We’re all in on passkeys, and we’re starting with 1Password.
Passkeys are the modern alternative to passwords. They’re easier to use, harder to steal or crack, and built on proven, open standards designed to make logging in to your favorite apps and services faster and more secure.
And they couldn’t come at a better time: credential-based attacks are only accelerating. In 2022, it was rare that a month went by without a high-profile social, identity, or security service being breached.
Instead of playing whac-a-mole with passwords, why not eliminate that avenue of attack outright? That’s our mission. It’s why we’re at the forefront of passwordless advocacy, and why we’ve committed to adding full support to 1Password for generating, managing, and using passkeys.
But there’s still one small gotcha, and it’s right there in our name: “one password.”
For passkeys to be the way forward, it’s not enough for them to replace some of your passwords. They have to be able to replace all passwords – including the one you use to unlock 1Password.
So we’re incredibly excited to announce that, starting this summer, you’ll have the option to create and unlock your 1Password account using only a passkey! No passwords required.
What this means for you
Now, unlocking 1Password without a password is nothing new. It’s something we do every day using biometrics. 1Password was the first third-party iOS app to offer Touch ID, all the way back in 2014, and since then we’ve added support for Face ID, Windows Hello, Android Fingerprint, and more.
But as convenient as biometrics are today, they don’t actually replace the password; they only mask it. That’s why 1Password asks you to type in your password periodically in order to ensure that you have it memorized.
Passkeys also use biometrics, but they allow us to go farther and eliminate the underlying password entirely. If you’re curious to learn how exactly they work, you can explore our passkey explainer. But in a nutshell, passkeys are built on the same security foundation as our Secret Key – public key cryptography – but without requiring a password. This ensures strong security properties, while being a heck of a lot more convenient to use.
It’s win-win for both security and usability.
All you’ll ever need to sign in to 1Password, unlock your vaults, and securely access your data is your one passkey.
More and more sites and services are adding passkey support every week, but whether you’re first in line to start using them, or you need to rely on passwords for a while longer, we’ve got you covered.
With 1Password, you can focus on what you need to get done without worrying about how you’re signing in.
From 1Password, to No Password?
It feels counter-intuitive at first: how can your data be safe if you don’t even use a password to access it? Well, the properties that make passkeys more secure than passwords in general also make them ideal for securing 1Password.
Unlike user-created passwords, passkeys are strong and unique by default. They’re generated and stored on your devices, and they’re never shared with our cloud service.
Passkeys are also resistant to phishing, and they have a full 256 bits of entropy to prevent cracking – providing even more protection than our Secret Key. They’re safeguarded by biometrics and hardware-level security. And we’re building them to be portable between all your devices and platforms.
Passkeys unlock truly exciting possibilities for 1Password users. With them, you can:
- Create a 1Password account without a password or a Secret Key.
- Sign in on new devices with ease.
- Use your phone to unlock 1Password on your Mac, PC, and in the browser.
- Accelerate onboarding for enterprise users, or friends and family.
- Use built-in biometric authenticators everywhere you use 1Password including on the web.
This is just the beginning of our passkey journey. And while there’s still a lot of work to be done, we wanted to share a glimpse of where we’re headed:
If you’re amped up by what you see here, keep in touch. Sign up for our passwordless newsletter, follow us on Mastodon, or reach out directly to firstname.lastname@example.org.
Tweet about this post