Old Indiv User -> Family Plan.... Nervous

merrick777
merrick777
Community Member
edited December 2017 in Families

So 1password has been running my life for years. Now converting to family plan. I've done a lot of reading on the site (and emailing with Laura, which has been helpful) but I am getting confused and nervous- possibly just with my not understanding current terminology. Let me explain my goal, then I'll tell you what's confusing me...

Me, wife, daughter, my dad... all need individual/private vault. I'll prob give my wife my master pword and I'll have hers.... you know- just in case emergency happens. We'll both have my daughter's- she's young and we need to sometimes "monitor" what she's doing online. My dad is aging, and wants me to have access to all his 'stuff'. Now, possibly 'shared' might be something to look at (as Laura suggested to me), but none of us want to get involved in "Hmmm, is this TD Bank account mine, or Dad's?"... and I cannot trust that he'd be as proactive as we'd need about properly naming accounts when saving them... I can't chance mixing my stuff with his. And my daughter.... we need access to her stuff but don't want her to have access to ours. So I think 'shared' is out of the question (unless you make it make more sense to me).

I set up the family acct last night and it's using my Master Password that I've always used with my (dropbox stored) vault. I successfully set up a few devices and got rid of the original (primary) vault. Some things I noticed:
1) Putting app or software on my devices required entering the Master Pword and Secret Key. When I "invite" family members, will they create their own Master Pword (and secret key) and use them to install on their device(?).... or will they need MINE?
2) As the 'Admin', I will "see" their vaults when I'm logged in, but they won't see mine... is that correct?
3) Let's say that I DO know their Master Password... can I simply switch over to their vault ON MY DEVICE on occasion?
4) I installed 1Password X into Chrome last night.... NICE! But what's avail for those not using Chrome (ie: Dad on Firefox)?
5) Just terminology: Will each family member have an "account"? Why would one want/need/have multiple "Accounts"?
6) Is 300 minutes the max that i can keep the browser extension signed in, or am I doing something wrong?

Sorry long winded- trying to be very clear with questions.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • 1) Putting app or software on my devices required entering the Master Pword and Secret Key. When I "invite" family members, will they create their own Master Pword (and secret key) and use them to install on their device(?).... or will they need MINE?

    Each person will have their own credentials. You should only share your credentials with someone if you want them to essentially be you, as far as 1Password is concerned.

    2) As the 'Admin', I will "see" their vaults when I'm logged in, but they won't see mine... is that correct?

    No. Nobody, even the Family Organizer(s), will ever have access to anyone else’s Private/Personal vault. The only way to access someone else’s Private vault would be to log in as them (using their credentials).

    3) Let's say that I DO know their Master Password... can I simply switch over to their vault ON MY DEVICE on occasion?

    Within the apps you can only be signed into one account per family. But you could sign in as another family member in your web browser if you have their credentials.

    4) I installed 1Password X into Chrome last night.... NICE! But what's avail for those not using Chrome (ie: Dad on Firefox)?

    1Password X is primarily intended for folks who don’t have access to the native 1Password apps (1Password for Mac, 1Password for Windows, 1Password for iOS, etc). Anybody who has Chrome (desktop) can use it, but you get the full 1Password experience by using the native app in combination with the appropriate browser extension:

    Downloads - 1Password

    5) Just terminology: Will each family member have an "account"? Why would one want/need/have multiple "Accounts"?

    Each family member will have an account within your 1Password Families membership. There is likely no reason to ever have multiple accounts within the same membership. Many people have multiple accounts within different memberships. For example, I have my own individual account, an account within a 1Password Families membership that I share with my parents, and an account within our 1Password Teams membership here at AgileBits.

    6) Is 300 minutes the max that i can keep the browser extension signed in, or am I doing something wrong?

    I’m not sure I follow. Which browser extension, on which platform?

    I hope that helps!

    Ben

  • merrick777
    merrick777
    Community Member

    That's a HUGE help... thanks! So it seems like youre saying that I should not have put 1Password X into Chrome... I should be using the regular Chrome extension instead? But you said that you get the full 1Password experience by using the app.... How?? 1password X puts the icon right into signin pages whereas the regular extension would require me to go up & into the extension in order to "fill" usernames/passwords into webforms.

    Whether it's 1Password X or the regular Chrome extension- how do I keep it open for long periods of time (so that I dont have to keep re-entering my master password)?

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited December 2017

    That's a HUGE help... thanks! So it seems like youre saying that I should not have put 1Password X into Chrome... I should be using the regular Chrome extension instead?

    @merrick777: There's nothing wrong with using 1Password X in Chrome. It's a great option for most people. But the native 1Password apps and their extensions are more powerful.

    But you said that you get the full 1Password experience by using the app.... How??

    You can install 1Password from the Get the Apps page in your account:

    https://start.1password.com/apps

    And then install the browser extension:

    https://agilebits.com/onepassword/extensions

    1password X puts the icon right into signin pages whereas the regular extension would require me to go up & into the extension in order to "fill" usernames/passwords into webforms.

    Or you can press ⌘ \. ;)

    Whether it's 1Password X or the regular Chrome extension- how do I keep it open for long periods of time (so that I dont have to keep re-entering my master password)?

    You can't keep it unlocked indefinitely. But you can customize your security settings in either. The native 1Password apps allow for more control over this though (Preferences/Settings > Security) since they can work at the OS level and are not restricted to the browser.

