Do not show password for team members

Hello!

I have an employee to whom I share passwords. However, he can see the passwords.

Where can I set that he can not see the passwords with his 1Passwort account and copy in plain text?


1Password Version: 7.2.1
Extension Version: 1.12.2
OS Version: 10.14
Sync Type: Not Provided
Referrer: forum-search:hide

Comments

  • MeekMeek

    Team Member

    Hi @Ollinator, as part of 1Password Business, you can set fine grained access control for users accessing vaults, and this includes the "Reveal Password" permission. If you uncheck that option, the user will not be able to reveal the password or copy it from within 1Password.

    One point I want to make clear - this does not guarantee they won't be able to see the password once it is outside 1Password. Once the password is filled in on a website, there is nothing we can do do prevent someone from inspecting that webpage and determining the password that way.

    Let me know if you have any more questions!

  • Thanks!

    At what point can I make this setting so that my employee can not see the passwords?

  • BenBen AWS Team

    Team Member

    @Ollinator

    You can learn about how to change permissions here:

    Create, share, and manage vaults in your team | 1Password

    And you can read about the level of security this offers here:

    How vault permissions are enforced in 1Password accounts

    I hope that helps!

    Ben

  • Unfortunately that does not help me any further.

    The only thing I would like to know is at which point in 1Passwort I can adjust the following.

    The user (my employee) is not allowed to read out (read) the passwords for the access data released for him.

    Please write me where I must click in 1Passwort to take this permission. Unfortunately, I can not find anything.

  • brentybrenty

    Team Member

    @Ollinator: Do you have a 1Password Business account? If so, as mentioned in the articles Ben linked, you can manage the vault settings (gear icon) in 1Password.com in your browser and then change the permissions on the vault to disable the "reveal" permission:

    Just keep in mind that if you give them access to fill a password they can get it from the webpage after doing so.

  • I habe the "Teams" Account and can't see this configurations.

  • Hello again @Ollinator,

    This permission is available in our Business accounts only at the moment.

    I would like to point out that even with this enabled the team member would still be able to copy the password out of 1Password when filling login forms. This means that they could copy/paste the password into an unprotected field or even into a text editor and see the password.

    When you share a password with someone it is always best to assume that person now knows the password. Regular rotation of shared passwords is the only way to protect against people who used to have access to shared passwords being able to access accounts once you've removed their access.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file