We take security very seriously. To ensure that we can easily access your clients’ sites and other systems, we use 1Password to share and organize credentials.
During your partner onboarding, you’ll receive access to a shared vault with us (named {Partner} + Valerian) that we will use throughout our partnership. Depending on the process, we might add items to your vault, but you will have the ability to add them as well!
Accessing 1Password
Setting up your account/initial access
During onboarding, we’ll send you a temporary access link that contains your 1Password username, password, and secret key. This link will work for 7 days, and the login information will be saved to your vault so that you can access it after the link expires.
We recommend storing the same login information in your own password manager so that it’s easily accessible when you need it.
Should you forget your password or need your secret key, your “Emergency Kit” PDF is also stored in our shared Google Drive.
Partner + Valerian Shared > Documents > 1Password Emergency Kit PDF
Browser
You can access our shared vault using your web browser by visiting the link here:
You will need your username, password, and your secret key if it’s the first time you’ve signed in on that browser/device.
App
While the browser works just fine, the 1Password app is streamlined in a way that makes it especially easy to use, so we recommend installing it on your device. You can download whichever version you need at:
Why do we love the app?
You can stay signed in, leverage multiple 1Password accounts, and access shared credentials quicker.
Browser extensions
We also recommend installing the browser extensions for 1Password; this will allow your 1Password to pre-fill login information. That means less copy-and-pasting for you to do!
Get the browser extension here:
Making 1Password work for everyone
We’ve been using 1Password for a while, and we love the features that let us work smarter, not harder. We’ve also developed some best practices that help our team and yours get the most out of it!
Shared/collaborator access
Whenever possible, we recommend using a shared or collaborator account. This means you create a user account for our shared email and have your clients invite us to that service.
We often use shared accounts or collaborator access for things like domain registrars, CloudFlare, CRMs, Google Analytics, etc.
When possible, we try to avoid logging directly into your clients’s account as they often require 2FA and can be challenging to coordinate.
Whenever possible, please use a shared/collaborator account with your clients.
2FA (two-factor authentication)
2FA is important for security, but can be challenging in a team environment with shared accounts. Luckily, 1Password has 2FA built in to make it easy! 🥳
Please use app-based 2FA for the logins you share with us so that 1Password can be used to authenticate instead of a SMS/text message.
To read more about 2FA in 1Password, visit https://support.1password.com/one-time-passwords/.
Utilize credential categories
To optimize your vault, we make use of 1Password’s categories. Categories aren’t just for organization or search—although they do help with that; they also provide different fields that help ensure that all the necessary information can be found in an item.
Whenever possible, we recommend using the appropriate category when adding a new item to your vault.
For example, if you are adding login credentials to a site, use the Login category, which will include fields for username, password, the website the credentials are used for, and a one-time password.
If you are adding a license key for a plugin, use Software License so you can clearly include version, key, and more.
Troubleshooting: Typically, you’ll be able to find a category that nicely fits the item you are adding, but occasionally you’ll want to include info that doesn’t fit in a predefined field. In these cases, you can use the notes section to add more context.
To learn more about categories, see:
Watchtower
One of the reasons we love 1Password is for its ability to assess and alert users to any security vulnerabilities. 😍 The Watchtower shows your score and any recommendations to improve the security of our shared vault!
The Valerian team reviews this score quarterly and will make suggestions or improvements to all items (except for a client’s direct login).
To read about the Watchtower and how to improve your score, visit https://support.1password.com/watchtower/
Sharing Access to our Vault
If you work with a team, you can also share access to our vault with other team members! They will use the same credentials to login to our shared vault.
If you already use 1Password, you can log in to multiple accounts at the same time!
Read more here:
How to format credentials
As we mentioned before, we’ve been using 1Password for a while and we’ve devised a method for formatting credentials that helps everyone find what they’re looking for quickly.
When adding new items to our shared vault, please use the following format to ensure the vault stays organized and items are easy to find:
sitename.com > {service/item name}
For example:
- getvalerian.com > WordPress
- getvalerian.com > HubSpot
Domain registrar
Ideally, we have access to the domain registrar for your clients under a collaborator account.
Troubleshooting: If collaborator access is not available for the registrar, save the login details using the login category. We will coordinate any 2FA when we need to access the domain.
For these items, create a secure note and name it:
sitename.com > Domain
In the note, enter:
Access to domain via {registrar} delegate account
Include the name in the delegate account and add the collaborator account that has delegate access under Related Items.
DNS
Similar to the instructions for a domain above, use a secure note and name it:
sitename.com > DNS
In the note, enter:
Access to DNS via {DNS} collab account
Include account in the Related Items.
Create an item for DNS, even if the DNS is at the domain registrar.
WordPress site admin
Use the Login category for these credentials and name it:
sitename.com > WordPress
You’ll be given fields for username and password; by using 1Password’s 2FA, you’ll also see the one-time codes here.
Be sure to include the website, and if there is a staging site, you can note that as a second website.
The notes section is a great place to store backup codes.
Be sure to use a unique password for WordPress logins. Never reuse a password.
Shopify site admin
To allow us to access a Shopify site, add that site to our partner account access and then create a secure note for each site.
FTP
To add FTP, use the Login category and name it:
sitename.com > FTP
Use the text field for host and port.
We can add FTP during care plan onboarding if a site has not been previously using it.
Google Analytics
Create a secure note related to our shared account for each site that we have access to. Name it:
sitename.com > Google Analytics
In the note, enter:
Access to GA via the Google account below
Include the shared account in the Related Items.
We always use our shared partner Gmail account for Google Analytics.
Third-party hosting
For sites that aren’t hosted with us, create a secure note for each site and name it:
sitename.com > Hosting
In the note, enter:
Access to hosting via {partner} collab account
Include the collaborator account for the hosting in the Related Items.
Shared/agency credentials
We’ve mentioned collaborator/delegate accounts and adding them to the Related Items for the items that are entered as secure notes. If you’re adding a shared login or license key for something like this, follow similar naming structure and details to all the items above:
{partner} > {service/item name}
For example, a partner named Valerian creating a SiteGround collaborator account would name the login item: Valerian > SiteGround Collaborator