1Password - LastPass Transition FAQs
*click each title to expand the section
Why are 1Password accounts being created in December?
1Password is being made available in December to current LastPass users for several reasons. This is not a hard transition date and LastPass is available until May 2025. Both 1Password and LastPass will be available between December 2024 and May 2025, and users and teams should determine their own migration date within that transition window.
LastPass and 1Password have a "zero-knowledge" architecture that requires users to migrate their own passwords from LastPass into 1Password. To give as much time as possible for users to migrate, the first step of the transition is creating accounts in 1Password. Users are NOT required to migrate right away, and will have until May 2025. While invites will be sent in December, it is up to each user and team when they'd like to activate their 1Password account and make the switch to 1Password.
Another reason for creating accounts first is to support migrating permissions for Shared Folders into 1Password. Permissions will only be carried over from LastPass if the accounts exist in 1Password. Users and teams are NOT required to migrate Shared Folders right away, and will have until May 2025. When your team is ready to migrate your shared folders, contact the 1Password admins at 1passwordadmins@office365.wisc.edu.
What was the Password Manager review process and timeline?
June 2023
- Team formed to evaluate Password Managers at UW-Madison
July 2023
- Team identified top Password Managers to evaluate
- July 2 - Asked ITCCC for help testing
- July 18 - Survey sent to all LastPass users to gauge impact of breach
August 2023
- Shortened list to 1Password, Keeper, and Dashlane
- Tested POC instances of 1Password, Keeper, and Dashlane
September 2023
- Additional testing done with campus users of 1Password
- 1Password selected as recommended replacement for LastPass
October December 2023
- Technical integration testing of 1Password for SSO and provisioning
- December 7 - Presented 1Password recommendation at MIST
January 2024
- January 16 - 1Password provides vendor demo and Q&A session for campus
- Joined Internet2 NET+ 1Password Service Evaluation
February 2024 June 2024
- Participated in Internet2 NET+ 1Password Service Evaluation
- June 18 - Presented 1Password recommendation at ITCCC
- June 20 - 1Password update shared at MIST
September 2024
- Completed Internet2 NET+ 1Password Service Evaluation
- Obtained final approvals from decision makers
October 2024
- Procurement
- Kickoff Transition
November 2024
- Communications sent to current LastPass users
Who is eligible to activate a 1Password account?
Enrolled students, student employees, and paid faculty and staff will be eligible to activate a 1Password account. Alumni and unpaid staff will not be eligible. The 1Password contract does not allow for extending to non-UW entities.
1Password offers options for sharing with third-parties, consultants, and other limited term users. These include Guest accounts and time restricted sharing links, which can be used to accommodate scenarios where a user is not eligible for a 1Password Enterprise account but needs access to a password.
What email address will be used for my 1Password account?
New 1Password accounts are created using your netid@wisc.edu email address.
Netid@wisc.edu is used because it is a unique and mostly permanent identifier for users. Users at UW-Madison may have many email addresses in a variety of systems, and can set a preferred email in Profile that differs from their primary email address in Microsoft 365. Preferred and primary email addresses change much more frequently than netid@wisc.edu. Because of these variations across systems, netid@wisc.edu is used to ensure users are able to login to 1Password.
Will there be availability overlap with LastPass and 1Password?
Yes. LastPass has been renewed until the end of May 2025. Users will have until this date to migrate from LastPass to 1Password. The zero-knowledge architecture of Password Managers requires users to migrate themselves from one tool to the other.
What is the migration timeline?
We will begin to provision 1Password accounts for existing LastPass users starting December 2nd, 2024. Once a 1Password account has been created, users can start migrating their passwords from LastPass. For the best experience, users should migrate before May 1st, 2025. While migration is still possible after this date, users may need to contact LastPass support for assistance.
What happens to LastPass accounts after May 2025?
LastPass accounts are not deleted when the Enterprise license expires. They convert to a Free account. Users will have the option to pay for their own LastPass license if theyd prefer to keep using their existing LastPass account.
