Procedure for terminated employee
I'm trying to figure out what the procedure would be for when an employee is terminated. They've just gone off to the conference room where their being told they're getting canned. I have admin rights on their computer (on a different user account), and access to their email.
They could have set their master password to be whatever. If I quickly put their account into recovery, then access the email for the recovery process, can I lock them out of their account? The goal isn't to just lock them out, but have access to their "your vault" which may have important passwords that the business needs to keep after their departure.
Is there any way for an admin to do this without needed to impersonate them via their email? What happens regarding the 1Password app on their phone?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
If you have access to the email then you will be able to use the Account Recovery to get access to all employee's vaults, including "Your Vault". After the account recovery is completed, all client apps will require re-authentication with the new password and account key.
We are also considering adding the "Account Takeover" feature that would allow the member of the recovery group to take control over the vaults. It will be irreversible and we'll have to think about how to prevent the potential abuse as it would grant the recovery group a lot of power.
0 -
This content has been removed.
-
@roustem: +1 on the account takeover feature. I'd say that for a company, its reasonable to expect that the admins would be able to see your stuff. Maybe make it a toggle-able option. Or maybe I'm a little too nosy/big brother-y. :)
EDIT: I phrased this really really badly. I meant that I support an account takeover feature. I was saying that I believe that it's reasonable for admins/members of the recovery team to take control of any account.
0 -
Thank you for clearing this up!
0
