Get to know 1Password Teams: Account Recovery

We created 1Password Teams to solve long-standing challenges faced by businesses who need to protect their sensitive information. In this series of posts we’ll be exploring 1Password Teams and features that make it uniquely suited to these challenges. This first entry is all about account recovery, how we use it, and how to make a recovery plan.

Everyone forgets their passwords

1Password Teams is protected by a suite of encryption methods, all of which are secured with your Master Password and your Secret Key.

We can’t reset your keys, and we’re proud of it. Any responsible password manager should be able to say the same. But it can be hard to appreciate this fact on the day your Senior Vice President gets locked out of 1Password because she forgot her password.

locked

And there’s good chance she will. In fact, it’s not a matter of if, but when. A 2011 survey found that 41% of people forget at least one password each and every month. That’s a problem that no amount of encryption can solve.

Early on in the development of 1Password Teams, we gave ourselves a challenge: how can we help teams with forgotten passwords without offering an unsafe password reset feature? Our solution was the feature which we now call account recovery.

Zero knowledge, zero headache

Most services allow users to reset their own passwords. But if you can change your password just by visiting a website and typing in your email address, it means that someone else–the service provider–has access to your encryption keys. At that point, you’re no longer trusting encryption to safeguard your information; you’re trusting other people.
Flag

We have a zero knowledge policy, so we never have access to your encryption keys. It’s too risky when your confidential information is at stake. So instead of offering a password reset, our solution is to place the power of account recovery where it belongs: with your team.

With account recovery, if one of your team members gets locked out, you can restore their access within a matter of minutes. It all happens without ever sending encryption keys outside of your team.

Account recovery in action

After a hectic company getaway, Jeff tries to sign in to 1Password one morning but realizes he can’t remember his Master Password. Luckily, Dave is another admin on the AgileBits team. As long as Dave is able to access his own account, he can help out Jeff:

  1. Jeff sends a message to Dave in Slack and confesses his mistake.
  2. Dave signs in to 1Password, and initiates account recovery for Jeff.
  3. Seconds later, Jeff receives an email from 1Password. He follows a link to create a new Master Password receive a new Secret Key.
  4. Dave gets notified to complete the recovery process.

From that point forward, Jeff can access his account. All his data is still there, just as he left it. All he has to do is sign in to 1Password with his new Master Password and Secret Key. Jeff prints out his new Emergency Kit, and thanks his lucky stars that his team had the foresight to add a recovery process to 1Password.

Best practices for account recovery

Account recovery is a lifesaver, but only if you take some time to create a recovery plan in advance:
Recovery Van

  • Have multiple admins. If you’re the only person who can recover accounts, you’re the weak link. If you forget your own password, your whole team needs to start over. Avoid the embarrassment and add at least one other person to the Admin group as soon as possible. Learn how to edit member permissions and groups.
  • Tell your team members who to contact if they ever lose access. Designate a channel outside of 1Password, like Slack or an email address, for making recovery requests.
  • Upgrade to the Pro plan. With the Pro plan, you can give additional people recovery permissions without making them admins.
  • Read our recovery guide. If a team member needs your help to recover their account, you can both follow our recovery guide.

And if you don’t have 1Password Teams, now’s a good time to get started. Encourage safer password habits in your workplace and sign up for a 30-day free trial today.

12 replies
  1. Terry Bailey
    Terry Bailey says:

    I had the free version of 1Password and loved it. Became dependent on it. Then I jumped in the pool and fried my cellphone. I have spent hours trying to find it to recover it and have been unsuccessful. Can anyone help me to recover it?

    Reply
    • Kate Sebald
      Kate Sebald says:

      Oh no, Terry! Whether we can help you recover your data really depends on how you were using 1Password before. Since this usually requires a bit of back-and-forth, it’s better to sort things out via e-mail. I’m going to send you an e-mail from our support system with a few questions for you and we’ll see what we can do!❤️

    • Kate Sebald
      Kate Sebald says:

      Hello Silver! You don’t need to be able to access your account to cancel, we can definitely help you out! I went ahead and sent you an e-mail with some questions for you to help me get this taken care of. Once I hear back from you’ll I’ll be happy to sort this out for you.👍

  2. Linda A HOBGOOD
    Linda A HOBGOOD says:

    I have tried off and on over the last two years to gain access to my secret key so that I can get my 1password account to work on my iphone as it works on my apple computer. I know my master password, but not the “secret key” would give me what I need to put the program on my phone to sync with my computer. I don’t know if you have anything that would help me now with the new improvements. I do not have 1password teams. This is a personal account.

