Critical log feature missing

We currently enjoy 1P for Teams, but as far as I can tell there is one critical log feature missing that PassPortal has. We give substantial access to our team members to various credentials, but I would like to know if in fact the access is used. So maybe I've give a user access to view 1000 passwords, but if they only ever copied to clipboard or revealed 50, then those would be the only credentials at risk should the team member leave. Is there a way to have this activity log, or is this a feature request?

Grant


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @grantzobell! Thanks for the suggestion. Right now, 1Password Teams has the Activity Log, which allows you to see some major changes that have been made:

    Use the Activity Log in 1Password Teams

    It doesn't reflect item-level changes, but that's something we've been considering. I'll forward what you said to the team — this would be a handy feature to have bundled with the Activity Log. :)

    ref: B5-2275

  • thierrycoopman
    thierrycoopman
    Community Member

    I confirm this is a critical feature for us to consider using 1 password in our team.
    We have a server based password manager that handles individual users with the rights to log in, and manages the log who and when people access certain information. It also allows the user to motivate why he needs it.

    I understand this is not needed on all teams, but for example we consider some passwords or accesses to be reset to something else when somebody has used it. Basically we need to have some root/administrator accesses as a fall back, but nobody should use them. By setting them up with passwords that are not known and individual to every account, people are implicitly using the normal accesses to do their work that gets logged and addressed accordingly (per user). However, and this is also where 1password would shine for us, the worst case scenario is to have temporarily issues with the infrastructure that allows users to access. This means the local accounts need to be used, so this access needs to be logged, and the accounts need to receive an updated password after the incident.

    We would also have some alerting in place on access of certain passwords//

  • Thanks for the feedback. I'll let the team know you're interested as well. :) Having this on a vault or group level could be quite handy.

This discussion has been closed.