Feature Request: Access log

marc_hh
marc_hh
Community Member

Hi, I'm using and loving 1password in a "single user"-environment, but now I'm searching for a cool team solution. I want:

1password-like integration on every machine, mac and windows-based. Check!
sync between machines and users in the team. Check.
Access log for every single password - boolean value is enough. User xxx has seen/used this password or not)

Use Case: Team member is leaving the company; we now have to change many, many passwords. Of course, un-sync the vault is not enough as you say yourself on your website, as the user ALREADY know the secret.

So I want to see a list of all passwords, the user xxx has seen/used - these are are passwords I have to change and sync it against the rest of my team members.

What do you think?

kind regards,

Marc


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Megan
    Megan
    1Password Alumni

    Hi Marc ( @marc_hh ),

    Thanks so much for taking the time to write in with your feedback! You're right, currently 1Password is an app geared towards individuals. We'd love to make 1Password more useful for larger groups and teams though, so it's great to know what sort of features you think would be useful in such an app. Of course I can't promise anything, but I'll share your suggestions with our development team.

  • marc_hh
    marc_hh
    Community Member
    edited June 2015

    Hi @Megan ,

    thank you for your reply. Well then, you have asked for features we would love - you may get some ideas! :-)

    As an administrator (or vault owner) I want to be able to categorize passwords (e.g. belongs to project X) and sync passwords easy to project members. These may be very agile as team members switch to projects and then need all passwords belonging to this project). Together with the access log asked in my first post this would be a great improvement of the workflow. If it's necessary to put these in different vaults as a technical requirement, this should work with low effort for the "administrator" and no effort for the team mates (except some initial configuration when the user sets his workspace up FOR THE VERY FIRST TIME!). "marc_hh should gain access to project X." -> Syncing -> "Yeah! marc_hh, you now have access to Project X". :chuffed:

    Team Member is hopping to a project, getting access to all necessary credentials and can start almost immediately. And if team member will leave the company years later the log provides the information which passwords should be changed.

    Another cool feature, but very optional: Put some lifetime to credentials and remember the teammates to change the password when lifetime comes to its end. When one team member changes the password (on the related system and then in 1password) the changes will be synced to all team members, which nearly realize NOTHING about this password change as workflow works as expected.

    I'm working in a software dev company too, so I understand you can't promising features or timelines; but may be you have a qualified guess how long could such a team-1password-tool take until we may buy it. Actually, we have some discussions and decisions to make, if we wait and buy or build some kind of individual solution for ourselves...

  • Megan
    Megan
    1Password Alumni

    Hi Marc ( @marc_hh ),

    Thanks again, those are great suggestions!

    but may be you have a qualified guess how long could such a team-1password-tool take until we may buy it.

    Unfortunately, we have a policy at AgileBits to not discuss unreleased features. As someone who works in development, I'm sure you can understand - there are just too many factors involved in the building of a new feature, and we would really hate to promise something that eventually became impossible due to factors beyond our control.

    As I mentioned above, we would love to make 1Password more versatile for teams such as yourselves, and I've noted your thoughts down for future reference. :)

  • RichardPayne
    RichardPayne
    Community Member

    I'm working in a software dev company too, so I understand you can't promising features or timelines; but may be you have a qualified guess how long could such a team-1password-tool take until we may buy it.

    I don't work for Agilebits so I can tell you that what you're asking for is not small. You're talking about a completely new data sync structure to include user level priveleges and tracking, plus some sort of centralised management software. All of this would also need changes across all of the supported platforms too.
    I wouldn't suggest waiting for it if I were you. It will likely be years before something like this is implemented.

    Actually, we have some discussions and decisions to make, if we wait and buy or build some kind of individual solution for ourselves...

    Building a solution yourself is not recommended unless you're willing to sink a lot of time and money into making it secure and then keeping up with the security industry to ensure that your solution stays current. It's really not a small undertaking.

  • marc_hh
    marc_hh
    Community Member

    Hi @RichardPayne ,

    I know this - but as we have a need for the given points there are only two solutions: Buy or make. I total agree that "buy" is more likely the better option, so the final quest is to find a solution which fits our needs. Do you know one?

    Thanks,

    Marc

  • RichardPayne
    RichardPayne
    Community Member

    Unfortunately I don't but then I've never had the need to look seriously.

    From the scale of what you described, I'd have thought that most of logins would be for in house systems, in which implementing a proper SSO system would seem like a more sensible way forward.

  • marc_hh
    marc_hh
    Community Member

    No, is not. :-( Most logins are logins to customer sites (which we may change, but we need to track down, which team member has knowledge about)

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited June 2015

    @marc_hh: I'm sorry that we don't have a solution for you right now! If we were to explore something like this in the future it would certainly be quite an undertaking, but knowing your specific needs is invaluable when it comes to making decisions going forward -- both for new features and new products. Thank you for your support, and the great feedback! :)

This discussion has been closed.