Disable "Sign in with a passkey" popup completely
Is there any way to disable this? It's adding an unnecessary step/click to an otherwise working yubikey 2FA workflow. It shouldn't hijack the prompt to click a 2FA key.
As a feature request I'd like an option "never ask me this again" for these types of popups, or an option to disable them completely.
https://i.imgur.com/nQbo3WU.png
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Hello @stephenmw! 👋
I'm sorry for the impact to your workflow. Are you seeing the prompt in a business context with a business account? Or is this on a personal device with either a family or individual account?
When locked, 1Password in the browser will show a “Sign in with a passkey” prompt on websites that use a special type of request called conditional mediation. When a conditional mediation request is received, 1Password must prove that a passkey is saved before a sign in option is presented. The “Sign in with a passkey” prompt will appear even if you're not using a passkey on a given website because 1Password in the browser must be unlocked before it can determine if you have a passkey saved for that website. If 1Password is already unlocked, and you don’t have a passkey saved for the website, then you’ll be able to use your normal authentication flow right away.
If you see the prompt and would like to login using a different authentication method then you can choose the USB key icon in the upper right corner of the prompt:
I hope that helps! 🙂
-Dave
0 -
I use 1Password for personal use, but the problem is it's popping up on my company websites (where it's not used).
I have a USB yubikey for 2FA. It's inconvenient for me for 1Password to insert itself into this workflow, since it's not used to login to this website. Most of the time my 1Password is locked, so this results in additional prompts and clicks every time I login.
I believe a "Don't ask me again" would be a great addition to this prompt.
4 -
+1 with this issue.
On a business account and 1Password is hijacking my Duo hardware key prompts. Using Edge on a Mac.
Normally I click on a bookmark, page starts loading, redirects to Duo, I tap my yubikey, and login proceeds.
Now what happens is 1Password takes over, wants me to unlock, which brings-up the main 1Password window. I have to close that, and then click on the little Yubikey icon, which then brings back the normal hardware key prompt in the browser.
Ideally we can tell it to ignore on certain sites/domains. For now, I disabled the Passkey functionality completely in the browser extension. This allows me to go about my day-to-day without disruption to my workflow. However, I'm interested in eventually using Passkeys for other sites.
3 -
This morning it happened again, even though I disabled it my extension. Here's a screenshot of what happens when I go to my web app, which redirects to Duo. Out of habit, I touch my Yubikey but instead I get these two pop-ups and have to close 1Password and then click the Yubikey icon to proceed. So what was once a very streamlined login - click my bookmark, touch my yubikey - now takes two clicks dismissing these things and then I can touch my yubikey and proceed.
1 -
+1 here. I use TouchID for 2FA, also via Duo. 1Password doesn't know anything about that passkey, but is unnecessarily inserting itself in the middle of the workflow. I would love to have some more granular control here.
1 -
+1 too, I have to use a yubikey 2-3 times a day, and invariably I've locked my machine (and in turn the 1Password extension) so it messes with my workflow every time. Would like to have the option to switch it off.
EDIT: I re-read earlier comments and saw it can be switched off (which I did), so this ask is less urgent in my eyes now. That said, "Don't show me this again" would have been a better experience for me.
1 -
I hope that helps! 🙂
I am sorry, @Dave_1P, but no, this does not help.
I think OP was clear in the subject when saying disable and completely. What you offer is a workaround that still pushes us to do one extra action during our everyday work flow.
So, I reinforce the question: how to disable this unwanted feature completely?
I don't need to click something extra when the point of having a physical token (YubiKey in my case) is to make the authentication easier. 1Password is getting in the way for no reason and I would like to go back to normal. Can 1Password help us here?
3 -
If 1Password is already unlocked, and you don’t have a passkey saved for the website, then you’ll be able to use your normal authentication flow right away.
I keep 1Password locked as much as possible for security reasons, and I don't think it's a wise workaround to ask users to keep 1Password unlocked to get around this issue.
1 -
Ok, vie email support I've got what looks like the thing we were looking for: how to disable it.
Individual team members can configure 1Password in the browser to not save or sign in with any passkeys. Right click the 1Password icon in the browser toolbar > Settings > Autofill > disable "Save and sign in with passkeys". Repeat this process in other browsers or browser profiles, since the setting is stored per installation of the extension.
1 -
I did this already and it worked. Then it just turned itself back on. Which is what prompted me to create an account here and post.
0 -
edited:
Whoopsie @unpassword I misread your posting. I somehow missed the middle sentence altogether. I have not seen that behavior mentioned before. If you turn it off and quit the browser then follow that with a start the browser does it stay off?
0 -
I was unable to replicate that experience with Safari, Chrome and Firefox. Which browser are you using? How long did it take for the setting to become active again? Perhaps I did not wait long enough.
0 -
Edge for Mac. The next morning it had changed back. I can try it again next week when I’m at the office.
0 -
+1 for this. The current implementation is horrible It has totally ruined my yubikey sign-in workflow. My 1password is locked all the time (as is best practice) I do not want to have to push the usb icon every time. Ridiculous! At least let us disable the passkeys feature entirely in the browser extension and then have the setting actually stick!
0 -
Quick quick update… I realized that the setting did persist. The workflow breaks only when 1Password is locked. Which typically locks itself after 10 minutes.
0 -
With 'Offer to save and sign in with passkeys' toggled off in the 1Password extension - I haven't encountered the WebAuthn injection that 1Password was doing to offer Passkey integration. (i.e. it's working as it should for me).
Firefox 117.0.1
Microsoft Edge 117.0.2045.40
1Password in the browser 2.15.1
macOS 13.6I've tested with 1Password unlocked, locked, desktop app exited, and 1Password locked then browser relaunched - every time it respects that passkey setting.
What versions are you running @unpassword ?
1 -
These are my specs:
Microsoft Edge – Version 117.0.2045.40 (Official build) (arm64)
macOS – 13.5.2 (22G91)
1Password in the browser 2.15.1 – 21500107, on STABLE channelI just changed the setting again - let's hope it persists.
Funny enough, Duo just sent out an email to all users with instructions and screenshots.
0 -
Thanks for the feedback dlacaille and you too unpassword.
0 -
So far so good. Updated macOS to 13.6 and after rebooting the setting has persisted, and I was able to login seamlessly to my work apps this morning.
At this point, as suggested by the OP, an allow/block list would be useful so that we can use PassKeys on select sites.
Thank you all.
0 -
Thank you for getting back to us @unpassword, I have passed your feedback on to the team.
Let us know if there's anything else we can help with at all.
ref: PB36041800
0