1password is a password manager that can now also be used at TU Wien to increase password security. During implementation, care was taken to enable shared use within TU Wien. upTUdate groups created in TISS and synchronized with 1password could be used to manage the rights of the shared vault assigned to a structural element. These shared vaults can be assigned rights by IT administrators.
Two campus software products are offered:
- 1password team member
- 1password group administrator
Only one group administrator can create shared safes (→ shared use by multiple persons). The group administrator initially has ownership rights over a shared vault. Changes to the shared vault are displayed in the 1password web console in the activity log and can therefore be tracked at any time.
Employees of the TU Wien can also use 1password privately and thus make their own passwords more secure. Each TU Wien license also includes a privately usable, free family account, which can be used after cancellation of the license - but against payment. An already existing family account can be linked to a TU Wien license, which means that no costs are incurred for the duration of the linking.
1password is currently being tested in practice with a limited number of licenses and - if the tests are successful - will go into normal operation in 2021. Further information on the use of password managers and security issues in general can be found in the coLab under IT Security Recommendations or personally from Gregor Hartweger.
Since the structure of 1password is very flat, only vaults with unordered elements can be used. To simplify user management, address managers can create groups for rights management. For this purpose, the address manager sets up any number of upTUdate groups, which have to be maintained regularly , with the suffix .teamtuwien.1password.eu (TISS). These groups are synchronized into the 1password system every 5 minutes. Users that do not yet exist in 1password will be skipped.
Both campus software products, 1password team member and 1password group admin, can be ordered via the campus software catalog:
When ordering, the own billing group must be specified and it must be released by the person authorized to release for billing orders (campussoftware-self-service).