Another Master Password?

I recently got invited to the beta, and was promptly met with a screen asking me to choose my master password. I was under the (possibly mistaken) impression that I could use my existing personal vault master password to unlock my team vault. I really don't want to have to remember another master password. I already have three other reasonably complex passwords that I can't store in 1Password that I need to remember, and I'm not eager to try and add a fourth complex password to the mix and hope to reliably remember them all.

So, fellow beta testers, am I under the wrong impression? How is everyone else managing their multiple 1Password Vault, PC, Phone, Tablet, Dropbox, and Google/Microsoft (etc.) passwords?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • In1password and Agile I trust.:-) So there is no need for me to choose a different MP.
    I use 1p4t for all my passwords now, so I use my MP.
    Only new Risk with 1p4t is that if a hacker gets the 1p4t webserver, he could exchange the zeroknowlegde webclient against one with a keylogger.
    But if this unlikely risk would happened he would have my hole passeords anyway.

    After above said, I said as always It depends. It depends on your own requirements.
    If you still want/need a locale Vault, you should use different Mp's.

    Just my 2 pence

    Ramdom

  • qwrenly
    qwrenly
    Community Member

    @EnerJi you and I obviously experiencing the same confusion, but I think I've worked it out... It does seem that the current desktop (Mac) client beta requires you have or create a personal account vault + master password (note: this one is always used to unlock the client application), before you are permitted to login to your Teams account from the preferences panel, for which the master password is completely separate - it cannot be used to unlock the 1Password desktop client - though you'd never know this if you'd used the same master password for both. Changing one master password will not change the other, so be mindful to keep track of both separately. Very confusing and deceptive, hope they fix this urgently.

    Also weirdly the 1Password iOS app does not have this problem. On first launch it allows logging into Teams immediately without creating any kind of pointless personal vault - or configuring a syncing solution for it - which you don't intend to use anyway.

    Maybe I am missing something here. Can anyone from 1Password explain what the deal is with this?? If I switched from LastPass to 1Password right now I'm certain my family will be absolutely boggled by this, not to mention they'll confuse the different types of vaults and wonder why things aren't syncing.

  • qwrenly
    qwrenly
    Community Member

    Ahhhh here we go, there is an answer on by Megan this thread.

    "It sounds to me like you set the password for your primary vault to be the same as the Master Password for your Teams account. While we're working on Teams-only instances of 1Password, right now you will need to create a primary vault to add your Teams account to 1Password. The password for your primary vault certainly doesn't have to be the same as the Master Password for your 1Password for Teams account, but I can certainly see why you wouldn't want to have multiple passwords stored in your brain (it's why you're using 1Password after all!)" - Megan

    So they've acknowledged it's a problem, glad they're looking into it, hope they fix fast because it's holding me back. 1Password flexibility is awesome and I want it to stay, but it needs to be simpler for other users, a Teams only client-mode is necessary. In the meantime you gotta warn beta users the passwords for team and local account aren't linked.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited December 2015

    @EnerJi: Wow. Great discussion! That's exactly right: currently we're all in a situation where we're using the 1Password for Teams beta alongside our existing 'personal' vaults, and that does sew some seeds of confusion, since only the beta version of 1Password for Mac supports Teams. This is why it's a beta. ;)

    @qwrenly: But I hope you can see that we're not trying to deceive you here. If we were, we wouldn't be discussing — or testing — this openly. And of course the stable version of 1Password for iOS has Teams, which is why it's more mature at this stage. :p

    Just imagine a world in which your 1Password for Teams Master Password is the Master Password, as eventually this dream will become a reality. And that way we get the security and convenience of 1Password for Teams without YAP (Yet Another Password). In the meantime, we're stuck in a bit of a limbo between old and new. Thanks for taking this journey with us. I think you'll like the destination. :sunglasses:

  • EnerJi
    EnerJi
    Community Member

    @random_31731ec7aea I suppose I don't yet know whether I need a local vault or not. Part of the problem is the lack of pricing information on the family plan. My family has already bought several family (and individual) licenses, and I need to know what I'm getting and how much it's going to be before jumping in with two feet.

    Thanks @qwrenly for pointing me to that other thread. That does clear some things up at least, although this is quite a big departure from Agile Bits' long-held previous stance that one should never input ones master password into any website, and that one of the virtues of 1Password's design was that one's master password never left the local computer or mobile device and thus was less likely to be compromised.

    Agile's "Chief Defender against the Dark Arts" (of whom I haven't see much of lately - I used to see him regularly drop pearls of wisdom in the forums) made a very convincing case along those lines that has stuck with me for years. It seems that Agile Bits' has changed its philosophy on this - the FAQ for existing users even goes so far as to say it's fine to re-use an existing master password in 1Password for Teams, which is a pretty major deviation from past guidance to never ever re-use one's master password and never ever type it into anything other than 1Password software.

    I wonder if @jpgoldberg would be willing to comment? One of the reasons I chose 1Password over competing solutions was his transparent and open discussion on 1Password's security. [I just realized there is a security white paper - I'm going to skim it to see if this topic is covered.]

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited February 2018

    Part of the problem is the lack of pricing information on the family plan. My family has already bought several family (and individual) licenses, and I need to know what I'm getting and how much it's going to be before jumping in with two feet.

    @EnerJi: I understand your concern, but think of it this way: if you decide that 1Password for Teams isn't a good fit for you (due to pricing or any other reason), all you need to do is move your data back to a local vault.

    Thanks @qwrenly for pointing me to that other thread. That does clear some things up at least, although this is quite a big departure from Agile Bits' long-held previous stance that one should never input ones master password into any website, and that one of the virtues of 1Password's design was that one's master password never left the local computer or mobile device and thus was less likely to be compromised.

    Precisely. And that's still true today.

    I know this can be confusing on the surface, but if you dive into the white paper you'll note that all of this is done locally in your browser: neither your Master Password nor the Account Key ever leave your machine. Based on your comments, I think more than a skim is in order. I suspect that the white paper may be right up your alley, and that you'll enjoy it. jpgoldberg and the rest of our security team have put a lot of work into the design, documentation, and — I think — presenting it in a way which is both informative and entertaining. I'd love to hear what you think of it! :)

This discussion has been closed.