Feature request: Send a once-viewable secret via 1Password

Hi,

A challenge we have is sending secrets like password, API-keys, certificates etc. to external parties in a secure fashion. Most of the solutions available are either heavy-handed and difficult to use or have one or several of the below issues.

  • Keeps a record of the secret
  • Are not encrypted in transit
  • Relies on consumer services
  • Does not have institutional trust

My suggestion for solving these issues would be a 1Password version of the service https://onetimesecret.com. In short, it would:
1. Accept text as input (Optional addition of setting a password for opening the link)
2. Generate a link to an https-only page that;
3. Displays the text and triggers a purge of the secret from 1Passwords servers

This would provide us with an easy to use solution for sharing secrets with external parties who do not use 1Password and shouldn't be invited to our Team. And as 1Password would be providing the service, it would have institutional trust which we can not give the existing https://onetimesecret.com.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: 1Password

Comments

  • BenBen AWS Team

    Team Member

    Hi @homebranch

    Thanks for taking the time to write in with this request. In evaluating the features we currently offer it seems guest accounts may work to resolve this problem for you? Are you familiar with guests and how they work in 1Password? If not you can learn about them here:

    Share with guests in your team | 1Password

    If you are familiar or have already tried using guests could you please elaborate about how they have not been a good fit for these situations?

    Thanks!

    Ben

  • Hi @Ben

    It seems I had forgotten about the Guests feature, and I will see if we can make use of it in the future.

    It is a bit heavy on administration and time-spent for all parties involved if we only need to share one secret one time with a person. The people who want to initiate the sharing are not 1Password admins so can't invite guests, and the guests need to go through the whole setup process before the initiators can do their part. I recon that in most cases were we don't want to invite the external party as a full member this extra time and effort will most likely result in the secret being shared via other channels.

    A related thing, the ability to copy/move an item directly into another persons private vault within the same Team. I read another thread asking for this back in 2016 I think, it was then in beta. Do you know anything about it? Maybe it's still in beta and I just can't find the beta-flag in my Mac app :smile:

  • brentybrenty

    Team Member

    It seems I had forgotten about the Guests feature, and I will see if we can make use of it in the future. It is a bit heavy on administration and time-spent for all parties involved if we only need to share one secret one time with a person. The people who want to initiate the sharing are not 1Password admins so can't invite guests, and the guests need to go through the whole setup process before the initiators can do their part. I recon that in most cases were we don't want to invite the external party as a full member this extra time and effort will most likely result in the secret being shared via other channels.

    @homebranch: I don't disagree with you, but it's important that it works that way so there's actual security: when you invite someone and they setup an account from that, encryption keys are exchanged as part of the process. That's how sharing is done securely. It does take some setup at first, but if and when you need to share anything else with that person after that, it's just a few clicks for you and they get it. :)

    A related thing, the ability to copy/move an item directly into another persons private vault within the same Team. I read another thread asking for this back in 2016 I think, it was then in beta. Do you know anything about it? Maybe it's still in beta and I just can't find the beta-flag in my Mac app :smile:

    It's still in beta because we're not completely satisfied with it, but this feature does exist in 1Password Business accounts:

    https://start.1password.com/settings/beta

    Cheers! :)

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file