Remove or hide personal vault from Teams account and a question about recovery.

I have both a personal account and a work account in my 1Password application. Both have un-deletable personal vaults. Will you introduce a setting to at least hide them? Having two vaults with the same name where one is unused seems like really bad UX.

When in a team, will a recovery also recover the personal account of the user? If so, doesn't this make the personal account actually readable by the people in the recovery group (by resetting the account information)?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • JacobJacob

    Team Member

    Hi @tozz! Thanks for posting about this. We've been looking to improve the experience when using team and family accounts since two Personal vaults can be a bit strange. In 1Password for Mac's vault menu, you can distinguish between each vault since there's a header of the team or family name there:

    At the moment, it's not possible to hide them from the vault menu. Are you not using them at all? By default, the vault for saving in 1Password is the Personal vault of the first account you signed in to in each app. You can change it from All Vaults in preferences.

    When in a team, will a recovery also recover the personal account of the user? If so, doesn't this make the personal account actually readable by the people in the recovery group (by resetting the account information)?

    Recovering an account gives that user a new Account Key and Master Password, but the person who recovered you still doesn't have access to your Personal vault. When they recover your account, an email is sent to you with a link to get a new Account Key and Master Password, so only you can complete it. Hope that helps.

  • tozztozz
    edited November 2016

    I don't use the menu but rather the hot keys. So each personal vault except the one in my personal account adds an annoying "jump" on the numbers for switching vaults. Being able to disable (or much rather delete) any vault would be a great improvement.

    In a team environment the person who can start the recovery process can likely access your e-mail too, hence they can get access to your vault. I'm not saying this doesn't make sense or is a problem, I just need to know from an integrity and employment safety perspective, ie, don't use the Team Personal Vault for anything personal since the organization will be able to access it.
    I just wanted to make sure all vaults where using the same encryption flow in team accounts, it wasn't totally clear if the personal vault was a separate thing that couldn't be recovered, but now I know :)

  • JacobJacob

    Team Member
    edited November 2016

    @tozz Ah, I can see what you mean there. Thanks for the feedback. :)

    In a team environment the person who can start the recovery process can likely access your e-mail too, hence they can get access to your vault. I'm not saying this doesn't make sense or is a problem, I just need to know from an integrity and employment safety perspective, ie, don't use the Team Personal Vault for anything personal since the organization will be able to access it.
    I just wanted to make sure all vaults where using the same encryption flow in team accounts, it wasn't totally clear if the personal vault was a separate thing that couldn't be recovered, but now I know :)

    Great point. We've discussed this a few times on the forum, and it's important to note that yes, the Personal vault isn't for your truly personal or family items. An individual 1Password account or 1Password Families are better suited for those. Glad that got things cleared up for you.

This discussion has been closed.