Sync multiple 1Password keychains to one Dropbox account

Scenario:

I have a family license of 1P for myself, wife, and three children on four macs that we have. I wanted to set up three of the computers that the kids can use so they would have 1P and their bookmarks all synchronized. My plan was to use Xmarks for bookmarks and Dropbox for the 1P syncing. Sadly, Dropbox's terms of service don't allow for users under 13, but Xmarks does with parental consent. So I thought of using my own Dropbox account with separate folders for each child, and on each of their accounts I could restrict the syncing to just their own folder. Knowing that I could relocate the 1P keychain anywhere, I thought this would work great. And it almost does...

Problem:

The use of .ws.agile.1Password.settings to point the iOS application to the location of the data file for syncing makes this setup impossible. For example, I have these Dropbox folders:

./phillip (me)
./samuel (child)
./rachel (child)
./eliana (child)

I can put each child's 1P keychain in their respective folders, but the .ws.agile.1Password.settings file must reside in the Dropbox root. If I am not careful, my iOS copy of 1P can quite easily sync with the wrong keychain.

I'm aware that this is probably not a common use case, and I'm aware of the other discussions about why the settings file is in the root. I am also aware of other iOS applications that use Dropbox but they give you the ability to choose locations for sync'd documents. I'm wondering if it is possible for 1Password to do the same thing instead of relying on the settings file in Dropbox root. Please investigate and consider this enhancement.

As an alternative, is there a way to instruct a local copy of 1P to *not* generate the settings file? I.e., to tell that copy, "Hey, the database associated with this install does not need to sync with an iOS device so there's no need to create that settings file."

Comments

  • phillip_koebbe
    phillip_koebbe
    Community Member
    I just had the thought that one way I could work around this is to not use the Dropbox sync on my iPhone. Makes it a bit more difficult to sync with my phone, but at least I could get my kids working the way I'd like.
  • khad
    khad
    1Password Alumni
    At this time only one data file is supported per Dropbox account. I'll mention your use case to the developers!
  • Rodrigo Castillo
    edited May 2012
    I'm need this enhancement too. It is a must have. Thanks.
  • khad
    khad
    1Password Alumni
    Welcome to the forums, Rodrigo! Thanks for adding your voice to the conversation. :D

    We have some great improvements planned which I think will help in this area. I can't say anything more right now, but please stay tuned.

    If we can be of further assistance in the meantime, please let us know. We are always here to help!
  • treymiller
    treymiller
    Community Member
    I run a small IT services company, and would like to create a separate keychain that I can sync and share via Dropbox to my staff.

    This would be useful because then we could encrypt site survey and client password information in a central location that ISN'T Google Docs or just a plain or password-protected XLSX file in Dropbox.
  • khad
    khad
    1Password Alumni
    The concept of sharing and multiple data files within 1Password has been suggested a number of times and it's certainly a very interesting and useful idea! We are considering this for the future, but it is quite a substantial change to how 1Password works right now which means a lot of time and testing is required to add this feature.

    So with that said, I really can't make any promises on a time frame for when we may be able to bring this to 1Password, but that doesn't mean we won't. We've always believed in trying to be as honest and realistic with our users as possible rather than making lots of empty promises.

    I'm sorry I can't give you a more positive answer right now, but thank you so much for letting us know that you would find this useful. We do take the number of users who request a feature into consideration when we decide on our feature lists.

    In the meantime, importing and exporting 1Password Interchange Files is a great way to transfer information between different installations of 1Password (File > Export). It is not automated, but for my purposes it works well since I am not constantly changing the passwords I share with others. This way each use can have private 1Password data and import only the items they need from the rest of the team.

    (Please be aware that the 1PIF information is not encrypted and should be handled with care while in transit and securely deleted once the information is safely imported into an encrypted 1Password data file.)
  • benfdc
    benfdc
    Community Member
    edited June 2012
    khad wrote:

    In the meantime, importing and exporting 1Password Interchange Files is a great way to transfer information between different installations of 1Password (File > Export).


    1PIFs are a great way to transfer info between different installations of 1P/Mac, but IMO they are a lousy solution to the problem of maintaining a collection of shared passwords. Every user would have to do an import whenever a new or changed item needs to be shared, and would then have to securely delete his or her copy of the 1PIF, and 1P/Win users would have to find a Mac in order to import anything other than login items.

