Why use an emergency kit if you can recover accounts for family members?

ivob
ivob
Community Member

If every family member is a family organizer, then every member is able to recover the account of another family member.
In that case, why would we use the emergency kits at all? I mean, if a member forgets his password, another member can just recover his account (assuming he has access to his mail).

Also, in general it would be safer if no one uses their printed emergency kit anymore.

What am I not seeing here?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • williakz
    williakz
    Community Member

    Think about the capabilities and characteristics a family organizer would ideally possess. Now consider whether those traits are evenly distributed within a family, especially a multi-generational one.

  • Lars
    Lars
    1Password Alumni

    Welcome to the forum, @ivob! While there are definitely security considerations involved with printing out a "hard copy" of your Emergency Kit in a 1Password account, it would arguably be much worse to forget or lose your credentials to sign into your 1Password account. Our recommendation is that Emergency Kits be stored safely, such as in a floor safe, locked filing cabinet or safety deposit box. Another option would be with a trusted attorney.

    We definitely recommend making at least one other person a Family Organizer in any 1Password Families account as well, since that means there's not a single point of failure in the account. If you are the only Family Organizer, and you forget your own Master Password or lose your Secret Key, each person in the entire account would need to start over. But if at least one other person is a Family Organizer, you can each act as "backup" for the other. For example, a husband and wife might both be Family Organizers in a 1Password Families account -- but none of the children. That's just one example of a family setup where it might not be appropriate to make everyone a Family Organizer -- though it's certainly an option to make everyone a Family Organizer as well, at your discretion. Regardless, keeping a copy of your Emergency Kit -- or at least writing your 1password.com credentials down somewhere -- is still a recommended practice.

  • ivob
    ivob
    Community Member

    Thank you for your reaction @Lars. Consider a family of 4; all trustworthy adults.
    Everyone creates a new mail-address which is solely used for their 1Password account. Also, everyone is a family organiser in this family account. Credentials of those mail-addresses are shared with everyone. Nobody creates an emergency kit.
    In case of death, or one forgets his master password, every other family member can recover his account. Also, if someone recovers your account without your knowledge, you’ll still receive the recovery email.

    A possible pitfall could be the increased chance that your account can be deleted, since everyone is a family organiser.

    I’m curious about your view on this.

  • Lars
    Lars
    1Password Alumni

    @ivob - I'm not quite sure what you're asking my views on, specifically. I won't weigh in on the concept of "trustworthy," because I'm not qualified to opine on who might or might not be trustworthy in other people's families. ;)

    I certainly don't think it's a good idea to share email account credentials with other family members for these purposes. 1password.com accounts cannot be recovered without participation from the user -- or anyone who has access to the address the user registered for the 1Password account using. If you all share your email credentials, then any member of the 1Password account could initiate recovery on anyone else's account, and quickly (using that person's email credentials) recover the account before the user even noticed the process was occurring. This seems like intentionally bringing the concept of "trustworthy" to prominence, though you're correct to point out that trust is already in play since Family Organizers can delete other users at will.

    Still, in a regular 1Password Families setup, even if you made all members Family Organizers, there would be no way for any user to complete recovery on another member's account without their consent (and possibly even without their knowledge, until it was too late). Making everyone a Family Organizer certainly helps limit the possibility of unrecoverable data/accounts. But I definitely wouldn't have everyone exchange email account credentials, and I wouldn't say making everyone a Family Organizer does much more than having only two Family Organizers. With only two Family Organizers, if one of them forgets their Master Password or loses their Secret Key, the other can help recover them, and vice-versa. And if any non-Family Organizers forget their credentials, either of the Family Organizers can help. The only additional protection that making all members into Family Organizers would accomplish would be preventing the unlikely event that both Family Organizers were somehow incapacitated simultaneously (like a car or plane crash), or both forgot their own Master Passwords at the same time. Possible? Sure, I suppose. Likely - or likely enough to warrant additional measures like the one you're suggesting? That's a decision only you can make.

  • ivob
    ivob
    Community Member

    I’m not sure what you mean with completing recovery on a member’s account without their consent. Any member can recover another member’s account within the family, due to the shared email account credentials. With or without one’s consent. But it isn’t any different if all family members keep their emergency kits in the family safe. Then also, any member can have access to anyone else’s account.

    In that case, it’s maybe better to store the account credentials in the family safe. If someone (with bad intentions) cracks the safe, the account credentials alone are worthless. You still need (access to) a family organizer to make use of it.

    I agree with you on the fact that you only need two family organizers. But it still all comes down to trust. Independent of using the recovery method, or the emergency kits.

  • Indeed. At the end of the day each is a tool that is available to you. We can make recommendations based on our perspective but it is up to you to determine how each does or doesn't fit into your use case. :)

    Ben

  • prime
    prime
    Community Member

    The mail family organizer is out of town and unable to get to the internet (or just on a vacation and isn’t near a computer or whatever). Why risk it?

  • Lars
    Lars
    1Password Alumni

    @prime - that is indeed why we say it's up to each individual to determine their own use case when it comes to things like this. :)

This discussion has been closed.