To protect your privacy: email us with billing or account questions instead of posting here.

Passkeys in reality?

Steven78
Steven78
Community Member

Hello,

I use macOS and Win11 with different browsers, mostly Firefox, but also Safari, Chrome and Edge.
And I use an iPhone - Apps (of cource) and Safari.
1Password works everywhere - one of the reasons I just love it.

I also like the concept of Passkeys.
But all solutions by Apple, Microsoft and mayby functionality of the browsers themselfs just break the "works everywhere experience". How can anyone use this??

So I was really excited, that 1Password will embrace passkeys and their marketing videos really hit the nail for me.

But I couldn't find any information what the real funcionality will be. Will it really work on all operating systems and browsers, like normal passwords?
When will it be fully released?

I don't really want to install any beta, since my life essentially depends on 1Password working.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • Tertius3
    Tertius3
    Community Member

    @Steven78 There is no obligation at all to immediately use Passkeys everywhere. If they were available everywhere, but they are only available on very few websites. And the main combination (Chrome + Google account) don't even work currently with 1Password, because Chrome hijacks the authentication requests and redirects to the internal passkeys storage.

    Passkeys are currently beta everywhere, not only within 1Password. The algorithm is securely designed, and API's/libraries are mature, because Passkeys are only an extension to the hardware tokens used with the webauthn protocol, but the high level workflows are not working smooth yet.

    World wide websites like Paypal announce passkeys availability - but only in one country, and that country is on the other side of the earth. I don't have the nerve to keep looking every month if that gets available over here.

    My recommendation, if you just want to use it, not try and play with it: wait until summer next year. Or the year after that. It was started quite enthusiastically, however it's really more a general beta test everywhere that will last a few years until it matures. Implementations on the websites are few and lacking, unfortunately.

    I admit, I'm somehow disappointed. From 191 objects in 1Password, I can use 5 with passkeys, and Google+Chrome isn't currently working. Microsoft already works without password with its push login via Authenticator or just inherits the OS login. Paypal is offered but not available in Germany. Adobe is available and works fine, but I don't use Adobe any more. Github is treating Passkeys only as 2nd factor, as you use the TOTP codes, but you have to still use the password. Mysterious.
    That's not satisfying.

  • XIII
    XIII
    Community Member

    Github is treating Passkeys only as 2nd factor, as you use the TOTP codes, but you have to still use the password.

    GitHub has proper passkey support, but indeed in beta only (so far):

    https://github.com/orgs/community/discussions/54450

  • Steven78
    Steven78
    Community Member

    You are probably right - I feel quite enthusiastic about Passkeys from a security point of view (phishing protection for example).
    I also tend to embrance new technologies quite fast. Is this case maybe waiting in the way to go.

    I'm still curious how extensive the 1Password support for paskeys will be. The "works everywhere" is something I don't wanna loose.

  • Tertius3
    Tertius3
    Community Member
    edited August 2023

    I didn't even thoroughly test it on my Android 13 phone - although it's offered as remote passkeys storage via bluetooth, actually using and logging in to sites on the Android phone with 1Password isn't working yet. At least not with Samsung Internet browser, which I use instead of Chrome for the feature to use an adblocker, which Chrome doesn't support.

    Usually, you are just logged in already (and without passkeys). Logins on mobile devices appear as way more persistent than on desktop. When I try to login for example to Adobe (so far they made the best/most transparent Passkeys integration in my opinion), I'm given one try to use a passkey on mobile, however it's only asked for one of the passkeys stored directly on the phone, not 1Password.

    So I just ignore Passkeys at the moment. If I visit a site, and there is a popup on that site that says: "Hey, we changed something here, try Passkeys now, it's now available for you!", I might try it. But I stopped searching and trying actively if sites do support passkeys. There seem to be 3 sides that have to work together to make Passkeys work: the OS, the browser, and 1Password. They don't seem to interoperate enough to make it work, currently. I understand now why hardware tokens failed with a widespread distribution: it's the site and infrastructure support that is severely lacking. It's just only working on extremely few sites. Important sites, but much much too few to be interesting. I want a security feature either everywhere or nowhere.

    I will happily try a new function in 1Password, but only for the sake of testing and giving feedback. For production use, it's still not mature enough. What is, if I lose the device where Passkeys work perfectly, but my other devices don't support it? I can get locked out from sites I switched to passkeys only. This is not something I want to happen.

  • MrC
    MrC
    Volunteer Moderator

    Currently passkeys are like a dust devil in the desert in search of a news reporter.

  • ag_josephine
    ag_josephine
    1Password Alumni

    Hi @Steven78,

    As we continue to test and experiment with passkeys we'll be able to provide more information regarding browsers, devices, etc; for the most up-to-date information, you can keep an eye on the 1Password blog: https://blog.1password.com/

  • Michael01
    Michael01
    Community Member

    Experimenting with passkeys, I just setup a passkey with Adobe on the computer. When signing back into the account, the passkey works flawlessly.

    However, when I attempt to sign into Adobe on my Android 13 mobile device, I needed to enter both the email and 2FA code before seeing the "Sign in with passkey" option. Once I finally chose to sign in with passkeys, I am then asked for either an NFC or USB security key with no option for 1Password which actually holds my passkey.

    Disappointing. I will now wait until this matures, works better and becomes more seamless.

  • Hopefully, 2024 will be the year for loads of improvement all around.

This discussion has been closed.