Share login in multiple vaults

I have Teams users with access to different vaults, but sometimes they need to share the same login for a site. Is there a way to link a login to multiple vaults without duplicating? Duplicating is great and all, but means I have multiple copies in my own 'all vaults' view, plus I have to remember to update them all when the password changes.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • JacobJacob

    Team Member

    Hi @JimmyJetset! Thanks for asking about this. At the moment, you're doing things the best way they can be done in 1Password Teams. We'd like to offer individual item sharing at some point and that should solve the core request here. I'll let the team know you're interested and we'll get back to you when we have something ready. :)

    ref: B5-1162

  • Just want to say that we're also looking for this feature.

  • rickfillionrickfillion Junior Member

    Team Member

    Thanks for letting us know, @Gorkyman. :)

  • We have the same issue. One login shared between 10 users. 1 user updates the password without updating the other 9 because they don't have access to those records. Passwords are out of sync and 9 users are unable to login. It creates havoc and a serious waste of time. It is ESSENTIAL for business to have one Master record that is linked to team members as JimmyJetSet suggested. We can also consider privilege access to team members, meaning they cannot update logins without the approval of the owner of the record

  • rickfillionrickfillion Junior Member

    Team Member

    Thanks @Silverback. This is a scenario that we're keeping in mind as we're figuring out how we can make things better in the future.

    Cheers.

  • As a business manager, the ideal solution would be for the record owner to receive an email when team members update a shared record. This email highlights the changes and the record owner accepts/amends/declines the changes. Once the record owner confirms the changes, all the linked records are updated simultaneously. The difficulty in this scenario would be to figure out what to do in the event several users propose changes to the same shared record...

  • brentybrenty

    Team Member

    @Silverback: I can see how that would be useful in some cases...but I can also see how that could quickly become incredibly bothersome, getting an email for every change, as the volume would increase exponentially with the number of people, vaults, and items involved. And that's before we even get into conflicts. Essentially, the "manager" would be signing up to do manual conflict resolution, and that's not something I'd wish on anyone. It seems like it would be better to simply give people read-only access and then have the vault manager make any necessary changes themselves, cutting out countless middlemen who'd otherwise be making more work for them.

  • In business, password management is critical and accountability/traceability should be the standard where responsibility must be clearly identified to avoid situations where staff members misuse their password privileges or are able to commit fraud. Therefore, a team manager (or password administrator) must examine and approve creation /changes of password records. It is part of the assigned role of the administrator. We can imagine that small companies would not require this, so 1PW could have an option to scale down the password management.

    If I was the password administrator of a company of hundreds of employees, I would want to know exactly who has access to what and who does what. In fact, the larger the number of users, the more important this is. So the challenge would be for 1PW to manage this and present a user friendly interface that looks absolutely simple and streamlined, while being complex and solid in the background. I will gladly give you feedback and ideas if you wish.

    A system of groups and privileges appears to be a business standard and this should cover all the possible scenarios. One scenario that comes to my mind is the following: Imagine I ask my assistant to create a new log in record. This person would have read/write privileges but not necessarily delete or modify. Although that person is the creator of the record, the company would not want a disgruntled employee to delete records or modify them, even though they created them. 1PW would also need to address the print/email/export/copy issues in a privilege group system.

    On that note, I wish all the forum participants a Merry X-Mas and happy new year and as the proverbial Chinese say “may we live in interesting times” for 2017 promises to be such a year.

  • brentybrenty

    Team Member

    @Silverback: Oh I agree with you completely. And after all, if doing all of that manually is what you're getting paid for, that's at least a fair trade. We just need to think of all the ramifications for usability and complexity for all 1Password users, since there isn't a separate app for different use cases and we certainly don't have the resources to do something like that. I think your summary is perfect:

    So the challenge would be for 1PW to manage this and present a user friendly interface that looks absolutely simple and streamlined, while being complex and solid in the background.

    And I really appreciate the example you gave as well. It's certainly something we can take into consideration.

    On that note, I wish all the forum participants a Merry X-Mas and happy new year and as the proverbial Chinese say “may we live in interesting times” for 2017 promises to be such a year.

    As I understand it, "may you live in interesting times" was a curse, but I get your meaning. Here's hoping that 2017 is "interesting" in the best possible way. Merry Christmas and happy holidays to you too! :chuffed:

This discussion has been closed.