What happens if a user forgets to migrate their data before the deadline?
Users who do not migrate their data before the LastPass license expires will still have access to their LastPass account as an Enterprise user for 14 days. They can use this time to complete the migration. Their account will then be removed from the UW-Madison Enterprise instance and converted to a free account. After this period, they may need to contact LastPass support for assistance accessing the account. Users can still import to 1Password from a free LastPass account. Reference: My LastPass Business plan is about to expire, what should I do?
Can users opt-out of the migration?
While it is highly recommended for all users to migrate to 1Password for enhanced security and support, users may continue to use LastPass. To maintain premium LastPass features, users or Departments have the option to pay for their own LastPass licenses.
How will users migrate from LastPass to 1Password?
LastPass users can transfer passwords, Secure Notes, and other items from LastPass into 1Password in the desktop app.
- Private folders will be converted to tags. Shared folders can only be imported by a person who has administrator privileges in the folder.
-
Individual items that are shared with the user directly (not via a folder)will be imported.
-
Password history is imported for shared items, but not private items.
More details on the 1Password Import Tool can be found here: 1Password - Migrate your passwords from LastPass
What security measures are in place to protect data during the migration?
Both LastPass and 1Password use end-to-end encryption to protect data. During the migration, data is transferred securely using encrypted channels. Users are encouraged to follow best practices such as using strong, unique passwords and enabling two-factor authentication.
How will shared folders be migrated from LastPass to 1Password?
Shared folders will be converted to vaults, and will include their group permissions. We will create groups in 1Password with the same names as LastPass groups. Shared folders can only be imported by someone who has administrator privileges in the shared folder. After a shared folder is imported, it will not be available for other administrators to import.
Learn more about vaults: 1Password - Create, share, and manage vaults
Is there a free personal account option available like there is with LastPass?
Yes. Users with an active 1Password Enterprise account get a complimentary 1Password Families membership, which they can share with family. To redeem the free membership, the family account is linked to the enterprise account. Only subscription status will be linked. No other information is shared.
Does the 1Password Import Tool work for personal accounts?
Yes. The Import Tool from 1Password can be used for both Enterprise and Personal 1Password and LastPass accounts.
Can personal and enterprise accounts be linked?
Yes. Users can sign into multiple 1Password accounts in the desktop and mobile applications and see all saved passwords in one interface. Users can also sign into multiple accounts in a web browser, but only one is viewable at a time. More details: 1Password - Login to multiple accounts
What options will be available to users with existing personal 1Password accounts using a wisc.edu email address?
1Password uses instances and while not recommended, the same email address can be used for an Enterprise and Personal account. Your existing account will not be impacted if a new account is activated in the UW-Madison Enterprise 1Password instance (https://uw-madison.1password.com/).
Can groups be used for sharing permissions?
1Password offers grouping functionality that is significantly better than exists today in LastPass. Custom groups can be used to manage a team by project, department, or location.
When a user is no longer affiliated with UW-Madison, what happens to saved passwords?
Ineligible users will lose access to 1Password. If a student or employee has any work items in their vault that others will need to access later, they should be moved to a vault others have access to. New vaults can be created for this purpose. Other items can be moved to a personal 1Password account. If they do not have a personal account, they can sign up for one.
What happens if a user updates their email address?
If a users email address is changed in our identity provider, 1Password will email the user and ask them to accept the change.
Will there be any restrictions on sharing passwords?
Today, LastPass users are only able to share passwords with users who have an @wisc.edu email address. 1Password offers more flexibility, including the ability to share with people who can verify their email address. Users can share items with anyone but must specify the email addresses for each recipient. Recipients must verify they have access to the email address before they can view the item.
Are tools available for developers and other advanced use cases?
1Password offers a Command Line Interface tool, and has other Secrets Management capabilities. This can be used to securely access secrets in 1Password during development.
What training resources are available for users?