Securely deliver credentials to a client (non-1Password user)

Say my company did a job for a small business. Over the course of that job we setup a number of email accounts, on-premise servers, and some cloud services for them. Our team has used 1Password to store all of those credentials in a vault for that project.

How do you suggest we securely deliver credentials the client? Presume that they don't and won't have a 1password account. We can't ask them to sign up. We can't spend the time to support them through that process. They need a simple, non-technical, user friendly way to receive the credentials.

Obviously, I don't want to export a PDF/CSV and email that in plain text file to them. I don't want to use something like https://onetimesecret.com/.

It would be really useful if you guys added something so we could deliver the contents of a Vault to somebody with a link and a password. Is something along those lines possible, or on the roadmap? Do you have any other suggestions?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @nsa_dc,

    Right now there's nothing in 1Password that would make that easy and convenient. A few things that come to mind as possibilities:

    1. S/MIME based email. If they're using secure email you could send them an encrypted email with what they need.
    2. An encrypted disk image with a password that you share through some other way.
    3. iMessage or another end-to-end encrypted messaging system. iMessage would only be suitable for small amounts of data.

    I really like your idea of a way to deliver a vault to someone that's not a 1Password user based on simply a password. Technically it may be possible. I think what I'd prefer seeing is a way for you to be able to do an encrypted export so that the file that's protected by only a password is in your possession and not ours. We don't like the thought of holding data that's only protected by a password, as evidenced by the fact that we have that Secret Key. :)

    I hope this helps.

    Rick

  • DariusR
    DariusR
    Community Member
    edited November 2017

    I hope its ok mentioning this. It seems unlikely that it could be considered a competing product.

    @nsa_dc I've found Encryptr ( https://spideroak.com/encryptr/ ) to be really useful for this. In fact, its not really useful or worth trusting for anything but this. Secure and a great proof of concept however.

  • nsa_dc
    nsa_dc
    Community Member

    Thanks for the suggestions. Yeah, we do a lot of credential delivery so this is a regular issue for us. I feel like in this business climate this is a common problem and there should be a really good solution - I just haven't found it yet.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Indeed, that's really interesting, and a different use case than we normally see. I'd love it if 1Password could serve that kind of function in the future though. :)

This discussion has been closed.