1Password for Families
So I just read Dave's newsletter, and got excited about using "for Teams" for my family. I started setting it up, it's got a lot of bells and whistles and controls that seem unnecessary for family use, but not too bad. But then I happened to see the page that said it'll be 4.99 a month per user. That made me sad. Me and my wife, 4.99 a month means 120 bucks a year! And then when my two boys get a bit older, that jumps to 240 a year!
Then i got super sad, because I had figured one day this would be solved by multi-vault iCloud syncing. But now I think it seems like AgileBits would be unlikely to ever implement multi-vault syncing for iCloud since for more advanced users they can just ask they move over to 1PfT.
Hrm.
So here's my idea AgileBits (if you're listening). Implement a lighter-weight feature set of Teams called "for Families" and charge something that seems a bit more reasonable for a family. How about 4.99 for the whole family?
I'll keep going, since i'm on the roll. So what's the lighter feature set? Only automatic groups, 1 for adults, 1 for kids. Then only 1 Vault per user, 2 Shared vaults, (not counting the All Vaults). Remove all the fancy permissions settings, just basically have shared and not shared. Parents can access kids of course, but not the other way around.
I dunno how much of a market there is for this. There should be a huge market for it, since more families should realize how dangerous their password strategies are. First they need to know they even need a strategy, then realize how bad their default behavior has been thus far. I go a cringe when my wife sends passwords to me in clear text through email or text messages. I go a little crazy when she asks me to do the same...
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Couldn't have said it better. I was intrigued with the thought of setting up teams for my family. As my kids are becoming teenagers, I have found the need to share and store passwords securely between them.
I just signed up for the beta, but then I looked at the pricing and thought the same thing. Two parents, 4 kids, $360/yr is too much. There is a price point where it makes sense for the family, but don't need the full functionality that a workplace would need.
I do like the product a lot. I can tell that a lot has gone into it. I think a slightly tweaked offering, could make sense for a lot of families.
0 -
You can use dropbox for multisync vaults, so unless the feature will be droped there is a cheap solution for us as private user. I use it this way since a long time. Anyway I would even pay a bit to ensure cashflow for agilebits and so be sure 1password stays a live for me. But 5 bucks per users is really to much, especially cause i already bought 1p for iOS and OS X.
0 -
Sorry, I specifically meant syncing different vaults with different users or sharing across users. maybe I could tape something together but I'm not really a fan of Dropbox and I have to reason to share an account with my wife just to try and get password syncing to work. Even then, we would all have equal access and no private vaults, etc.
Teams is really the perfect platform. It's just about features and price.
0 -
Hi @instanttim,
Thanks for writing in. We love getting this kind of feedback. We agree that in its current form, 1Password for Teams has more complexity than the average Family scenario needs. We wanted to have people start looking at Teams with an eye for using it for Family so that we could start getting feedback on where there is too much complexity, which features could be trimmed out, etc...
We have a lot of families using 1Password, and we'd really love to see that number grow. The simplified setup of Teams would benefit so many people, it becomes a breeze to administer, and offers a lot of things we've never been able to do before. But we understand that pricing is a major component to this.
The pricing for families hasn't been finalized yet. There will be a newsletter and blog post that should be rolling out at some point in February that will have more information about what we plan on doing for families and it should contain more details with regards to pricing.
I hope this helps.
Rick
0 -
Great to hear! And I love that you guys read and respond in the forums. As you continue to make services and products, I promise I'll continue to pay for them to support you. You're good people. ;)
0 -
Thanks for the kind words, @instanttim! :chuffed:
0 -
I agree. I would love to use 1Password for Teams for my family, but the prizing is just too much for me to use it.
I don't mean it should be free, but a different prize model for family use would be nice. I'm happily to pay for it.0 -
We hope that when we announce official pricing for families that it meets your expectations, @rgruyters.
Cheers.
Rick
0 -
I just set up a Team for my family (just my Wife and I). I'll certainly be paying attention to see what you announce regarding that.
On that note, one feature that I think makes sense for families (but maybe not for corporate teams) is to have some way for Team Owners to actually gain access to the "Your Vault" for members. The idea here is that if e.g. I'm hit by a bus, I want my wife to have complete access to all of my passwords. I think this could be accomplished today by creating a shared vault per member and only giving that member access, and then using just that shared vault, because owners could then grant access to that vault to themselves if needed. The problem there is everybody automatically gets a "Your Vault", and with this new setup, you'd want to actually get rid of the "Your Vault" entirely.
So I guess I'm asking for one of two things:
- Allow Team Owners of Family teams to gain read access to individual members' vaults somehow. This could even just be a web feature (e.g. part of the admin console), but I think it actually makes more sense to just treat "Your Vault" as a shared vault with 1 member so owners can simply add new members if needed.
- Alternatively, allow Team configuration to simply disable the "Your Vault" vault for members, thus forcing all members to use shared vaults (or to store their vault outside of the team).
