Feature Request: Data Sharing

Jo*

<div class="IPBDescription">partial sharing of only certainly items</div>Hi all,



I use 1Password religiously <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/wink.gif' class='bbc_emoticon' alt=';)' /> and have some of my friends and colleagues convinced to use this marvelous app, too.



Ever since I started using 1Password I quickly got accustomed to set up hyperstrong passwords rather than the ones like "mydogsname123".



Since we often need to exchange passwords for servers and the like we share them via email ("Hkt%8Kf4pbD5&w?g7s" is a rather complicated pasword to be exchanged via phone). However, I never felt comfortable sharing passwords via email since it's easy for them to get compromised.



I reckon it's not (yet?) possible to share a dedicated part of the agilekeychain with other DropBox users in order to share only specific passwords? Thus we would need to set up a second agilekeychain and change the agilekeychain manually in the 1Password preferences each time we want to open that specific password library.



How would we go about using a second (dedicated shared) agilekeychain in the most comfortable manner (so people would actually start using a shared keychain)?



Do you guys plan on implementing a feature like this (dedicated shared agilekeychain) in future releases?



How about a gate within the 1Password startup screen that allows users to pick a specific keychain (sort of like the log-in screen for several users on Mac OS X)?



Jo

khad

This suggestion has come up from time to time. Thank you for letting us know it would be useful to you as well. We will look into improving this in a future update! <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />

benfdc

I've also put this in its own thread, but if there were an option to throw a password on a 1PIF then at least there would be a simple way to securely share a set of passwords.

Scott W

[quote name='khad' timestamp='1300670894' post='22833']

This suggestion has come up from time to time. Thank you for letting us know it would be useful to you as well. We will look into improving this in a future update! <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />

[/quote]



If it is of any help, I would "kill" for this feature (both professionally and for the family)

Alyssa Davis

Hi, I'm not sure where to look for this but I have a question about how to share certain keys with another 1Password user.



I'm a freelance web developer, I have a lot of clients who have a lot of logins and 1Password is great for me to keep track of secure logins without having to remember my client's passwords. This is great, but I wonder if there would be a way to share part of my keychains, say with each specific client. I know I can use dropbox to sync all of my keychains, and thats working great, but I'd like to know if there is a way to share only keychains tagged with a specific keyword with one or more people? The idea is that each person has their own 1Password installation (and license key) but we can share certain logins and use dropbox to keep them synced, as well as keeping other logins private.



Hope someone can help, thanks

khad

Thanks for the votes, folks! This is certainly on our radar.



Alyssa (and others), you might consider sharing information with 1PIF (File > Export Selected > 1Password Interchange File) in the meantime.

benfdc

[quote name='khad' timestamp='1300947937' post='23090']

Alyssa (and others), you might consider sharing information with 1PIF (File > Export Selected > 1Password Interchange File) in the meantime.

[/quote]



Creating and circulating a file that has valuable passwords in plaintext can be an unnecessary risk. You certainly don't want to email it.



For now, my solution to the problem is to create a LastPass vault with passwords and secure notes that I need to share, and giving my colleagues/family members/whomever the master key to that vault. I much prefer 1P/Mac to LastPass for day-to-day use, and I'll be a very happy camper when AWS comes up with a way to securely share items in 1Password, and I'd love to be a beta tester when there's something to kick the tires on, but I'm well past the point of being content to wait. For me, for now, LastPass meets this need.



--Ben F

khad

Thanks for the feedback, Ben.

benfdc

[quote name='khad' timestamp='1301033226' post='23165']

Thanks for the feedback, Ben.

[/quote]

OMG!!!!!!!!



I just noticed that 1P/Mac already offers a robust solution for securely distributing passwords. There are no plaintext files requiring secure transmission or secure deletion by the sender and the recipients unless you need to conceal the titles and URLs of the entries that you are circulating, and if that's a concern then [url="http://help.agile.ws/1Password3/agile_keychain_design.html#individual_entry_contents"]maybe you shouldn't be using 1Password in the first place[/url].