    We're talking version-control and security nightmare, plus large amounts of wasted time. Even if Agile were to implement File > Export Selected > Encrypted 1PIF and fully support 1PIF import in 1P/Win, I would still consider it to be a poor solution to the problem of maintaining a collection of shared secrets.

    What we need is File > Export Selected > 1PasswordAnywhere. Unless and until Agile gives us this, IMO the best solution available via 1Password is to open one's keychain in 1P/Mac 3.5 and File > Export Selected > Encrypted Web Page to create an HTML file with the entries that are to be shared. Stick the HTML file somewhere on your intranet or in a shared folder in the cloud. When something changes, just regenerate the HTML file and overwrite the old one.
  • khad
    khad
    1Password Alumni
    Every user would have to do an import whenever a new or changed item needs to be shared, and would then have to securely delete his or her copy of the 1PIF, and 1P/Win users would have to find a Mac in order to import anything other than login items.

    All true. I don't change my passwords that I share with other 1Password users with any regularity, though, so the first point is moot for me. And as I already mentioned in my post directly above yours: "Please be aware that the 1PIF information is not encrypted and should be handled with care while in transit and securely deleted once the information is safely imported into an encrypted 1Password data file." The 1Password for Windows issue is best dealt with in the Windows forums. It is a known issue.

    Thanks again for your feedback on this issue, Ben!
  • benfdc
    benfdc
    Community Member
    khad wrote:

    The 1Password for Windows issue is best dealt with in the Windows forums. It is a known issue.


    It’s a known issue to them what knows about it, but it may not be a known issue to folks who are steered to 1PIFs as a solution for data sharing.

    On the larger point, I suppose it’s futile to ask whether [font=helvetica, arial, sans-serif]File > Export Selected > 1PasswordAnywhere is on your developers’ to-do list, but I’m gonna ask anyway. File > Export Selected > Encrypted Web Page was dropped from 1Password 3 almost a year ago (1P/Mac 3.6 was released on 6/20/11) and AgileBits has yet to provide its customers with an adequate substitute. Boo, hiss! [/font]

    [font=helvetica, arial, sans-serif]If you think users don’t need this functionality, I respectfully disagree. If you’re having a hard time coming up with a replacement for Encrypted Web Pages, please consider restoring that capability to the current releases of 1Password 3.[/font]
  • khad
    khad
    1Password Alumni
    I think you already know that we don't normally pre-announce products or features.

    The concept of sharing and multiple data files within 1Password has been suggested a number of times and it's certainly a very interesting and useful idea! We are considering this for the future, but it is quite a substantial change to how 1Password works right now which means a lot of time and testing is required to add this feature.

    So with that said, I really can't make any promises on a time frame for when we may be able to bring this to 1Password, but that doesn't mean we won't. We've always believed in trying to be as honest and realistic with our users as possible rather than making lots of empty promises.

    I'm sorry I can't give you a more positive answer right now, but thank you so much for letting us know that you would find this useful. We do take the number of users who request a feature into consideration when we decide on our feature lists.
  • I sincerely wonder what companies like AgileBits are thinking when they post such poorly thought-out customer service answers. You think we're stupid and can't understand what you said in the first place? No, most of us are way smarter than any of you given your poor CS performance, but we keep bugging you to stress the importance and possibly come up with a solution that's easier to implement for you.

    All this really says about you is that you never planned for customer input. You never made a budget for customer requested updates yet you make it possible for your clients to post said requests online, publicly. That's business suicide. I can't invest in such a poor business model, even if it is just $50.

    Or, let me put it in an Agilebits way: I realize the importance of supporting a company such as yours, and I am strongly considering purchasing your product, however I cannot make any promises or provide you with a timeline of when I will consider 1Password to be worth the $50. But thank you for your empty promises and the repeated assurance that you will eventually make your product worth its price - I take that seriously.
  • khad
    khad
    1Password Alumni
    Welcome to the forums, Kevin. I'm sorry if my post above gave you the impression that I thought you or anyone else was less than intelligent. We have the best customers on the planet, and I am reminded of it time after time. You obviously care enough about sharing passwords to sign up for the forums and post in this thread. Thank you for your passion! I wish more folks in this world shared it. :)

    We deeply appreciate customer input and take requests into account constantly. Offhand, I know that we responded to direct customer feedback with regard to the size of the browser extension, updating the legacy Leopard app, the timing of the update checks in the main application, Growl support, and much more.

