How do I Sync certain Vaults over WLAN to my kids iPads/iPhones, but not all Vaults?
hi Agile Bits team
I have multiple Vaults: a "Primary" Vault for general family use, my own Vault for specific passwords relevant only to me (the "Dad Vault"), and a Vault for each of my kids (each a "Kid Vault"). I currently use WLAN syncing between my MAC and iPads/iPhones. I have traditionally synced all Vaults (Primary Vault, Dad Vault and each Kid Vault) to all iPhones and iPads in the family so each member of the family (including the kids) has had access to all Vaults, and WLAN syncing has served me well in that respect.
Our license setup is:
- I purchased a 1Password license on my Mac (now version 6.8.5), and 1 iOS license (now version 7.0.4) for my iPhone/iPad, and I also purchased Pro Features
- I shared 1 Password on my iPad to each kid and purchased Pro features on each kid's iPad using each kid's own AppleID
However, the kids are now starting to want a bit of privacy from each other, and I too would prefer not to sync the passwords contained in my Dad Vault to their devices in case they lose one of them (let's face it - they are more likely to be careless).
As your note at https://support.1password.com/sync-options/ regarding WLAN server syncing suggests, I do not want my data to leave my local network because I just do not trust the internet-based options. No need to send me all the details of how secure the internet based options are (ie 1 Password Family Account, iCloud or Dropbox), I've read up on those. I just can't get comfortable with my passwords floating around in the internet aether - Spectre, Meltdown and the Russians hacking Hillary Rodham Clinton and the US Government, all give me the heebie jeebies.
So, I would like to limit the Vaults that are synced to each of the Kids - each kid should only have access to his own Kid Vault. Is that possible over WLAN syncing? I've tried everything but can't for the life of me seem to be able to work it out. I understand there is a limitation that the Primary Vault has to be synced, but I can live with that because I could simply move my private passwords into my Dad Vault, so long as I can stop syncing my Dad Vault to my kids' iPads/iPhones.
I would be hugely grateful for any help - I've loved using 1Password over a number of years and would hate to leave the platform, but if it is not possible to continue to use WLAN syncing in my family in the way I need to do so, that would be a significant limitation for me and probably push me to look at other options.
Kind regards
Password1TheSalt
1Password Version: 6.8.5
Extension Version: Not Provided
OS Version: OS X 10.13.2
Sync Type: WLAN
Comments
-
@Password1TheSalt: Thanks for reaching out. I’m sorry for the confusion! WLAN Server doesn't support sharing; rather, it's designed expressly to sync the Primary vault and others to all of your mobile devices. There isn't a selective sync option, where you could have different "groups" of vaults for different devices. There is one way you might be able to accomplish what you're trying to do with WLAN Server, but given that it isn't designed with this in mind, it's kind of a pain, so I'd encourage you to evaluate if this is something you really want to do, and if there isn't a better option — for example, 1Password Families or Dropbox, both of which support sharing individual vaults selectively.
WLAN Server must sync the Primary, as you noted. So the only two options with that would be to have everyone use the same Primary vault (and therefore Master Password), shared between the three of you (you and two kids?), excluding your own secondary "dad" vault from the sync, or to setup two different computers to sync with each of the kids similarly, but so that the two of them would not have to share data.
I do not want my data to leave my local network because I just do not trust the internet-based options. No need to send me all the details of how secure the internet based options are (ie 1 Password Family Account, iCloud or Dropbox), I've read up on those. I just can't get comfortable with my passwords floating around in the internet aether
Even if there were other options for you (there aren't — what you're trying to do isn't possible), I'd still need to touch on this, bold for emphasis. I can't stress this enough: nobody's passwords are "floating around in the internet" if they're using 1Password, regardless of what, if any, sync method they use. Were that the case, we wouldn't use 1Password ourselves!
You specifically mentioned reading up on security details, but your comments make me wonder what you were reading and if we've explained things poorly, because that couldn't be further from the truth. Your 1Password data is end-to-end encrypted, so 1Password simply doesn't depend on the sync service to protect your data. So, while I respect that you may choose to keep your data within your local network, the reality is that 1Password works differently than the way you seem to think it does. To sum it up:
- Your 1Password data is encrypted locally on your device
- Only encrypted data is transmitted
- Only an encrypted blob is stored
- Your Master Password is never transmitted
You probably think I'm talking about 1Password.com or something here, but this applies to WLAN Server, Dropbox sync, and even the 1Password extension you probably use in your browser. It sounds like security is your chief concern (as it should be), and frankly it's ours as well. Otherwise we wouldn't use 1Password.com either! There's a lot more detail in our security white paper (which is actually a really fun read, even if you're not into cryptography), but hopefully that helps clarify things. What you're trying to do just makes things inconvenient for you without offering any security benefit. With 1Password, you can have it both ways.
Anyway, be sure to let me know if you have any other questions about any of this! :)
0