===



Step 1: Tag the files you want to share (better than folders, because tags allow you to include the same item in multiple shares).



Step 2: Select all of the tagged files.



Step 3: File > Export Selected > Encrypted Web Page



This produces an ASCII file with a .html extension.



Step 4: Examine the file in your browser to be sure that it contains all of the information you want to share, and only the information you want to share.



Step 4.5: (optional) Encrypt the HTML file. If everyone has Knox, TrueCrypt, PGP, or the like, you're good. If not, just View > View Source, Select All, copy, paste into a word processor, and save with a strong password (generated by 1P, of course). Password-protected .docx files (Word 2007 or later) or .odt files (NeoOffice 3 or OpenOffice 3) are bulletproof.



Step 5: Stick the HTML file in a shared Dropbox folder or attach it to an email.



Step 6: Distribute the password securely on a different channel (e.g., SMS or orally), and Bob's your uncle.



Why would you want to encrypt the HTML file? Maybe you want to require two access passwords that you can distribute on different channels. Or maybe you don't want to expose the titles and URLs of the info that you're sharing.



===



This isn't perfect. There's no auto-sync, so you have update the encrypted website manually whenever a password is changed or a new one is added. (I'm used to this because File > Export > Palm has the same issues.) And 1P can't import data from an encrypted web page (guess who's about to post a new feature request?). But for my purposes this is pretty darned good.



--Ben F

khad

Ben, I apologize for not bringing that up in this thread. Sometimes I get my threads confused. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



I thought that was already mentioned here, but it obviously was not yet. I am glad that works for you!



Cheers,

Alyssa Davis

[quote name='khad' timestamp='1301051178' post='23195']

Ben, I apologize for not bringing that up in this thread. Sometimes I get my threads confused. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



I thought that was already mentioned here, but it obviously was not yet. I am glad that works for you!



Cheers,

[/quote]



Thanks for moving my post to a relevant thread, and I'd love to be a beta tester for this feature request if/when it comes out.

benfdc

[quote name='Alyssa Davis' timestamp='1301427653' post='23520']

Thanks for moving my post to a relevant thread, and I'd love to be a beta tester for this feature request if/when it comes out.

[/quote]

I just noticed the pinned post about how to join "team beta."



I'm in.

Raj

I would also pay good money for multi-keychain support for 1password.

Need to segregate my personal (shared with family) and work (not shared) passwords, and having two password sets is frustrating.

Since it would effectively save me another computer (well, a VM), it's worth a good amount to me.

1password is vital to my sanity, this would just make me so much happier!

benfdc

[quote name='Raj' timestamp='1301440474' post='23529']

I would also pay good money for multi-keychain support for 1password.

Need to segregate my personal (shared with family) and work (not shared) passwords, and having two password sets is frustrating.

Since it would effectively save me another computer (well, a VM), it's worth a good amount to me.

1password is vital to my sanity, this would just make me so much happier!

[/quote]

The more I think about it, the more I see how wicked this problem is. The technical issues pale in comparison to user interface design problems.



I imagine three conceptual models, and I'm sure that these don't exhaust the field. One is using multiple keychains serially (but won't common data elements get out of sync?). Another is using multiple keychains simultaneously (but what if there are conflicts?). And a third is having one keychain, but with some sort of permission-based sharing of different sets of keys within the keychain (how will I ever keep everything straight?). Every one of these carries its own set of nightmares, and each approach might be well-suited for some situations but ill-suited for others.



You might want to try running two password managers in parallel, and using, say, 1P for family stuff and LastPass for work stuff, or vice versa. Might be a workable short-term kludge until AWS comes up with something more elegant. Might turn out to be a decent long-term solution. Or, it might not work for you at all. I can pretty much guarantee you one thing, though—you'll gain some insight into and appreciation for the degree of difficulty.

rmpel

I have been searching for this and didn't find a good answer, I hope there is a working solution for the following, otherwise it's a feature request <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />



We have setup to synch two computers 1Pass keychains using dropbox and found that the master password is now identical on both machines. We don't want that.

