Can you elaborate on potential browser/Javascript vulnerabilities for Families/Teams?

Thanks, I really don't have much to add to what @rob has already said.

@wsjndr is absolutely correct that the browser is a far more hostile environment than the operating system as a whole, and so web-apps face a greater threat than native applications and programs do. Furthermore native client applications are delivered in a more secure way than in-browser apps served from a web page. So yes, other things being equal, the native apps have more defenses than the web apps.

I'd like to highlight something that Rob said,

we are working towards our ultimate goal of providing a way to do everything in our client apps that you currently have to do in the browser.

Since the Teams beta began, some of those have already come to fruition. I'm not making any promises about the speed at which these will be brought to the native apps, but keep in mind that the web app and the native apps use an identical protocol. It may be a while before absolutely every capability of the web app is available in clients for all of our platforms, but you should find it easier to rely less on the web-app as months pass.

Meanwhile, as Rob says, follow good practices with installing things in your browser and paying attention to TLS warnings.

Hi @wsjndr,

You've asked some great questions here, and I've learned a lot just by reading Rob and Goldberg's responses. I'm glad to see that they've helped you as well.

I can certainly share my experience with using multiple vaults, and multiple accounts. I've got 5 personal vaults that have not yet been migrated to 1Password Families, and I'm a member of 3 different 1Password accounts (two Teams and one Family, if you want to get specific.) Obviously, because I work for AgileBits, I'm a little bit biased, but I think the way that 1Password handles multiple vaults has gotten really sophisticated over time, making it easy for me to access all the information that I need all of the time, while hiding the information that I only need occasionally.

The vault selector in the sidebar has my vaults nicely separated into groups so I can easily see which vaults belong to which account, and Preferences > All Vaults (or Settings > Vaults > All Vaults on iOS) allows me to customize which vaults are included in All Vaults. This means that All Vaults really is the "all the information I need without any unnecessary clutter" vault (I guess you can see why they don't let me name things around here!

Use Settings > 1Password for Teams in 1Password for iOS to sign in to all of your 1Password accounts. You can be signed in to multiple accounts, and still use personal vaults as well.

I wonder if anyone can share their experiences using two vaults: one for Teams/Families and another only on the client apps.

Reading your question again, I wonder if I might need a bit more clarification on how you're thinking of setting things up, because I might be answering a question that you're not asking.

Personally, I hardly ever use the web interface of 1Password Families. I used the browser when I created the account, and to add members and set up a few vaults. Other than that, I've been working strictly within the 1Password app on my Mac. All the data in the vaults was added into the app directly.

But, the short answer is, 1Password is flexible for your needs. You don't have to use only Families vaults or personal vaults, you can mix and match as you wish.

I hope this helps, but if you've got more questions, we're here for you!