I would like to use Organizations and Collections in a family context. Consider
Me: main owner (Family 1)
Michael: my son (Family 1)
Anna: my wife (Family 1)
John: my brother (Family 2)
Gary: my father (Family 3)
My typical usage:
a personal vault (for Me)
items shared with all Family 1 members
items shared only with Me and Michael (in Family 1)
items shared with Me, John and Gary (to manage Gary’s stuff with my brother)
items shared only with John (one member of each Family 1 and Family 2)
I have a hard time building the correct Organization(s) and Collection(s) within each organization to handle such varied ways of sharing. Are there best practices for that?
There could be a few ways you could structure this depending on your use-case and desired access and controls.
Personally I handle this with the use of a Family Organization.
Method 1
Use a single premium family Organization, which includes up to 6 members including yourself. (This is also included for free if you have an applicable enterprise work account)
You can create a Family Organization
Create Organization Collections as needed between different sharing units, i.e.
Collection 1 (All Family 1 members - You, Michael, and Anna)
Collection 2 (You and Michael) - This can be another collection or a Nested Collection, where you only assign access to the collection to who needs it.
I.e. Collection 1 all Family 1 members get access, but Collection 1.a is only shared between yourself and Michael in Family 1.
Collection 3 (You, John, and Gary)
Collection 4 (You, and John)
Invite each family member user to your Family Organization, you can then apply the appropriate access controls and Collection access that each person should have access to.
As each user signs up for an account, you can assist them with ensuring a secure master password, enabling 2FA and keeping a record of 2FA backup codes. As a member of a premium Family Organization, those premium benefits also extend to each user’s own individual vaults.
I would recommend setting up emergency access for your individual vaults, as this will allow for account take-over/control in the event you may lose access (such as forgetting a master password, or being locked out from 2FA)
I was thinking another way you could possibly get around this would be with the use of multiple free organizations.
This proves to be a challenge as a user can only create a single free Organization, but can join as a member of another, i.e you created a free Org between you and your father, and your brother could create a free Org for items shared between yourself and your brother.
This proves to not fit your use case however as a free Organization is limited to a max of 2 members, and the need for shared logins between 3 members in Family 1 (You, Michael, and Anna) + 3 members for Family 2 and Family 3 (You, John, and Gary).
If you have any questions feel free to drop them below, there are definitely multiple ways you can set up collections and access controls which can get a bit confusing.
Hopefully this gives you a better idea for how you can allow access for certain shared logins for only certain people.
Thank you for the extended answer. I am not limited in the number of Organizations (I should have made that clear) and my problem revolves more around the three independent “Families” that would not otherwise interact outside of the links I mentioned in my bullet points.
The solution you suggest is, if I got that correctly, a large single “Family” organization encompassing everyone.
In that case, I would probably go for “Collections” being each a person, to whom (the person = the collection) I would assign access to a given entry.
Correct, while you could use multiple Organizations for this and if you’d like to you absolutely so can. Though the use of a single Organization would be far cost-productive as you will only need a single Org to accomplish what you want.
The other issue with using multiple Orgs in this case would be that your end-users who are separated in multiple Orgs may also have a harder time remembering which one to check.
i.e Does Michael look in the shared vault between only you and Michael, or in the vault for all of Family 1? Same for John, are logins stored in the Family1 and Family2 vault, or are they stored in the vault between yourself, John, and Gary.
While if you choose to separate Family1, Family2, and Family3 into separate Organizations then you will still need to most likely manage things with collection access regardless so IMO it makes sense to just keep everything easy under one Family Organization and then manage access for everyone with their access to each collection(s) they need and any nested-collections.
