Slack and workspaces: handle these how?

Slack has separate workspaces, that AFAICT operate virtually as separate sites, how do we handle these in 1Password?

  1. For those wanting to use 2FA for them, does each and every workspace on Slack need an individual OTP, or does one OTP work across all individual workspaces?

  2. Given the answer to Q1 above, what's advisable – should we have entirely separate entries for each Slack workspace in 1Password? eg...

  • Slack (Company 1)

    • username: {email}
    • password: {password}
    • OTP: {code generator}
    • website: company1.slack.com
  • Slack (Company 2)

    • username: {email}
    • password: {password}
    • OTP: {code generator}
    • website: company2.slack.com
  • Slack (Company 3)

    • username: {email}
    • password: {password}
    • OTP: {code generator}
    • website: company3.slack.com

or should we use one entry? And if so, how would one potentially handle many OTP's (if required) within the one entry (see answer to Q1 above) eg...

  • Slack

    • username: {email}
    • password: {password}
    • OTP: {code generator}
    • OTP 2: {code generator}
    • OTP 3: {code generator}
    • website: company1.slack.com
    • website 2: company2.slack.com
    • website 3: company3.slack.com
  1. If we use one entry (say we want to use the same password for all workspaces, or perhaps even different ones), how do we manage multiple OTP 30-second code generator fields in 1Password? (thinking about 1P's auto-copy/paste facility, for example.)

  2. AFAICT, each individual workspace has 10 "backup codes" (so you'd have 3 sets of 10, in the above example). Where/how do we store all these, as they're not passwords, and Notes field is hardly appropriate either?

Thanks in advance.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • BenBen AWS Team

    Team Member

    Hi @jimthing

    My experience with Slack is that each Workspace account is entirely separate, so... the former i.e. "should we have entirely separate entries for each Slack workspace in 1Password? eg...". I've got a separate Login item for each "Slack" I belong to.

    If we use one entry (say we want to use the same password for all workspaces, or perhaps even different ones), how do we manage multiple OTP 30-second code generator fields in 1Password? (thinking about 1P's auto-copy/paste facility, for example.)

    I wouldn't recommend any part of that. But to answer the hypothetical: 1Password's auto-copy feature is going to copy whichever TOTP field appears first on the item. So that isn't likely to be very helpful in this type of setup. But you can change the labels on the TOTP fields, e.g.

    AFAICT, each individual workspace has 10 "backup codes" (so you'd have 3 sets of 10, in the above example). Where/how do we store all these, as they're not passwords, and Notes field is hardly appropriate either?

    It seems we're already having a discussion about this in this thread.

    I hope that helps. Should you have any other questions or concerns, please feel free to ask.

    Ben

  • Looks like I'm splitting-up my single Slack entry into separate ones then.

    Rather annoying the way Slack expects you to set-up a TOTP for each Workspace. But I suppose this is because each individual company's forum space on it, is under their own settings, so it allows full controllability per company.

  • BenBen AWS Team

    Team Member

    Exactly. It isn't so much a "Slack" account as it is a "Company X's Slack" account. They're totally separate.

    Ben

  • I have so many Slack accounts that I introduced a dedicated slack tag to easily find them all...

  • I've just done:

    Slack (Company1)
    Slack (Company2)
    Slack (Company3)
    etc...

    The thing with Slack is, it's easy to not realise you're changing settings for just the single workspace, yet if you have their apps you're flicking between workspaces easily.

  • BenBen AWS Team

    Team Member

    I have so many Slack accounts that I introduced a dedicated slack tag to easily find them all...

    Sounds like me with Google / G Suite accounts.

    Ben

  • BenBen AWS Team

    Team Member

    The thing with Slack is, it's easy to not realise you're changing settings for just the single workspace, yet if you have their apps you're flicking between workspaces easily.

    That sounds like good /feedback for SlackBot. :)

    Ben

  • While I agree that having the same user/pass for each account is not ideal. There is little or no security benefit from one human having multiple TOTP tokens representing the "thing they have". It would be great if Slack (and other sites) allowed for user specified OTP seeds (a few do) to allow us mere mortals to sync up those sorts of things (in the meantime I rely on 1Password to keep them all straight).

  • BenBen AWS Team

    Team Member

    I rely on 1Password to keep them all straight

    Glad we're able to help. :+1: :)

    Ben

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file