USER MANAGEMENT & GOOGLE DRIVE

oscarrsm
oscarrsm
Community Member
in Mac

HI Guys,

I like to introduce 1Password in my organization that has over 20 people.
I have only one problem, all can modify the entries and there aren't restrictions like READ ONLY feature.
This is a problem.

I saw that now dropbox allow this kind of feature, do you think it can be compatible with 1password?

Do you think we will have soon a user right management?

Other thing, how is the status of google drive integration?

thanks for now
OSCAR DALVIT

Comments

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @oscarrsm‌

    Like yourself I noticed recently that Dropbox was offering a read-only feature with their Pro subscription. Such a feature (in relation to 1Password) would stop changes being synchronised back to the Dropbox agilekeychain but I'm afraid to say it wouldn't stop people altering the entry and those changes being stored locally.

    If the goal is simply to stop changes from one unauthorised machine propagating to others then this may be sufficient for your needs.

    This isn't the first request I've heard for access controls but the tricky part is if we were to do this, how to do it properly.

    Here are just the two issues I have thought of in the past.

    1. Any login credentials supplied to a browser can be revealed by a simple piece of JavaScript. I couldn't write the JavaScript myself but all a person has to do is be able to copy it from a web page and add it as a bookmark to their browser. That means requests to disable viewing of a password are moot if your browser is willing to give it up.
    2. If whatever site you're logging into allows you to alter the password then anybody with access to that password can change it at their discretion. Then you end up with the situation where the distributed password is wrong.

    Maybe better minds than I can come up with solutions as I'm not sure how you can combat either of these when they both occur in something as general as any web browser.

    This isn't to say we're not listening to our customers when they ask for these kind of features, it's just if they were to be implemented it has to be in a way where we don't create a false sense of security.

This discussion has been closed.