Shared vault sync via Dropbox from Mac to Windows
Hi,
We've created a shared vault 'Our Shared.agilekeychain' which we have synced via Dropbox. We've had a group of Macs (OS X 10.10.4 + 1Password 5.3.2) using it for quite some time now without a hitch. Because Mac OS sees the vault as a package, adding a new user on the Mac is a breeze as you just double-click to open it.
On Windows (Windows 8.1 + 1Password 4.6.0) the shared vault is displaying as a folder and 1Password says it's not a valid vault when we try to add it using the instructions here:
* https://guides.agilebits.com/1password-windows/4/en/topic/sharing-a-vault
Please could you let me know if there's a trick we are missing?
Cheers, Dan
1Password Version: 4.6.0
Extension Version: Not Provided
OS Version: Windows 8.1
Sync Type: Dropbox
Comments
-
There is no error message as such it's just that when we point 1Password at the 'Our Shared.agilekeychain' in Dropbox it tries to open it as a folder, not seeing it as a package the way it should. Are there any file name restrictions/limits between Mac/PC?
0 -
@londan OS X Bundles do not exist on Windows. If you're opening a folder named 1Password.agilekeychain then you're doing the right thing.
0 -
@svondutch it's not the primary 1Password.agilekeychain that's the problem. That works fine and looks like a 1Password file always does, but the Shared vault just looks like a folder and when I try to select it the folder just opens.! Here's a screenshot showing both files:0 -
That's becausevyou created the vault on the mac and synced it. Then "1Password" keychain was created locally. When you create a vault on Windows, 1Password adds a couple of registry entries to get the windows shell to display your keychain folder with a custom icon.
When you create a keychain else where and sync it the software doesn't have that opportunity.Basically, what you're seeing is normal (although not ideal) and it shouldn't stop you from opening the shared vault in 1Password for Windows. Have you tried?
0 -
@londan. How are you opening the vault? You cannot do this from Windows Explorer.
- Open 1Password
- Click on: File > Open 1Password Vault
- Navigate to:
Dropbox\Apps\1Password - Click on:
Jonathon Shared.agilekeychain - Click on: OK
You can now optionally repair your vault here: File > Repair 1Password Vault
0 -
Hi @brenty + @svondutch,
Thanks for the help! Did a restart of the computer and followed your instructions so the vaults started behaving as expected. Now working – yipee!
Also, there seem to be a few features missing from the Windows version but might be us just overlooking them:
Vault switch – is there a way to switch vaults without having to enter passwords for each vault each time? Entering my 1 password on the Mac gives me access to all my vaults but can't seem to figure out how to do this on Windows.
Moving items – is it possible to move/copy items between vaults like you can on the Mac?
As ever, the help is greatly appreciated.
Cheers, Dan
0 -
Vault switch – is there a way to switch vaults without having to enter passwords for each vault each time?
@londan I'm afraid not. 1Password for Windows does supports multiple vaults, but opens one at a time and one only. It will then always ask for your master password.
is it possible to move/copy items between vaults like you can on the Mac?
@londan Yes. You can copy items to the clipboard (Ctrl+C), then open another vault, then paste your items from the clipboard (Ctrl+V).
0 -
Thanks @svondutch for the help!
It's a shame the Windows version of 1Password isn't as fully featured as the Mac one. Can I ask if that functionality is on the future features list for 1Password Windows? In particular, having to enter different passwords each time you switch vaults, makes the whole idea of shared vaults a time consuming nightmare on Windows – while it's a joy to use on the Mac. Our Windows users aren't happy at all with the way this works and I can't say I really blame them. If the Mac version worked like that we'd never have rolled out 1Passsword and shared vaults for ourselves and our clients.
Cheers, Dan
0 -
Hi @londan,
It's a shame the Windows version of 1Password isn't as fully featured as the Mac one.
It is fully featured as the Mac app and the Windows app have some features even the Mac app doesn't have such as the Diceware password generator. It is just that you have to do things differently on separate platforms due to their technical designs [Updated to clarify design vs. platform differences]
However, we do want things to be as consistent and we're working as hard as we can to make that happen.
In particular, having to enter different passwords each time you switch vaults, makes the whole idea of shared vaults a time consuming nightmare on Windows – while it's a joy to use on the Mac.
The Mac app stores all of your vaults into a single database file, we read and write to your vault directly, that's why you can't easily switch vaults. The passwords for each vault is stored in that database file, which is encrypted with your primary vault password. For many businesses, this isn't acceptable nor do they like the idea of one key unlocking the entire database either, so there are some cons and pros. For an example, suppose your home vault is the primary vault and it has the keys to your business vaults.
We'll keep your feedback in mind and see how we can approach this in the future with the best of both worlds. Thank you for sharing it with us!
0 -
Which is not a problem if you store your secondary password in your primary vault.
0 -
Right, we do recommend storing your secondary vaults in your primary vault to try to prevent this. We are investigating for a better solution to all of this in the future.
0 -
Fair enough. I don't really mind what the outcome is so long as we're not stuck with the ridiculous workflow that the windows version imposes on us for multi-vault use.
0 -
Yea, we just wish we can clone our developers, that'd solve this sooner. :smile:
0 -
var dev2 = new Developer(dev1);
;)
0 -
If only! Whomever can do this first — Apple, Microsoft, Google, etc. — will rule the world! :lol:
0 -
Great to see this discussion. Just so you know how complex our 1Password setup is, we've now moved about 1/3rd of our clients over to 1Password and have 25 shared vaults:
Once we complete the transition we will have 75+. When a client calls we need access to their shared vault. Really helps if we can just click and move to their shared vault and not have to endlessly re-inter passwords.
Also, from a security standpoint, we have only 2 members of staff who know all the vault passwords. We setup each user's computers and iOS devices ourselves so that they do not have access to the vault password. This way the shared vault is protected from being distributed without our knowledge. Alas, we now have to share the vault passwords with Windows users so the security isn't as robust for our particular workflow.
Still really love 1Password so please take all of this as constructive feedback and not criticism!
Cheers, Dan
0 -
Still really love 1Password so please take all of this as constructive feedback and not criticism!
@londan: Absolutely! Thank you. :)
This is certainly my first encounter with a setup of this, erm...magnitude, so I appreciate the description and illustration! I think the biggest challenge (at least for us...) is that we get a lot of requests from both sides: people that want the Mac-style (vault 'collection'), and others the Windows-style, so we probably need to come up with a solution that's flexible without being too complex.
And since we don't collect usage data (which would be creepy for security software to do, I think), these forums serve as an informal survey. Thanks so much for the feedback! :)
0 -
@londan 25 vaults is unusual. Most users have 1 or 2 vaults. On Windows, I'm afraid we currently do not accommodate your workflow. That being said, it is something we realize we must improve upon, and it is definitely on our radar.
One more thing. While I understand your desire to keep the other master passwords a secret, you do need to realize that the other master passwords are stored in the primary vault, and if you give someone access to the primary vault and they can unlock it, then technically they have the keys to the other vaults, too.
0
