for each Microsoft 365 organization where we do consultancy work.

While we can limit what vaults are selected for each profile, new vaults are added to all profiles as we get more clients. Would be good to be able opt out of this behavior as continuously cleaning up the selected vaults in each profile get tedious.

Another one is I miss some possibility to limit the scope of my Employee vault for each browser profile. This is needed in the case that a login must not be shared with the rest of the team, for example when account sharing is forbidden by our agreement with a client. One idea is to allow users to create additional Employee vaults for themselves.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • Dave_1P
    Dave_1P

    Hello @gabbsmo! 👋

    Thank you for the feedback! I've filed a feature request on your behalf to add the ability to prevent new vaults from being automatically added to 1Password in the browser if you've chosen to only have certain vaults appear.

    Another one is I miss some possibility to limit the scope of my Employee vault for each browser profile. This is needed in the case that a login must not be shared with the rest of the team, for example when account sharing is forbidden by our agreement with a client. One idea is to allow users to create additional Employee vaults for themselves.

    Could you clarify this a little more? You and your colleagues can create additional vaults that are not shared with anyone else. By default, additional vaults can only be accessed by the creator of that vault unless the sharing permissions are changed for the vault in question.

    -Dave

    ref: PB-44880045

  • gabbsmo
    gabbsmo
    Community Member

    Hello @Dave_1P,

    Sorry about the late reply.

    You and your colleagues can create additional vaults that are not shared with anyone else. By default, additional vaults can only be accessed by the creator of that vault unless the sharing permissions are changed for the vault in question.

    While this would technically work, in the case that we put logins to client organizations in our employee vault, it is to explicitly make them unavailable to anyone else, including administrators. In these cases there is usually a contract signed between the client and the individual consultant.

    My understanding is that yes, an administrator could create more vaults and limit their permissions. What is not possible, is for any employee to create additional employee vaults. For my needs it does not necessarily have to be a vault though. Any kind of filter in addition to the selected vault in the browser extension would be helpful, e.g. "employee vault" + "some tag".

  • Dave_1P
    Dave_1P
    edited January 10

    @gabbsmo

    Thank you for the clarification! I don't believe that I've seen that use case before, where an individual employee would need to hold corporate information separately from the employer themselves. In most cases, employers tend to want more insight into the Employee vault, not less. It's also worth mentioning, that an administrator (or a user who has permission to recover accounts) who can also request access to an employee's email account can gain access to the Employee vault:

    "Team members with permission to recover accounts can gain access to your Employee vault and all the items saved there. To do this, they would recover your account, request access to your email address from the IT team, and use the recovery link to create a new Secret Key and account password."

    In any case, I've shared your comments and request with the team and filed a feature request to have the Product team look into giving users the ability to create more Employee vaults in the future.

    -Dave

    ref: PB-45448528