avoid the ability to see the password (different user rights)

Options
roebi
roebi
Community Member
in Mac

Hi. I am the owner of a small company and my employees needs the access to many different websites (ex.: istock.com, amazon.com or icloud.com). Synced "1password" is good thing ... but ... the whole staff is still able to see (and note down) all the passwords. That means, that i have to change every password, each time someone is leaving the company.

It would be great, if there would be a "master-master"-password with the ability to edit and see the passwords and a "master"-password with witch access you just could use the passwords (without seeing them).

Is there such a development planed for the future?
Or already a (unknown) solution for my request?

Robby

Comments

  • littlebobbytables
    littlebobbytables
    1Password Alumni
    Options

    @roebi‌ I'd actually say you're already performing the only viable solution and that's regardless of how you manage the passwords. The only safe route is to reset all passwords each time somebody leaves the company. The key is to limit each person to only those passwords they need so as to reduce how many need changed in the event of somebody leaving.

    Thing is, as long as a password is being entered into a browser then there is no way to stop somebody from discovering said password. I had a javascript snippet saved when I used Opera for this exact purpose - to recover a password I'd forgotten but that Opera had stored and running a snippet is easy. The snippet was simply a bookmark making it probably impossible to stop. I think having the option for what you ask would lead to a false sense of security whereas at least right now you're aware of what you need to do. You might disagree with me, it's merely my thoughts on the matter.

  • Megan
    Megan
    1Password Alumni
    Options

    Hi Robby ( @roebi ),

    Thanks so much for considering 1Password as a solution for your business! At this time, 1Password is largely a consumer-based software, so we don't have the fancy type of read-only access that you're suggesting. This is definitely something that we are considering for the future, but unfortunately I can't say anything more specific than that right now.

    As @littlebobbytables‌ says, using this set-up, you would need to reset a few passwords once an employee leaves the company. We've got an article about vault sharing that could help explain things a bit more: Revoking access to a shared vault. Hopefully 1Password makes changing the passwords on your Logins as painless as possible when necessary. :)

This discussion has been closed.