Passkey questions

I am trying to understand passkeys. I do understand I will need to set up a biometric (face, fingerprint, or window hello). Will this need to be done on each device that I use, or will 1password transfer this information to different devices. Also, can the passkey be shared?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • Hi @Frank15740

    When you save a passkey in 1Password, that one passkey is made available to all the devices and browsers you have signed into 1Password on. This means that you may use Face ID on iPhone, Windows Hello on Windows, and account password on Android to unlock 1Password and access the same passkey everywhere.

    Also yes, you can share passkeys saved in 1Password with other 1Password users either through a shared vault or using an item sharing link :)

  • Frank15740
    Frank15740
    Community Member

    Thanks!

  • Tangible409
    Tangible409
    Community Member

    I don’t understand how sharing with another person works. If I can provide my passkey to someone else and they can use it even though they obviously don’t have my biometric id, doesn’t that mean that it’s just another name for a password?

  • baggend
    baggend
    Community Member
    edited September 2023

    @Tangible409 Biometric passkeys aren't actually tied to any biometric data, they're just using your biometric data to keep the randomly generated passkey stored on your device. All passkeys are just a public key and private key pair made up for each specific site. The site you're logging into gets the public key because that doesn't need to be secure, and the private key that 1Password or some other vault (Mac OS/iOS Secure Enclave, Windows Hello, etc) stores for you. When you "log in" with biometrics, you're just unlocking the vault that the randomly generated private key is in so that it can be used to authenticate you.

    So when you share a key with someone, your biometrics unlock the vault, the randomly generated key gets copied and shared with a friend, and then your vault locks again.

    Note: I don't work for 1Password, I just work with web authentication

  • Frank15740
    Frank15740
    Community Member

    Thanks. So, does this mean that I would need to open Password1 with my biometric before it can be shared? What if Password1 needs to be opened by a trusted partner (ie wife), and I am not around?

  • baggend
    baggend
    Community Member

    No, the way you unlock your vault doesn't matter. Biometrics aren't tied to passkeys in any way, they're just another way to unlock them. But if you have a passkey stored in 1Password you can continue to just access it with your master password or any other method you'd normally use to unlock 1Password.

  • Frank15740
    Frank15740
    Community Member

    Thanks. So, if 1Password sets up a passkey to unlock, I can use it, or master password?

  • Hey @Frank15740,

    Your passkeys to sign in to websites are stored within your 1Password account so as long as you can unlock this (with your Account Password or biometrics) you can use your passkeys to sign in.

    I hope this answers your question!

  • Frank15740
    Frank15740
    Community Member

    Thanks to all!

  • You're welcome @Frank15740,

    Let us know if you have any more questions!

This discussion has been closed.