Accuracy is important in just about everything we do, so it’s difficult to think of a situation in which one can be too exact. But it’s not impossible.
There’s good ol’ 1Password search, for instance, which is perfectly functional. It’s also overly precise and highly inflexible. When I search the term bank, my bank login is never returned because my financial institution doesn’t have the word bank in its name, and I lacked the foresight to tag every banking-related credential with the appropriate tag. Because I, like you, expected 1Password to just… know.
Now it does.
With the latest version of 1Password, we’ve introduced a better search experience. Now your item searches are useful and much more helpful thanks to large language models (LLM).
Yep, that says LLM. And, yes, LLM is a type of artificial intelligence (AI).
What follows is a deep dive into how we use it securely.
Out with the old
Before we get into how incredible the new is, I think it’s important to understand where we started.
In the original 1Password search, a token was assigned to each word or term and the algorithm looked for exact matches in those tokens. For example, 1Password saw this text as two tokens; snake_case would be two tokens, as well.
1Password turned item data into a list of tokens, then checked your search input to see if it matched tokens in the list. The more matches found, the higher the item ranked in the search results. That’s essentially it.
There are ways for power users to amp up their results. We haven’t made much noise about filtering in the past but the older 1Password search algorithm supported filters so you were able to customize (and narrow) your results.
A search of =untagged bank queries the term bank in all items without tags, for example. Similarly, =vault:Private bank searches the term bank only in your private vault.
Filters helped (if you knew how to use them) but there was a lot of work to be done.
In with the new
After dropping those two specific and often controversial vowels in the introduction, here we are: The new 1Password LLM-supported search.
You may notice I used the word “supported.” Very intentionally. Because there’s no LLM technology in 1Password itself. That means the LLM interacts with precisely zero user data.
We only rely on the LLM to derive keywords from popular website metadata and compile the words into a list indexed by website domain. We then make the list accessible to the 1Password clients. After the keyword list is downloaded, searching works entirely offline.
There’s also a multi-step process to make your searches smart and keep them safe.
When you perform a search, 1Password compares your query to the keyword cache, finds websites that match your search term, then locates items in your vault that match those websites. And that keyword cache is secured the very same way all vault items are secured. That means if a theoretical attacker were to gain physical access to your device, no part of the new search design could help them determine what’s in your vault — a privacy-preserving implementation similar to that of rich icons.
All this is to say (reiterate) AI is part of the process but doesn’t interact with your information. Ever.
What once was old is new again
While the original 1Password search was rigid, we had a few things right. So, we retained it — the original search and its exact matches work right alongside the new search. We also kept great features like Quick Access and those handy filters that help you narrow your search results.
It’s worth calling out the other long-time 1Password feature we brought to the new search capabilities: security.
There’s no question AI use can go badly. But when the technology is implemented thoughtfully by people who care, its power can be harnessed for amazing things.
With our improved search results, the innovation you’ve come to expect from 1Password enhances usability, and our secure design remains intact. When we restrict LLM to tasks outside 1Password, we use AI to make your search results more accurate without sacrificing your privacy.
And that’s a pretty amazing thing.
With thanks to the following contributors:
- Sean Aye, Sr Developer
- Tiemoko Ballo, Sr Security Developer
Megan Barker
Security Scribbler
![1Password product enhancements [Summer edition]: Recovery codes, auto-save, and more](/posts/2024/product-update-features-and-security/header.png)
Tweet about this post