It's possible this could be desired for corporate teams too (e.g. Jane Q. Programmer leaves the company for a better job elsewhere, and the company wants to recover any company-related passwords she was using; this assumes that members of corporate teams aren't storing personal passwords in the team, but the team documentation already discourages doing that), but I think it's more obviously acceptable for Family teams (e.g. Dad should be able to get at little Bobby Tables's passwords if necessary). This feature could also email the member if the team owner gives another member access to their vault.
FWIW, it occurs to me that corporate teams can already kind of do this for departing employees, since they presumably have access to the employee's corporate email, so they can Recover the account that way. Alternatively, assuming it doesn't do this already, deleting a team member might want to allow the owner access to the member's old vault. Either way, this makes the requested feature even more Family-oriented, because in Families the parent may not have access to their spouse/kid's email, and there are reasons why a team owner might need access to a personal vault where the member isn't being removed from the team.
0 -
Hi, @kballard. Thanks for all the great feedback!
We definitely plan to implement this ability in the future, most likely for both families and regular teams. We don't have a fancy term for it, but in our discussions we've been calling it "account takeover". Basically, the same way an admin can help someone recover access to their account, the admin could instead take over the account, transferring access to the admins or whomever.
This would solve the problem of an employee exiting the team or a family member suffering an accident. I don't have a timeline for this feature to be implemented, but it is definitely on our radar. We've also considered the possibility of letting admins disable "Your Vault"s for members.
Thanks again for re-enforcing these ideas!
0 -
To clarify, I want some way for a family team owner to gain access to a member's vault without actually taking over the whole account. If a family member suffers a non-fatal accident, then you don't want to take over their account, but you may still need to get access because they're not in a condition to do anything for a while (for example, maybe they're in a temporary coma).
0 -
For teams i think that doesn't necessarily make sense. It would be a violation of privacy, and discourage people from using their vaults for personal items -- which in the long run would be a poor choice. But it seems like in the case of families you would think that you could just simply grant admin access to "your vault" to your other family member(s). They won't look at it day to day since they have no reason, but if ever needed, they could. Or make it so that if a person is removed (dies etc) then their vault can be converted to a normal vault that admins can access.
0 -
Thanks for the clarification, @kballard. That is an implementation detail we can consider as well. We haven't finalized how it will all work, so this is a good time to make sure we've got everything on the table. :)
I've added your comments to our internal discussion of this issue.
0 -
@instanttim, on the contrary, we have tried to make it clear that any data stored in a team account is the property of the team owners (those paying for the account). Team members should not store personal items like credentials for social media or bank accounts in their vault on a team account. "Your Vault" is intended for team-related information that pertains only to the team member.
There are probably many ways we could approach this, and perhaps the solution for families will differ from our solution for teams.
0 -
Ah. Okay. That's fine too -- it's your call ;)
0 -
Haha, thanks for your understanding. :)
0 -
After discussing this with my wife, I now have a more nuanced belief for how 1Password for Families would work in an ideal world.
Basically, my wife has certain logins that she explicitly wants to prevent me from ever gaining access to, except perhaps in the event of her death. This is the sort of thing that she'd normally keep in a safety deposit box with instructions to authorize me if I come to the bank with her key and a death certificate. These logins are things that she has access to but doesn't have the right to grant anyone else access to, such as the login for her parents' bank account.
Based on that, I'd recommend the following: Every family member may optionally have a "Your Vault" that cannot be accessed by anyone else (short of taking over their email address and initiating recovery on the account, or deleting (not suspending) that member from the team). Whether a given member has a "Your Vault" is controlled by the team admin; if a member has no items in their vault, the team admin can remove it, and the team admin can add a Your Vault to any member, but once a member has added any items to their vault it can no longer be removed (because there'd be nowhere to put those items). This way my wife can have her Your Vault for the items that she doesn't have the right to share access to, but e.g. kids can be set up not to have a Your Vault and instead to use a shared vault.
0 -
Hi @kballard,
Thank you for sharing how you and your wife would like to use teams. I think we're all still trying to figure out the best balance of vaults that would work for our company and family environments. You're right that families and companies would have different expectations for people's individual vaults and it's one of the tight ropes we're trying to balance.
I'm not sure I understand why removing the individual's
Your Vault
vaults would be necessary so I'd appreciate you elaborating there. You mentioned kids vaults is your example and in some ways I can see why you would want this, but as you said, in the worse case scenario you could simply initiate recovery on their account to gain access.The biggest problem we need to protect our kids from is weak passwords and password reuse, and to do that, we need to make 1Password as approachable as possible to every user, including kids. Now, I'm not saying that
Your Vault
is critical to keeping 1Password simple, but it is a customization that when combined with many other examples will add up to a more complex system that will be harder for people to use and understand.For families I think we need to simplify things even further. Perhaps removing
Your Vault
would help, but I personally don't think so as I feel everyone on the team needs their own place to call home. Given how easy it is to move items from one vault to another, it's not a big deal if your wife or kids store a login in the "wrong" vault. You just have to mention that you need access to the item and suggest they move it to one of your shared vaults.Again, I'm not saying "no" or otherwise. I'm just trying to talk things through to see if we can get a better understanding of each other's thoughts.
