Duplicate item with sync
Hi,
I offer to add a new option: "Duplicate with sync", because we often use Duplicate and when the main password or another data change - all duplicates don't get those updates.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Hello @sunford! 👋
Thank you for the suggestion! Just to make sure that I understand: you'd like to be able to create duplicate items that stay identical so that if one of the copies is updated the other copies are updated as well?
Instead of duplicating the item, have you considered setting up a shared vault and moving the item there? Everyone with access to the shared vault will have access to the latest version of the item:
- 1Password Business and Teams: Create, share, and manage vaults in your team
- 1Password Families: Create and share vaults
-Dave
0 -
Thank you for the suggestion! Just to make sure that I understand: you'd like to be able to create duplicate items that stay identical so that if one of the copies is updated the other copies are updated as well?
Yes, correct.
Instead of duplicating the item, have you considered setting up a shared vault and moving the item there? Everyone with access to the shared vault will have access to the latest version of the item:
Unfortunately, it isn't a good solution. For example, we have an item that needs to be shared with a few people and this item belongs to the (vault )"category" finance. If we use a shared vault then we need to have double vaults for everything: sahed_finance, shared_servers, etc. and I think that isn't ok.
0 -
@sunford Instead of duplicating an item for access control purposes, create one new vault for this special item and move it into this vault. Then share this vault between all people who need access. You might realize there are more items with the same access requirements that belong to this vault but are currently duplicated. So collect these duplicates and store them deduplicated in that new vault as well.
Vaults are for access control - create one vault for every access pattern or group you have in your team or your family, then move all matching items into one matching vault.
If there are finance items that should be shared between 2 different access groups, then create 2 finance vaults with different access patterns. That's perfectly fine, since it's not possible to define access control per item, only per vault.
0 -
Thanks for the suggestion about keeping an item in sync between multiple 1Password vaults. At this time, I'm afraid the security model of 1Password would prevent this from working. Each item is encrypted end to end, so 1Password wouldn't be able to automate the syncing of items unless someone is logged in with a client app has access to edit items in both vaults. This would also lead to other issues, such as if someone has the ability to edit the item in one vault, but not another. Should the edit be possible, and get synced by someone else at a later time? I can foresee lots of issue which may stem from the items being temporarily out of sync. Should the edit be blocked unless permissions in both vaults are available? It's difficult to say what would be acceptable to all of our customers and not cause confusion for your team members.
As @Tertius3 mentioned, the current best practice is to use another vault for this scenario. While it would require more vaults to be created, the permission and audit model is much simpler to follow along with. Consider a company with a finance department and a social media team. Ordinarily, the social media team may be given access to a vault with logins for various social media sites. The finance team would not have access to that, but may have their own vault of banking and credit card information that the social media team doesn't. A third vault would be a useful if one social media site was also used for paid advertising, since some members of the social media site and some members of the finance team both may need to log in there.
Also keep in mind that it's possible to Securely share 1Password items with anyone. This allows you to send someone a link to view all of the details of a single item, without them needing to be a member of your team, or have access to any vault. For one off cases where they don't need to make changes, it can be a useful option, but remember that you may want to change the password or other secrets once the other person should no longer be able to use it.
I hope this information helps. Be sure to let me know if you have any questions!
Thank you,
0
