An update on the Recovery group?
Now that 1Password for Teams is no longer labelled as ßeta, at least in these forums, I was hoping we might have a clearer picture of the Recovery group, whose workings and interface have changed dramatically multiple times since the service launched. Alas, a quick tour of the web application and documents today revealed no improvements or new information.
Could we have some updated information on the officially sanctioned way for teams to add users to the Recovery group who are not admins or owners? If such an option is no longer supported (I believe there was talk of deprecating such a set up), could we be told officially? Are teams that added members to the Recovery group in the early betas, who were neither Owners nor Managers still safely set up for recovery?
I'm a little worried that this essential feature has been allowed to collect dust quietly in a corner… No doubt the cryptography that regulates it all is in perfect working order but what Admins see is far from clear at present…
Comments
-
Hi, @Deleted User.
We're actually right in the middle of some great changes for groups. We recently enabled the ability for teams to create custom groups in the Admin Console, and with that change we are no longer displaying the Recovery Group anywhere. In an upcoming update, you will be able to assign Recovery "ability" to any group you create, so you could create your own group whose only responsibility is Recovery, and they will not have the added features that Admins and Owners have.
Anyone who is currently a member of a Recovery Group will remain so, and will still be able to recover accounts. Since we're not showing the Recovery Group in the list of groups anymore, it isn't easy to remove members from that group, but if that's something you need to do, please let me know and I can help you out. I hope to have a migration soon that will get things cleaned up a little better.
0 -
Hello, @Rob! Thank you for letting me know… :)
I'm surprised that such a big migration has been undertaken without so much as a word of warning to existing teams, especially as it sounds like members could potentially remain subscribed to a group with Recovery abilities without future administrators being aware of it. When is the dust expected to settle on such big aspects of the Teams experience?
As an aside, will creating this new Custom Group, giving it Recovery capabilities, and assigning users to it require that passwords or account keys be changed? Since the Recovery system is heavily tied to the encryption that underpins 1Password, will users need to save new recovery information for themselves every time they gain or lose that capability for others?
0 -
Good questions, @Deleted User.
I hope we're able to get the remaining wrinkles in groups ironed out soon. I just recently have been able to shift focus back toward groups and the changes we've wanted to make for a while, so I'm looking forward to continuing to improve things there. I wrote up an issue today describing the migration for the Recovery Group, and I'd especially like to get that done in the next week or so.
No group management requires users to change passwords or account keys. The magic of recovery happens behind the scenes using keys that are never exposed to the user. Those keys are encrypted with user keys, directly or indirectly, and they allow the user to perform the other cryptographic operations needed for account recovery. Indeed, recovery ability has already been granted to the Owners and Administrators groups through a client-side migration, so someone who is only added to the Owners group is still able to recover accounts.
0 -
As always, thank you for these extra details, @Rob! :)
When you speak of client-side migration, does it include users launching 1Password on iOS and OS X or is it actually necessary for all users to log into the web application at regular intervals to ensure one benefits from the latest advances in your code base?
0 -
@Deleted User, it depends on the changes. Nearly all of the changes we make don't require anyone to sign in to the web app. Some changes only require an owner or administrator to sign in because they have the credentials needed to perform certain cryptographic updates. These are things that don't really affect the native apps, only administration features like groups. We've not currently made any changes that would require every user to sign in.
In the future, I'd like to get a system in place that will allow us to better keep track of migrations that have been performed and send notifications to users who should sign in to take advantage of the latest updates. We'll continue to improve there in the weeks and months to come. :)
0 -
@Rob, a system that informs users and administrators that they must log into the web app so that important updates are performed does not sound like something great to have in future: it sounds absolutely essential.
The 1Password client apps are all pretty great but the web app is, shall we say full of promise? It is highly unlikely that anyone would log into the web app if they can possibly avoid it. It sounds like the current system is putting users and administrators at risk by assuming they will log in regularly while nothing of the kind can be known for sure.
0 -
@Deleted User there's no risk here. The migrations that happen are not critical. If there were a critical migration that required people to sign in, we would definitely send a notification email stating so. We've only done a couple "lazy migrations" (meaning they happen whenever you happen to sign in) so far. They are nice, but they're really only nice for the people who actually use the Admin Console, so if you never sign in to the web app, you're not missing anything. I'm sorry I wasn't clear about that.
0 -
Thank you, @Rob, this does ease my mind… :)
0 -
On behalf of Rob, you're welcome. :) We're here if you need anything else, mate.
0