Prevent users from accidently sharing their personal logins in the shared vauilt

We've got a team of 6 : 3 directors, 3 staff. All macs running OSX 10.10 / 10.11

The directors use their laptops both for office work and personal matters, thus the directors each have their own personal vault also use a shared vault (shared via dropbox) of company logins (for UPS, the company amazon account etc..)

The staff only use their desktops for work, the staff only have access to the shared vault.

The issue im trying to prevent is one of the directors putting one of their personal logins into the shared vault and having it shared with the entire team. Is fail safe to prevent against this ?


1Password Version: latest
Extension Version: latest
OS Version: 5x OSX10.10, 1x OSX10.11
Sync Type: dropbox

Comments

  • Jeff ShinerJeff Shiner AgileBits Admin

    Team Member

    Hey @vels,

    I can definitely see your concern as that could be a pretty big mess.

    I have at least part of an answer for you. It is tough in the sense that there is no technical difference between a Login that they want to share versus a Login that they don't want to share. So the solution boils down to ensuring that they can't accidentally add a Login to the Shared vault.

    If you were using 1Password Teams then it would be largely possible as follows:

    • Set the Shared vault to be read-only. This would prevent the directors from accidentally adding items to the Shared vault.
    • When they want to add/update an item in the Shared vault they could temporarily set it to read-write, add the item, then reset it to read-only.

    I notice however that you said the Shared vault was in Dropbox, which leads me to believe that you are not using 1Password Teams (at least for sharing). I'm not sure that there is an easy way without Teams, so you may want to take a look at that option :)

    Thanks,
    -Jeff

This discussion has been closed.