Delete Family Member - how about members personal vault?

Hello 1password-Team, I have a question in regards to Families - is this still the case that when a family member is removed all his vaults will be dropped as well?
Reason: Passwords are something personal, almost intimate - but downside of that family member ship is - if I have a "fight" with someone from my family the head of family could simply remove his account and all his passwords are lost then. (which is a catastrophe for that person) So is this still the case or will the removed account be left with all his data in a kind of Read only state and only the shared vaults are inaccessible? How is it currently implemented. I love that membership type but I don't feel comfortable to have to much "power" over those important data from another person. Can a "ditched" family member migrate to stand alone single user with his vaults?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • ag_anaag_ana

    Team Member

    Hi @telephoneman2!

    Hello 1password-Team, I have a question in regards to Families - is this still the case that when a family member is removed all his vaults will be dropped as well?

    If you delete the account, all vaults are deleted. In case you don't want to do this, you can also suspend an account instead, and if you want the family member to keep using 1Password afterwards, they need their own account first, so that they can move their data there, before the deletion.

  • but that means the head of family is able to kill the password database of all family members without any need of their approval?

  • ag_anaag_ana

    Team Member

    @telephoneman2:

    If you are the owner of the 1Password Families account yes: as an owner, you created the account and can also delete it, you have admin powers on it. The alternative at the moment would be for every member to use their own separate account if you think this is a risk you don't want to accept.

  • Hello,

    It would be a great idea to dev a feature:
    to maintain individual account (even frozen) after deletion to avoid loss of the user's personal vault

    Can you suggest this to the dev team (I think I'm not the first to suggest that)

  • ag_anaag_ana

    Team Member
    edited May 7

    @OlivierP:

    Can you suggest this to the dev team (I think I'm not the first to suggest that)

    Done :+1:

    ref: dev/projects/customer-feature-requests#552

  • scartwrscartwr
    edited May 10

    This needs to be fixed. For a security software containing a persons deepest secrets, "just trust your family members" is downright irresponsible, and frankly makes me question the judgement of the product designers. Sure, I am sure it is fine a lot of the time, but what about DIVORCE? What about fights between family members (because no families ever have fights)? For some reason I see a lot of defence of this design flaw, saying you shouldn't enter a family plan with people you do not trust. Thanks for the tip. I am sure most people get that. But the situation can change. Really? You are going to base your product design around the assumption that there are NO situations EVER where a family organizer could become spiteful and want to remove another member, destroying all their data!? This might be an edge case, but security is not about saying it is "good enough" and just hope the edge cases don't manifest. Maybe we should get rid of CAPTCHA's because it is probably not a bot too, or secret keys, because it usually fine? Sorry to be snarky, but there has been complaint after complaint about this in many forms over the YEARS and no response. It does not make a good impression to be so sloppy and no address a long standing complaint. What other edge cases don't need to be handled because the product team does not feel like addressing them? It is not like there aren't solutions, like giving the removed user time to switch their 1password account to an individual account...

  • scartwrscartwr
    edited May 10

    I also want to mention, I am saying this because I really like 1password (for the most part), but I hope it can become better. I get really frustrated when I see companies unnecessarily lose customers, because they feel the need to defend their design, instead of listening their customers. Swallow your pride, and fix it please.

  • ag_anaag_ana

    Team Member

    I also want to mention, I am saying this because I really like 1password (for the most part), but I hope it can become better.

    Thank you for taking the time to share your thoughts about this too @scartwr, it's really appreciated! We wouldn't be where we are without feedback such as this, so I have passed it to the developers :+1:

  • Hi, what happens if the Family Organiser (the only organiser in the family), passes away suddenly and the subscription too expires (credit card expired or blocked)?

    1) Would all family members get locked out of shared as well as private vaults
    2) Is there any way where they could renew the account/subscription or retrieve the data immediately
    3) Even if there is an emergency kit available, it may not be useful if the subscription has expired OR it may take several days/months to access it due to
    a) Geographical location issue or
    b) Wills probate and/or transfer of Locker or
    c) Any other reason.
    And till such time the family member is without his/her own private data.

    Some solutions may be obvious but I am a new user currently evaluating the free trial version for families therefore do bear with me :-)

  • ag_anaag_ana

    Team Member

    @ajaxkg:

    If the subscription expires, everyone can still continue accessing their data. Subscription status has no consequences on your data, it will only become read only :+1:

    If your 1Password account is frozen

  • @scartwr this is exactly the point I also had in mind. What if the head of family turns into a bad guy and destroys these important data. The data in the personal vaults MUST remain and kept accessible - its OK to stay in read only and/or offer a oportunity to migrate them to a personal user account. But delete? At least in family its not OK. In any Business team it's fine, then its up to the user to store only the business related data and the boss can decide how long those date are accessible. If the user wants to have "private/personal" data he needs an own account 1password. But family is made to share that membership and here the personal data must be save and not in the hands of the head of family

  • Thanks @ag_ana! This is good news. Is there a time limit for the data being available as read only?

    I am not able to appreciate the logic of removing private vault of family member under any circumstances without giving an option to migrate. It seems this topic has been discussed a lot in other threads too but the concern remains.

    Apart from other reasons already mentioned, I would want to have another member as family organiser for account recovery/legacy features but would not like to do that even if there is a remote possibility of my losing my private vault without even having an option to migrate (assumption here is that appointed family organiser has the option of removing the original family organiser from the family or terminating the account completely).

    And as almost everyone here said, the private vault data of the family member can stay in read only mode along with an opportunity to migrate to a personal account. Why wouldn't 1P want to give that option? Surely it would lead to more subscriptions in the long run rather than losing the disgruntled family member, possibly forever.

  • ag_anaag_ana

    Team Member
    edited May 28

    @ajaxkg:

    This is good news. Is there a time limit for the data being available as read only?

    No limit :+1:

    And thank you both for the feedback! I know there has been discussions on how to improve this, so I have passed your thoughts to the development team :)

    ref: dev/projects/customer-feature-requests#552

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file