BTW, @instanttim, I agree with you completely. Having a special 1Password for Families plan would be awesome. In my original newsletter draft I had included an entire section introducing a fantastic announcement about special pricing for families that I know you'll love. At the last moment Sara convinced me that we weren't quite ready to make this announcement as there are several things on the website we want to finish first. My plan is to finish these things up and include this awesome announcement in the next newsletter. Stay tuned! :)
0 -
The basic idea behind my suggestion is that if I am legally responsible for someone (e.g. for a kid), then I should optionally, at my discretion, have some mechanism by which to gain access to their vault that doesn't require taking over their email address. I'm mostly thinking here about how to manage this for younger kids (as older kids would have more need for privacy and would therefore want their "Your Vault").
Of course, as I said before, this is mostly just how I think it should work in an ideal world, and I'm sure other people have conflicting ideas about how things should work, so I don't really expect the final solution to perfectly match my comments.
0 -
I see what you mean now, @kballard. Thanks for clarifying.
One thing you could do today is change your children's default vault for saving new logins to be a shared vault. You can do that on OS X in the Preferences > All Vaults window, as shown here:
You could change the default vault to a shared vault that you have access to. Once set, your kids will likely never change it and so you'd get most of the way to where you want to be. You could also remove
Your Vault
from the list of vaults included within All Vaults. This way if they ever accidentally save an item to their own vault, they wouldn't be able to (easily) find it while browsing and so they'll naturally want to fix that.It's certainly not exactly what you are asking for, but I think it would get you pretty close to your goal. Longer term we very well might allow disabling of individual vaults for specific team members.
Oh! I almost forgot one other thing that you might like. You could invite your younger children as Guests. Guest users are special in that they can only have access to a single vault, and they do not receive their own individual vault. Now to be completely honest this would be bastardizing what the Guest feature was created for, but it does have some of the attributes you're looking for. Of course, it would be odd to have your children labeled as "Guests" within the UI :)
Cheers!
0 -
Loving it so far! A few feedback items:
- Like other people, I set up vaults for my kids that I can see and then set their "defaults" to the new shared vault. But the Personal vault is just there... unused. I'm sure someone will accidentally use it or install a new client and I'll forget to set the preference properly. If there was a "Parent" and "Kid" account type, then parents could automatically see and edit the kids personal faults -- the would be a cleaner method I think.
- Similarly, the automatic "Shared" or "Everyone" vault (name is between website and app) is a great default, but I wish I could change it's permissions or opt-out of it. I want to share things with my wife but don't want the kids to see. I had to make a new vault with exactly those permissions -- but like my kid's Personal vaults the Shared vault is just sitting there empty and unused.
- I can't seem to change my password anymore. I followed the geeky directions to clear my local primary vault, so now i have to use my longer better "team" account password but I can't for the life of me figure out how to change it.
0 -
Hi, @instanttim.
If there was a "Parent" and "Kid" account type, then parents could automatically see and edit the kids personal faults -- the would be a cleaner method I think.
We had a long conversation about this last week. First of all, it would be wonderful parents could see and edit their kids' personal faults. :smile:
Ok, typo aside, we are trying to figure out a way to provide options for parents of younger kids without turning 1Password into parental control software. We have several ideas, and we're still trying to figure out the best way forward.
Similarly, the automatic "Shared" or "Everyone" vault (name is between website and app) is a great default, but I wish I could change it's permissions or opt-out of it.
I believe we will be allowing the Shared vault to be deleted at some point.
I can't seem to change my password anymore.
In 1Password for Mac, if you open preferences and select the Teams tab, you should be able to select your team account from the list and click the Change Password button there to change your password for that account.
0 -
Heh, that's my best typo for the week, maybe month.
In 1Password for Mac, if you open preferences and select the Teams tab, you should be able to select your team account from the list and click the Change Password button there to change your password for that account.
I have no idea how i didn't see that. I think the missing button from the security tab just broke me... i looked at all the prefs and still somehow didn't see the button. Selective blindness.
With that said, I really think it should be in the 1Password (app) menu on the Mac. And it doesn't appear to be ANYWHERE on the website, which was particularly befuddling. When you log into a site, and there's a "profile" page, you really expect a password changing thing to be on there.
0 -
LOL! Awesome typo.
Correct; currently we do not have a way to change the Master Password via the website. That is definitely something we'd like to add in the future. I'll pass along the feedback re: making the option more clear on the Mac. :)
Thanks!
Ben
0