Date: 25th April 2018
Topic: 1password intro message
This is a big announcement that will take some time to complete. I think 1-2h should be plenty for a regular user (most of you). All the PMs out there - be mindful about this and give your team members adequate time to get it done. But also - do it as soon as possible, please.
We will be using 1 password for all of our password related needs.
What is it? https://1password.com/tour/
In my own words: it allows you the comfort of remembering only one master password to unlock all other password protected things that you use every day. It also generates secure passwords for you, autofills login forms, let’s you store any sensitive information, and makes it easy to share passwords securely, keeps you up to date with latest security breaches and way more than that.
You can register here: https://ucreate.1password.com/teamjoin/invitation/E5CTGJMULNCUFLYDFTGJPIICVY
Make sure to install a desktop app, chrome plugin, and mobile app as well. Then make sure to save your emergency kit according to the instructions 1 password will give you.
- https://support.1password.com/explore/team-member/ - required
- https://support.1password.com/explore/team-admin/ - required for PMs
- https://www.youtube.com/watch?v=JQzbn4SCiZg&list=PLeXQRfNcE6-AYi81Q60EBDZJIx1SiPKhM - required
- https://www.youtube.com/watch?v=W6rr68XEtbM&list=PLeXQRfNcE6-AXey9YhaogHNFPhAld-Mks - required for PMs
I’ve recorded a quick video tutorial for PMs. I talk briefly about managing project specific vaults and users. Here’s a link https://www.youtube.com/watch?v=7D8W4nQ2ExM
I think it will clarify your 1p concerns :). It’s only 9 minutes long.
https://www.youtube.com/watch?v=AId6ODT4CK8&list=PLeXQRfNcE6-AdHT9K-5dTWj3Sg8AfEjQ5 - recommended for those who have used other password managers in the past and want to migrate those to 1password
How to use it - Your PM is an admin of the corresponding 1p vault. As a rule for using it in our organisation. Each slack channel related to a particular project or an area of business (social, finance, London, Poland, India, website, and all our external projects) should have its own vault.
Any new project - a :ucreate: PM should take care of setting up 1p before anything else gets done. It will make it easier to export all passwords related to a project once during a handoff. Just a few clicks really.
Any existing project - it will take you between 1 and 4 hours to gather and import all related passwords. The cutoff date for setting it up is Thursday, May 10th 23:59 GMT 2018
Password sharing - sharing passwords via public channels will get punished when I spot it. There’s a safe way to do it using 1password.
In case you've lost your master password - here’s a quick tutorial on what to do in that rare case - https://goo.gl/M359tg
Sharing access with founders 1p is required for all ucreate memebers and highly recommended to our founders. For this scenario we have guest accounts that are free for us. Guest account can only access single 1p vault. Take a look here to see how to invite a guest to a particular vault https://support.1password.com/guests-teams/
Tagging ENVs Since you're likely to need multiple ENVs in your project, the standard way of telling ENV specific passwords apart will be using ENV prefixes in the password name as well as taggiging ENVs with approriate tags. Like so
[PROD] Heroku @prod,
[STAGE] Heroku@stage. Take a look at
contigo sample vault to see an example. Shem can give you the access.
Regarding our 1p archive
- Open the vault you want to archive in your mac app
- File => Export => All items
- Export as .1pif (1 password interchange format). It won’t be encrypted so we need to store it securely
- Create secure note in archive vault (we don’t have it yet) named after the vault you’re archiving
- Add the .1pif file as an attachment to the secure note you just created
- Delete your .1pif file
- Empty trash
- Delete the vault you just exported
Note: Archive vault will be only accessible by 1p organisation owners (Matt, Dan, Pawel, Alex, Vishal, me) Note: Let founders know we have their data stored securely Note: Archiving should be part of the handoff process
This way we get to archive stuff and take care of our founders. And we can also keep things tidy and organised
Any questions - ask them to @shem in a thread under original annoucement - He'll respond ASAP