How to deal with shared administrator accounts that require MFA?
Hi!
We're currently evaluating 1Password for our startup and definitely love it so far!
I have a question surrounding the best practices for shared administrator accounts. I think it would be the best approach that e.g. all founders have access to the administration logins through a shared vault. However, some of these accounts might require MFA (e.g. AWS Root Accounts, Stripe.com, etc.).
What is your recommendation or best practice to deal with these accounts? Does it make sense to add these to a shared vault or should we rather place them in the individual vault of the person with the connected MFA? Would you even recommend disabling MFA for these types of accounts to have them shared among a team?
Kind regards,
Peter.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @peterjuras - I'm glad to hear you're enjoying 1Password Teams :smile: Great questions! You can definitely add the logins under a Shared vault so the other Admins/Owners will have access to this data in the event someone leaves the company. This would serve as a safety net so the other Admins/Owners will be able to access this under the Shared vault. If the items are placed within a Private vault, if the Admin leaves the company and they are removed from the Teams account, this data will be deleted as well. I think having the items in the Shared vault will be a safe bet. I hope this helped and please feel free to let us know if you have any additional questions. We're always here to help.
0 -
Hi @peterjuras - My apologies, I realized I didn't address your second question. If you plan on using a shared Admin account and want MFA enabled then you should add the MFA to 1Password as well to make things a bit easier. I hope this helped and keep us posted with any further questions.
0 -
Thanks a lot for your answers Frank! They help us to organize our shared MFA accounts now.
0 -
On behalf of Frank, you're very welcome. Let us know if you have any more questions.
Rick
0