Vaults

Understanding Vaults

A crucial concept within the 1Password app is the Vault. A Vault is a container for all the Items which record credentials and secret information. You're account can have access to multiple vaults at a time, even one's owned or shared by another account. This allows for collaboration between team members or more responsive action for IT support.

In addition, there are a ~~team~~few ~~environment~~categories ~~proper~~of vaults you should be aware of. It's important to understand not so you can create vaults— that will be handled by IT— but rather so you are aware of which vault ~~usage~~a new item is ~~critical.~~stored in to avoid complications in the future.

Private Vault (not used)

This vault is only accessible to your account. Our recommendation is to leave this vault empty and never use it. All your regularly used passwords should be in a vault with your name on it. This is shared with IT and sometimes with teammates within your company. This vault cannot be deleted or renamed or even disabled. Until the option to hide or disable it is added to 1Password, we must pretend that it's not even there.

Your Named Vault

As the name implies, this vault is assigned to your account and is named with your name. This will be the primary repository for all items containing passwords and other account credentials that you use. Please save login information relevant only to you in the vault with your full name. Examples are your macOS login, Adobe account, Microsoft account, etc.

Shared Vaults

IfAll vaults other than the ~~login~~Private ~~information~~Vault can be shared with other accounts, such as other company employees. In a team environment, allowing access to the correct accounts is ~~used~~critical. bySpecifically, ~~others,~~IT ~~consult~~has access to your named vault in order to quickly solve problems. Other employees might also have access to your named vault for other reasons specific to the ~~list~~company's ~~below~~industry or setup. Who has access to ~~determine~~ which vault ~~to use. If you are unsure, please check with your manager or ask in the tech-problems Slack channel. The latter~~ is ~~probably~~completely ~~better~~customizable— towhich ~~start with, since if you are unsure,~~makes it isa ~~likely~~versatile ~~others are as well!~~tool.

~~Vault organization format:~~

~~Vault Name~~

~~Vault Description~~

- ~~group or user permissions~~

Shared

~~This is a default 1Password vault, shared with all staff. Use for all-staff items that do not belong in another vault. Examples: Office WiFi, Conference Room Mac.~~

- ~~Team Members (group)~~

IT - Infrastructure

~~Server details, network logins, and more.~~

- ~~sysadmin@ - Mark, Brandon~~
- ~~Accessible to Kurt and Dana, but should generally be hidden.~~

Dev

~~Development - items that do not belong in either IT/sysadmin or similar vaults.~~
- ~~Dev Group~~

HR

~~Human Resources content, including any login for HR services that looks like an individual login but is actually the organization's only login for that service.~~
- ~~HR group~~

~~Guests~~

Limited to a single vault, but can use the full app and browser extensions. Could be a good vehicle for introducing clients to password managers, or for vendor needs like bringing a financial firm in for accounting help. Generally these guest accounts should have a unique/new vault spun up for them, instead of providing access to all of a normal company staff vault.