    Reply
    • Kate Sebald
      Kate Sebald says:

      Hey Linda! We’ve published a support article that may help you locate your Secret Key. Keep in mind, though, that if you don’t have a 1Password membership (paid for with a monthly or annual subscription), you won’t have a Secret Key. This means you have a standalone license instead.

      If you have a license and are interested in switching to a 1Password membership for automatic syncing and access to 1Password apps on all of your devices without purchasing licenses for each, we’ve published another guide to help you make the switch, which will also help you set up any additional devices once you’ve migrated your data.

      If you’re not interested in the benefits of a 1Password membership and would like to stick with your standalone license, you’ll need to select the sync method you use on your Mac (Dropbox or iCloud, most commonly) from the options on the Welcome screen when you open 1Password on your iPhone to sync things up. If you haven’t set up syncing on your Mac yet, you’ll need to do that first so that your iPhone will have data to grab.  You can find information about setting up sync here:

      Dropbox

      iCloud

      And, of course, if you have any questions or need help along the way, you can always feel free to contact us and we’d be happy to lend a hand. 🙂

  3. Andrew Harvey
    Andrew Harvey says:

    I’m using the free version of your product on an iPhone for organizing and protecting my personal passwords. I got very comfortable using the touch ID to unlock the app. At some point the app must have reset and the touch ID wouldn’t work. The app is asking for my master password which I cannot recall. Please help me unlock my information. Thanks.

    Reply
    • Kate Sebald
      Kate Sebald says:

      Hello Andrew! I’m sorry to hear about the lost master password.❤️ For your privacy and security, your Master Password is known only by you. We cannot reset it for you and you cannot change it without entering the old one. There is also no “back door” to access your data without the Master Password. If there were, that would be a security hole that could be exploited to gain access to your secure information.

      We have published a troubleshooting guide in our knowledge base  that will help you try to recover the password or figure out what to do next. If you’re entering your Master Password but it’s not being accepted, we have another guide that may help you.

      If the help guides don’t help and you’re not ready to give up just yet, your best bet is to keep guessing. You may find you just happen to remember your Master Password in the shower one day.😉 For the future, remember that there are a few reasons 1Password may request your Master Password instead of Touch ID, so while I also love fingerprint unlocking on my Android phone, it’s best to keep a record of your Master Password somewhere safe just in case.🙂

  4. Sonia
    Sonia says:

    I need help desperately. I have a PC and a MAC at home and they both had been connected with 1Password. Recently I had a crash on my PC (Surprise!!) that required my whole drive to be wipe out. Now I don’t know how to recover my account from 1Password since it requires key numbers I know how how to obtain them. Can someone help me please?

    Reply
    • Dave Teare
      Dave Teare says:

      Hi Sonia,

      I’m sorry to hear about your PC crashing. That’s no fun whatsoever and I hope you were able to recover your files, especially things like photos and the like.

      I’ve asked Frank to reach out to you via email to see if he can help. It sounds like you need your Secret Key to access 1Password, which should be still available on your Mac. Frank will help you through that and make sure we’re on the right path.

      Good luck!

      ++dave;

  5. Ren
    Ren says:

    Hello,
    I have been using the thumbprint to open my 1Password account so I have forgotten my actual password and now I am locked out and the hint isn’t helping either! Help!

    Reply
    • Kate Sebald
      Kate Sebald says:

      Oh no, Ren! I’m actually thankful my PC doesn’t support fingerprint unlock as I’m always afraid that would happen to me if I wasn’t forced to type my Master Password every day. This sort of stuff can require a lot of back and forth that’s tough to manage in blog comments, so I’ve sent you an e-mail with some additional questions for you to see what we can do to help.🙂

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *