Docs › Vault Sharing & Permissions
Vault Sharing & Permissions
Share credentials securely with colleagues, team members, or family. Control exactly what each person can see and do with shared vaults.
Sharing Overview
SecurityCreds allows you to share entire vaults (not individual credentials) with other users. This approach:
- Makes it easy to manage shared access
- Allows grouping related credentials together
- Provides clear visibility into who has access to what
- Simplifies permission management
Sharing a Vault
To share a vault with another user:
- Navigate to Vaults
- Open the vault you want to share
- Click the Share button
- Enter the email address of the person you want to share with
- Select the permission level
- Click Send Invitation
The recipient will receive an email invitation. They must accept the invitation to access the vault.
Permission Levels
When sharing a vault, you can assign one of three permission levels:
| Permission |
View |
Copy |
Edit |
Delete |
Manage Members |
| Viewer |
Yes |
Yes |
No |
No |
No |
| Editor |
Yes |
Yes |
Yes |
No |
No |
| Admin |
Yes |
Yes |
Yes |
Yes |
Yes |
Viewer
Best for users who only need to use credentials without modifying them.
- Can view all credentials in the vault
- Can copy usernames and passwords
- Can view and copy TOTP codes
- Cannot add, edit, or delete credentials
Editor
Best for team members who need to maintain credentials.
- All Viewer capabilities
- Can add new credentials to the vault
- Can edit existing credentials
- Cannot delete credentials
- Cannot manage vault sharing
Admin
Best for managers who need full control over shared credentials.
- All Editor capabilities
- Can delete credentials
- Can invite new members
- Can change member permissions
- Can remove members
Vault Owner
The vault owner always has full control and cannot be removed. Even Admins cannot remove or change the owner's permissions.
Accepting Invitations
When someone shares a vault with you:
- You'll receive an email notification
- Click the link in the email or go to your SecurityCreds dashboard
- Find the pending invitation
- Click Accept to access the vault
You can also decline invitations if you don't want access to the vault.
Managing Shared Access
Viewing Members
To see who has access to a vault:
- Open the vault
- Click Members or the members icon
- View the list of all members and their permission levels
Changing Permissions
Vault owners and Admins can change member permissions:
- Open the vault members list
- Find the member
- Click the permission dropdown
- Select the new permission level
Removing Access
To remove someone's access to a vault:
- Open the vault members list
- Find the member
- Click Remove
- Confirm the removal
Immediate Revocation
When you remove someone's access, they immediately lose the ability to view the vault and all credentials inside. However, they may have already copied passwords to their own storage.
Sharing with Teams
Instead of sharing with individuals, you can share a vault with an entire team:
- Open the vault
- Click Share
- Select Share with Team
- Choose the team
- Select the permission level for team members
All team members will automatically have access. New members added to the team will also get access.
Best Practices
- Principle of least privilege - Give users only the permissions they need
- Use Viewer for most shares - Most users only need to use credentials, not edit them
- Review access regularly - Remove access for people who no longer need it
- Create purpose-specific vaults - Don't share your entire credential collection
- Use teams for departments - Easier to manage than individual shares
Audit Trail
All sharing activities are logged in the audit trail:
- When a vault is shared
- When permissions are changed
- When access is revoked
- When invitations are accepted or declined
Enterprise users can export these logs for compliance purposes.
Related Documentation