If you’ve got a customer we need to export all passwords we are storing for them, you’ll need to do a vault export.
Because of accountability, in the case of a customer off-boarding, we should make a new master/admin/global admin account for the new IT, and give them a default name and password. Let them set up their own MFA.
But if we need to export all that we do have, you’ll need to use the desktop app of 1password 7. 1password 8 does not have export functionality per vault, but rather only our entire account (All vaults). As of the writing of this support article on 1-4-25.
Once you install 1pass 7 on a machine, then you can log in and do an export into CSV of all items in the vault directly. This can then be encrypted email (MAKE SURE) and sent to the new IT or customer. Change the default setting of “common items” to be “all items” and it’ll then export even MFA token strings that people who know what they’re doing can import to their tool of choice.
This will also export all secure notes we save in there. This makes 1pass the best way to give a single export and it’ll include notes saved within the vault as well.
When we would ever send this, it’s incredibly important that we mention that this is an unencrypted file, so we recommend keeping it secure, as accessing it would compromise all accounts instantly.