    I hope this helps. Be sure to let me know if you have any other questions! :)

  • merrick777
    merrick777
    Community Member

    Thanks @brenty . Having some trouble... Tried to put sw on wife's PC and it said she needed .NET Framework. I tried to install it and I got "An error was encountered. This security ID may not be assigned as the owner of this object". This may be a 'permissions' thing from her employer (it's a work computer). Any way around it (without involving her IT Dept)? If not, her only option would be to use 1Password X... is that correct?

    Back to my question regarding 1password X: @Ben said:

    1Password X is primarily intended for folks who don’t have access to the native 1Password apps (1Password for Mac, 1Password for Windows, 1Password for iOS, etc). Anybody who has Chrome (desktop) can use it, but you get the full 1Password experience by using the native app in combination with the appropriate browser extension

    Can you help me to understand that? From what I can see (unless I'm misunderstanding something), 1Passsword X puts the {lock} icon into fill-in lines of web forms... That's awesome, and I cannot imagine how anything could be better or more useful than that! Therefore (if native app + regular extension gives "the full experience" as Ben said...) then I must be missing an important feature of the regular extension because I don't see the regular extension being anywhere near as convenient as I see 1password X. What am I doing wrong?

    Thanks again for all of your help & support - I love this product and want to make sure we're getting the most out of it.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Thanks @brenty . Having some trouble... Tried to put sw on wife's PC and it said she needed .NET Framework. I tried to install it and I got "An error was encountered. This security ID may not be assigned as the owner of this object". This may be a 'permissions' thing from her employer (it's a work computer). Any way around it (without involving her IT Dept)? If not, her only option would be to use 1Password X... is that correct?

    @merrick777: Correct. If it isn't possible for her to install the minimum version of .Net (which is quite old now) herself then it would need to be provisioned by the IT department. So, failing that, 1Password X should work for her (provided Chrome is not restricted from installing extensions — this can be done by the GSuite/Google Apps admin).

    Back to my question regarding 1password X: @Ben said:

    1Password X is primarily intended for folks who don’t have access to the native 1Password apps (1Password for Mac, 1Password for Windows, 1Password for iOS, etc). Anybody who has Chrome (desktop) can use it, but you get the full 1Password experience by using the native app in combination with the appropriate browser extension

    Can you help me to understand that? From what I can see (unless I'm misunderstanding something), 1Passsword X puts the {lock} icon into fill-in lines of web forms... That's awesome, and I cannot imagine how anything could be better or more useful than that! Therefore (if native app + regular extension gives "the full experience" as Ben said...) then I must be missing an important feature of the regular extension because I don't see the regular extension being anywhere near as convenient as I see 1password X. What am I doing wrong?

    Nothing. 1Password X is just a bit "clicky" right now and lacks some advanced features. What I mean is that we've got a lot of development done already on the native apps and their extension, so things like keyboard navigation and password generation are more fleshed out there. Also, 1Password X cannot be used outside of the browser at all. Some or all of these things may not matter to you if you're new to 1Password, but many long-time users (like me!) are looking forward to when 1Password X will be even more capable. I agree that the inline "1Password" icon on webpages is really cool...but old habits die hard and I prefer not having to click on that. We're glad to be able to offer different options, and if we can merge them to get the best of both worlds in the future that will be even better, eliminating any confusion. :)

    Thanks again for all of your help & support - I love this product and want to make sure we're getting the most out of it.

    Totally! That's what we're here for! Have a wonderful Christmas, and let us know if you need anything else. :chuffed:

  • SpaethCo
    SpaethCo
    Community Member

    This may be a 'permissions' thing from her employer (it's a work computer). Any way around it (without involving her IT Dept)? If not, her only option would be to use 1Password X... is that correct?

    I don't work for Agilebits, but I feel like someone should point out a huge potential exposure here. If you're using an employer-provided computer where they've taken the time to lock down administrative controls, it's becoming increasingly common to also have monitoring systems in place to prevent data exfiltration. While 1Password's design would prevent them from reading your PW database, any sites you log into using those passwords are likely fair game. Don't assume that just because the sites you visit are https (TLS encrypted) that said employer cannot log the cleartext data from those connections. Also, don't assume that just because the computer leaves the office that the level of monitoring diminishes. (if anything, that activity is looked at more closely)

  • AGAlumB
    AGAlumB
    1Password Alumni

    @SpaethCo: That's a really good point. And indeed, a lot of companies now make even laptops that are allowed to leave their network stay signed into their VPN to be used for much of anything.

    I can tell you a couple things about 1Password that are at least safeguards against a person-in-the-middle (which a company monitoring computer or network usage could be, but certainly also malicious attackers):

    • 1Password communications are encrypted over and above TLS. Our website generally — and the 1Password service in particular — are very strict about security. This actually causes problems for some users (or, rather, brings existing problems to light) when they cannot connect at all. Many websites, when faced with a self-signed certificate or other things which invalidate end-to-end security just sort of shrug and connect anyway, but 1Password.com will reject the connection if it cannot be established to be secure directly between you and the server. Some people are unable to sign into their accounts on 1Password.com or download the apps or browser extensions because of this, but it's an important security measure so that our customers can be sure what they're getting.
    • 1Password data is stored encrypted. Someone with access to your system would have to have your Master Password to decrypt the data themselves...

    But at the same time, even if a company or attacker is not actively impacting your use of 1Password, if they control the machine they may passively monitor what's happening, so that they could collect information as you access it. It may not even be malicious, but cases like HP's preinstalled software logging keystrokes in plaintext pose a security risk, since even if HP had no intention of using that data someone less savory could use it to their advantage. So yeah, definitely a good thing to keep in mind that using machines that are not completely under our control can be risky.

This discussion has been closed.