Then we have all keychain content on both computers, but we would really like a 'personal' part and a 'shared' part.



Is there any way to achieve this?





Thanks!

khad

Welcome to the forums, rmpel!



I have merged your post with the appropriate thread. Please see above and let me know if you have any additional questions or concerns.



One thing I would like to point out, though, is that only a single data file is supported for Dropbox syncing. If you try to have more than one in a Dropbox folder you may run into lots of problems. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_worried.png' class='bbc_emoticon' alt=':S' />



Be careful out there! <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />

TimMcFisher

I use dropbox to synchronize my passwords between multiple devices. I use 1PW for both personal and business functions. I would like to share my personal passwords with my spouse, but cannot afford to share my business passwords. Is there a convenient way to do this on my end? Something like having two distinct copies of 1PW on my end with syncing the home passwords on a shared dropbox folder?



Thanks,

Tim

khad

Welcome to the forums, Tim. I have merged your post with the appropriate thread. Please see above and let me know if you have any additional questions or concerns.



Thanks!

DanP110

Wanted to add my support/vote for this feature. Our user story is related to many of the others above; specifically, there are a set of "employee" sites (HR sites) that I use that I need to share with my wife. Ideally these sites would allow her to have her own account, but they don't and that means a shared password/account. We have the Family version of the Mac/Windows product, and I would love to be able to automatically synchronized individual passwords with my wife without sharing everything.



I would vote for use of one or more alternate data files (with the UI seemlessly merging the files) and choice of a data file during new login/password/identity would work. Important thing would be automatically syncing through dropbox or even wifi like with my iPhone. Thanks for a great product!

khad

Welcome to the forums, Dan. Thanks for the vote and kind words of encouragement!



There are certain elements which seem to be universal in the request for this, but we appreciate having some additional information on specific cases. I will pass this along to the developers in my next pep talk. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



Best regards,

Ken Brucker

+1 for multiple keychain (and thus granular data sharing) support.



I think the way look at this is to allow multiple keychains in 1P and the sharing authority could be managed via dropbox controls. If I had the ability to have a private local keychain in addition to one (or more) stored in dropbox folders I think it would address many of the use cases including the automatic sync.



Having the ability to store the credentials for the additional dropbox keychains within the local master for a seamless experience would also be great to see.



The key element to address in the dropbox UI with this method is the ability to manage items spread across multiple keychains with multiple passwords. I don't see a need to build any permission structure directly into 1P.

[Deleted User]

Thanks for the post, seiryu and for your vote.



As I believe has been mentioned further up in the thread, we're not sure that Dropbox is going to be the way to handle this data sharing, having items spread across multiple keychain files will likely cause some challenges.



That doesn't mean that data sharing is off the table, but it may have to come in another form that doesn't involve Dropbox to share the data. We don't have more details to share right now, but when we do we'll be sure to post here in the forums so everyone can see.



Thanks again for the feedback!



[quote name='seiryu' timestamp='1306933547' post='28284']

+1 for multiple keychain (and thus granular data sharing) support.



I think the way look at this is to allow multiple keychains in 1P and the sharing authority could be managed via dropbox controls. If I had the ability to have a private local keychain in addition to one (or more) stored in dropbox folders I think it would address many of the use cases including the automatic sync.



Having the ability to store the credentials for the additional dropbox keychains within the local master for a seamless experience would also be great to see.



The key element to address in the dropbox UI with this method is the ability to manage items spread across multiple keychains with multiple passwords. I don't see a need to build any permission structure directly into 1P.

[/quote]

thightower

No Dropbox for this option sheer terror grips me. Lol



I prefer Dropbox but you guys have never steered my wrong so I'll wait and see.



