Tips for using 1Password with multiple data stores

I have a personal 1Password account, and now my team at work is starting to use 1Password to store passwords for databases and applications relevant to the work we do.

Limitations/annoyances:

Loading the native application and switching between data files is a little annoying; in part because my brain tries to remember which one I used last.
The 1PasswordAnywhere feature isn't compatible with my favorite/default browser, Chrome, when accessed locally; apparently for security purposes.
You can't edit the data via 1PasswordAnywhere. (Not that big of a deal, our passwords won't change that much.)

We're using Dropbox to sync the data file between our accounts, so for now I'm accessing it via the Dropbox web interface as needed, but if my cookie expires then that's another speed bump to getting the data I need.

In an ideal world, it would be nice if I could link the two data files so that I only had to point the native client at one of them to get access to both.

Am I missing something? Is there a better approach?

passwords

Adam Tuttle

Posted 2011-02-16T18:40:12.880

Reputation: 697

According to the AgileBits forum (http://forum.agile.ws/index.php?/topic/4-suggestion-multiple-1password-keychains/) it looks like they've been looking into this feature for almost 3 years - there's no way to know if or when official support will arrive.

– Jeremy Weathers – 2011-07-15T04:04:10.970

@Jeremy, It seems support has arrived (a few years later): 1Password for Mac introduces multiple and shared vaults, revamps user interface

– askewchan – 2014-05-10T02:03:32.540

Answers

With some recent changes to 1Password and its browser extensions, not only is what I'm attempting to do here unsupported, it has some serious bugs, including severe security issues!

DO NOT ATTEMPT TO USE MULTIPLE 1PASSWORD REPOSITORIES ON THE SAME COMPUTER!!

With some of the recent versions (circa Sept-Oct 2011 and later) of 1Password and the browser plugins, data can leak from one keychain file into another, and you may find that you have to enter the password of one keychain to unlock the other (only via the browser plugin, in my experience).

They plan to support 1 keychain file per computer-user-account, but last I checked there were still bugs in that implementation.

See my blog post for the full story.

Adam Tuttle

Posted 2011-02-16T18:40:12.880

Reputation: 697

You don't say whether you're running OS X or Windows. If Windows, then ignore the rest of this.

It seems like the best current option would be to write a simple script that quits 1Password (e.g. via AppleScript -> SystemEvents if memory serves me correctly), changes the data file location in the preferences (~/Library/Preferences/com.1passwd.plist), and then relaunches the app. The preferences file is a simple text plist file and the data file location looks like:

<key>AgileKeychainLocation</key>
<string>/Users/blah/Dropbox/1Password.agilekeychain</string>

Jeremy Weathers

Posted 2011-02-16T18:40:12.880

Reputation: 131

Not a bad thought, but in the meantime I've come up with an even easier way of accomplishing the same thing: I've dragged shortcuts to both data files onto my (OSX) dock. Clicking the file in the dock sets that as the active data file for the app and starts the app. If the app is already open, it just switches and prompts for the master password. No programming at all (so, easy for teammates to duplicate) and less confusing overall. The only problem with this approach is that they both have the same file name, and thus label, on the dock. I just have to remember that LEFT=personal, RIGHT=work. – Adam Tuttle – 2011-07-16T23:14:39.107

With LastPass, you can have multiple "identities". That way, with the same account, passwords can be separated and accessed under each identity separately.

Abraxas

Posted 2011-02-16T18:40:12.880

Reputation: 1 269