Company with multiple Macs and PCs

brentybrenty

Team Member
This discussion was created from comments split from: Multiple Users Questions.

Comments

  • My question is similar. I work for a small company and am the password keeper. We have about 7-10 MAX employees who all use mostly the same password (that I share with them all) for at least 30 different sites. We want to have a more secure way of sharing passwords and info then how we do it now. I keep all the passwords in a word doc and email passwords to employees when they need it which is not secure. Some employees use MACs and some use PCs. Does the 1 password solution work in this scenario? Thanks.

  • brentybrenty

    Team Member

    @jsessions: I hope you don't mind, but I've split this off into a separate discussion since you're asking a question specific to your own situation.

    First, 1Password is licensed per-platform, per-user, so in the case of your company you'd need a 1Password for Mac license for each employee who will use 1Password on a Mac, and also a 1Password for Windows license for each employee who will use 1Password on a PC. And there may be some overlap there. But you can purchase these at a volume discount through the AgileBits Business Store.

    Second, I'd like to address password sharing. It’s important to remember that, like anything digital, if you give an employee a copy of a Word document, Excel spreadsheet, or vault, or password, you can’t take it back.

    If I give you a keyring with copies of all of my keys and then later decide I don’t trust you, I still have to change the locks on the house. There’s no guarantee that I’m getting those keys back, and you could have easily made copies anyway. It’s no different with anything digital that can be copied. And even if in the future we made a way to ‘revoke’ vaults, etc., there’s nothing stopping someone from copying all the data before they lose access.

    With 1Password, we don’t control your data (which is a good thing), and your company isn’t running some kind of server to do authentication where employees have to log into a portal to access the data. Instead, you're just passing around (or syncing) copies of a database, and once someone has it, they have it.

    Ultimately when it comes to sharing logins for various accounts, no matter what is used — 1Password, a text file — if you’ve got multiple people sharing a single account you can’t lock just one person out of it…unless you can sneakily change the password before you tell them they’re fired and only let the folks who are still around know the new one. :lol:

    That’s why it’s best for each person to have their own login credentials. You can revoke those with the email provider, etc. on a case-by-case basis if needed. 1Password just stores this information, it doesn’t manage the accounts. Sharing logins is insecure and risky in a business situation. It’s less risky with your spouse or partner, but even then things can happen! :unamused:

    So while you can certainly share a 1Password vault between employees in your company, it's important to remember that once a secret (like a password) is shared, it cannot be taken back.

  • certain websites we use wont allow for multiple logins so not sure how we could get everyone their own.

  • @jsessions - You'd need to change the master password for 1Password and then change the passwords for those sites you've shared when an employee no longer should have access to the data. Depending on circumstances, you might well need to change all of the shared passwords to be truly secure.

  • brentybrenty

    Team Member

    certain websites we use wont allow for multiple logins so not sure how we could get everyone their own.

    @jsessions: That's unfortunately a terrible security situation to be in, and 1Password won't be able to compensate for that shortcoming on the part of the site itself.

    You'd need to change the master password for 1Password and then change the passwords for those sites you've shared when an employee no longer should have access to the data. Depending on circumstances, you might well need to change all of the shared passwords to be truly secure.

    Indeed, this is really all you can do in these situations since existing accounts, if left unchanged, will remain accessible to anyone you've shared them with.

This discussion has been closed.