Skip to main content

1Password Token Management: How we keep client credentials secure

At DataTools Pro we have selected 1Password as our key vault solution given its portability and protection measures that allow us to:

1. Secure client credentials

2. Isolate vaults

3. Securely share tokens with 2 factor authentication

1Password is not limited to logins. You can save other sensitive data including but not limited to the following;

In this article we provide guidance to setup and configuration of 1Password for your team for single and multi-tenant.

Install 1 Password Chrome Extension

First, sign up for a 1Password account

Install the chrome extension and follow instructions

Lock 1Password into your Chrome browser:

  1. Click the extensions icon
  2. Click the pin button next to the 1Password icon
1Password Extension

Login to the 1Password web app

The “Employee” vault is where you will keep credentials and passwords specific to the employer / company for which you have 1Password installed.

1Password Vault

Vault Planning

Vaults are intended to organize a collection of logins or other sensitive data that requires tight security and restricted access. At DataTools Pro, for small engagements we create 1 vault per client to hold the credentials internally and not co-mingle credentials.

For data and application platforms where system level tokens and credentials are managed, we do recommend a cloud based key vault solution. Otherwise, if we use 1Password we recommend dev, stage, and production vaults where access can be managed.

As an example we keep vaults for internal use based on principle of least privilege.

1Password Vaults

Create New Vault

Add 1Password Vault

Simply log into 1Password and name the vault

Restrict 1Password Vault to Chrome Profile

When we build projects or create environments our team isolates 1 Chrome Profile per initiative. This isolates and simplifies authentication, cookies, and eliminates the possibility of disclosure during browser screen session.

To isolate a vault to a chrome profile,

  1. Right click on 1Password icon in your chrome browser
  2. Click Settings
  3. Click “Accounts & Vaults”
  4. Select the client / project specific vault(s) that you will use for the project or client.
1Password