Family Sharing / Accessing Passwords on Incapacitation

Hey @BillJn!

Thanks so much for taking a look at 1Password as part of your digital security! I hope you've had a look at 1Password Families, as that's far and away the best option for most families. If not, definitely give that a look.

The estate planning issue is an excellent question, and one we've been giving serious thought to as well. At present, there's no dedicated solution to this problem in 1Password -- we've been focused on the launch and refinement of the core features of 1Password accounts recently, but it's something we've already been thinking about for the future. We'd want to take the time to make sure it's done both securely and in a user-friendly way, of course, so I don't have anything to announce regarding it at present.

However, I do have a suggestion for you, though it's one better dealt with privately. If that's OK with you, please email us at support+forums@agilebits.com and please include a link to this thread in your email, along with your forum handle so that we can "connect the dots" when we receive it.

You should receive an automated reply from our BitBot assistant with a Support ID number. Please post that number here so we can ensure that this issue is dealt with quickly. :) Thanks for your cooperation.

Thank you, replied!

The short answer is no. There is no feature of 1Password that allows one individual to access another individual's private vault. This is by design. One possible way to handle this would be for each individual to leave a copy of their Emergency Kit with their will, or in a safety deposit box that would be available to the estate upon their incapacitation.

Ben

Perhaps setting up a Trusted Person contact who gets emailed the master password if, say, an owner does not unlock 1P for a set period of time.

In order to do that we would have to have their Master Password in order to email it to the trusted person. That is not a position we're willing to put ourselves in. That sort of access to customer data is the difficulty many other services have/are running into.

We intentionally never have access to either your Master Password or your Account Key. This protects us (and ultimately you) such that if our servers were compromised there is nothing of real value there. All an attacker would be able to get is encrypted blobs with no way to decrypt them.

Ben

@Martok

We do have ideas for how we could implement this type of feature. And I think it's one we'd most definitely like to bring to 1Password Family eventually. I'm not sure if or when this might happen, but I believe a very large contingent of our team uses the Family solution with their families. A few may be using the individual solution instead though if they have no sharing needs. Given that we'd like to have this option available to ourselves means it's something we have a bit of a vested interest in. I just can't promise anything, nor could I promise anything about how it's implemented.

What I do, at least until then is far more straight forward than putting it in my will directly. I have a safe deposit box at my local bank. Not only do I visit this box weekly to put my latest weekly backup in it but I also store a copy of my 1Password Emergency Kits there. My parents have access to this box as well (I'm single, unmarried, no kids, etc so they're the emergency contact) and know that in the event of a problem that is where they look. My will is there, all my important documents like car titles, mortgage information, etc is there. There's also one more important document though and that is "All the things they need to do in the event of death or serious injury" which I like to think is mostly to make their lives easier if anything were to happen. They've got enough to worry about I don't need the financial side of things to be complicated. In this document I outline which accounts need to be closed, retirement accounts, where important documents are placed, relatively vague guidelines for how to sell various collectible items I have (some are valuable), and how to access my 1Password data.

I look at my will as merely a way to divide up and handle my estate should that need arise, but the instructions for what to do in the event of a problem is separate, at least in a way, and that is where my 1Password information lives. If I were to get married, this set of documents is equally as useful with some relatively minor modifications.

And of course, my family all uses 1Password Families, and each of our houses has a separate vault. This helps a lot for things like wifi passwords, router admin passwords (since my parents don't manage that stuff), garage door codes, emergency contact information, and relevant to this particular topic a Secure Note for "In case of Emergency" which contains a very general set of instructions for how to get started with all of the above information.

Technically, all the accounts to cancel, etc are always more up to date in the vault but I update a paper copy every few months.

This is just how I handle it and it's never a fun conversation with family members but I figure if something were to happen this is the least I could do to try to make their lives easier. They don't have to put all this crap together, they have step by step instructions for how to proceed. I've even done the homework of "if I die, make sure you get ~15 death certificates because they'll be needed for x, y and z."

At least I know that if something happened I've done all I can to make the process for them easier from that perspective.

And back to your original question, I hope that however we do this in the future it'll make things easier for me to explain and easier for my family to use than my current setup. My current setup isn't hard, but, it's not quite as awesome as potentially having a "Disaster Recovery Kit" or something like that which targets this scenario better.

I hope that helps with reassuring you that we're hopeful we can provide something like this and also gives some ideas for how others can make adjustments to how they do things to potentially make it easier in the interim. If you have any questions though, please let me know :)

@architect1337: The only risk there is that someone who has your Master Password shared with them could login as you if they also have access to a device/browser that you've authorized (which therefore has the Account Key saved locally). This describes a friend or family member for most of us, since they are most likely to have access to a shared vault and/or our devices. So the security risk comes down to knowing who you can trust and making sure you don't share information or devices with anyone else. Cheers! :)