(get on knees begging for inclusion of Dropbox) ROFL



seriously niggle niggle nudge hint hint wink



Can you tell I have a free moment at work. Plus can't fault me for being dedicated now can you.

[Deleted User]

Hehe, what'll happen if they ever block access to the forums at work, Tommy? I don't think I'd want to be around for that day <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



Roustem knows more about this than I do, and we all know he is just 'Too Agile' at times, so there may well be a solution for Dropbox, but equally I think you'll all really like what we're currently looking at as the solution.



Of course nothing is final yet, we're not even at the 'lock Dave and Roustem in the secret hatch and make them code' stage yet, or at least if we are we haven't been told, but hey now you come to mention it, Dave has been sounding awfully Blofeld-ish of late!



Anyway, just want to say a huge thanks to everyone for their votes on this, if it helps, there are so many of us on the team who want to see this, and many other features too. We're all 1Password users ourselves too, and not just because we have have to, if you've ever listened to my podcast you'll know how much I love to pimp 1Password!



Oh and, Tommy, keep up the dedication <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />



[quote name='thightower' timestamp='1306937387' post='28287']

No Dropbox for this option sheer terror grips me. Lol



I prefer Dropbox but you guys have never steered my wrong so I'll wait and see.



(get on knees begging for inclusion of Dropbox) ROFL



seriously niggle niggle nudge hint hint wink



Can you tell I have a free moment at work. Plus can't fault me for being dedicated now can you.

[/quote]

JodiSte

I would like to share some of my passwords with my wife, but some I would like to keep for myself. (no dodgy reason here!)

Is there a way to do this?

The reason for this is to only keep one version up to date and all others in the family are automatically updated.



Any ideas?



Cheers

John

khad

Welcome to the forums, John! I merged your post with the "data sharing" feature request thread. At this time it is not possible to selectively sync items between two different 1Password data files. In the meantime, you can still export and import data between two data files, so if your passwords aren't changing every day, that might suffice for the time being.



Please see above and let me know if you have any other questions or concerns. This is still on our radar for a future update.



Cheers,

benfdc

[quote name='stu' timestamp='1306939506' post='28291']

I think you'll all really like what we're currently looking at as the solution.

[/quote]



I'm thrilled to read that there may be something coming down the pike soon on this front.

[Deleted User]

Me too Ben!



Hope Apple allows it to happen in my lifetime. <img src='http://forum.agilebits.com/public/style_emoticons/<#EMO_DIR#>/smile.png' class='bbc_emoticon' alt=':)' />



Cheers!



Brandt

DPC1

Is there a way to share individual logins with a family member without sharing all logins? There are certain logins that I'd like to share with my family (and still keep good passwords e.g. Amazon) but I don't want to share all of my logins and 1Password data. Right now I can't easily use strong passwords for logins that I share (netflix, amazon, hulu, etc...). Is there a good way to do this?



If this isn't possible, it would be nice if 1Password had a single data file for the family (so it could be synced/updated) but only certain logins showed up for each user depending on the 1Password "account" they logged into. This way I could share certain passwords with my my wife, a few with the kid while keeping the remainder of my passwords private and secure. The added benefit is it would put my wife and child into the habit of using 1Password instead of using whatever crappy password they make up and use for all of their logins. I would certainly be happy to pay for each 1Password user account.



Thanks for any advice.

khad

Welcome to the forums, DPC1! This is definitely something that we all agree would be very useful. It is not a trivial undertaking, so it won't happen quickly. However, I know this is something all of us at AgileBits have been wanted to implement for a while.



What I currently do is to export the Logins I wish to share to a 1Password Interchange File ([b]File > Export Selected > 1Password Interchange File[/b]). That way the other user can import them into their own 1Password data file. The downside to this approach is that you will need to perform the procedure again if you change the password(s) you are sharing since it is not [i]live[/i] data sharing. Hopefully we can move toward that in a future version.



If we can be further assistance, please let us know.



We are always here to help!