    I would use the "sharing" feature myself, but we have always preferred to let the software speak for itself rather than trying to lure people in with promises of future features. In fact, I'd never encourage anyone to purchase 1Password (or any product) based on claims of future features. On the contrary, I would advise you and others to always use the tool that meets your needs as best as possible today. If that's not 1Password for you at this time, then we will keep working hard in the hopes that one day it is.

    Please let me know if there is anything else I can help with. I have passed your vote for this along to the developers and would be happy to pass any additional feedback to them as well.
  • TC!!
    TC!!
    Community Member
    edited July 2012
    I found this thread after searching on Google if there was any more information about having multiple keychains.

    I wanted to tell you about a few ways I work with 1Password which have helped me get around some of these issues.

    First of all I sync 1Password from my main account with dropbox. Recently I've taken on some new work with some very sensitive passwords which I am not allowed to have on any machine other than my own, so I can't keep them in the 1Password keychain on dropbox. To get around this I created a new user on my mac and gave them their own 1Password keychain. Now whenever I need access to those sensitive passwords I just switch user and they are ready for me to use.

    For the other situation where I work with two colleagues on windows machines I often have to create web sites and share the ftp details with them. They also use 1Password to keep their own information about the same sites. To make sure my changes don't overwrite theirs we keep separate folders for their information and mine. When I need to send them a complete update they can import all my data into a new folder without worrying about overwriting their own data. When they need access to both sets of data they can just use the 1password search feature and they get access to the data in both folders.

    When we do send the unencrypted files around we've used a few different techniques, one is Skype and the other is to create a password protected zip file and place the file on a server where it can be downloaded via ftp and instantly deleted.

    I appreciate you not getting our hopes up to high about future updates. Let us know about them when they are good and ready, the Apple way of doing things.
  • khad
    khad
    1Password Alumni
    Welcome to the forums, TC!!! (The third exclamation point is my own.) :D

    Thanks for sharing those tips and tricks. It certainly would be nice to streamline your workflow. It sounds like you've got a good one, but there is always room for improvement.

    We've got some great things cooking for version 4. I just can't spill the beans right now.

    Thanks for your patience as we keep working hard to make 1Password even better.
  • benfdc
    benfdc
    Community Member
    You may not have spilled the beans, but methinks I caught a whiff. Smells yummy!
  • JohnVerschragen
    edited August 2012
    I've read the announcements that in 4.1 there will be new functionality, and hopefully the use of multiple keychains to be shared between colleagues.

    How long will that take. 1 year, 2 years from now?

    We can't wait much longer. If nothing can't be communicated about this application and the planned date of 4.1 we have to look for another solution and stop recommending 1Password to our customers.

    Plse stop telling stories about surprises and nice not to be revealed features. We have a business to run.

    1Password we use for more than 2 years now and we were very happy. As the company grows, we and our clients have growing demands. In business we don't hope and pray, we plan and work hard!
  • khad
    khad
    1Password Alumni
    edited August 2012
    Welcome to the forums, John! Since 1Password 4.0 hasn't even been released yet, I think it is a bit premature to start thinking about what will be in 1Password 4.1.

    As I mentioned above, we don't give time frames for specific releases. There are just way too many factors that contribute to when a new version will be ready — many of them beyond our control — for us to peg down a specific date. I'm sorry if that's not the answer you were looking for.

    As I also mentioned above, I'd never encourage anyone to purchase 1Password (or any product) based on claims of future features. On the contrary, I would advise you and others to always use the tool that meets your needs — business, personal, or both — as best as possible today. If that's not 1Password for you at this time, then we will keep working hard in the hopes that one day it is.

    Please let me know if there is anything else I can help with. I have passed your vote for password sharing along to the developers and would be happy to pass any additional feedback to them as well.
  • Which is a honest and fair answer! Txs Khad.
  • khad
    khad
    1Password Alumni
    Cheers, John! I really appreciate your understanding. Since there isn't much more that I can say on this topic, I'm going to go ahead and close this thread for now. If your or anyone else has a question that's not been answered here, please do start a new topic. I'd love to make sure it is addressed. :D
This discussion has been closed.