What is the advantage of a Passkey over a password?
I don't understand the advantage of using a passkey vs. a password, or how they work for that matter. And there is only sketchy information for us non-techs on 1Password concerning this. Do I need an additional device to use them. Obviously, I'm no security expert.
1Password Version: 8.10.16
Extension Version: Not Provided
OS Version: macOS 14
Browser: Not Provided
Comments
-
Hello @gsetser! 👋
Thank you for the question! Passkeys are a modern alternative to passwords – they enable people to log in to their online accounts without having to enter a password.
Unlike passwords, you can’t create a weak passkey. Passkeys are generated by 1Password using a public-private key pair, which makes them strong and unique by default. Passkeys can't be phished like traditional passwords because the underlying private key never leaves 1Password – this also makes them resistant to social engineering scams.
Do I need an additional device to use them.
Nope! Passkeys are safely stored in 1Password itself and they're protected using the same encryption and security as your passwords today.
You can read more about passkeys on our blog:
- What are Passkeys?
- Passkeys: Frequently Asked Questions (FAQs)
- Save and Sign In with Passkeys Using 1Password on the Web and iOS
Let me know if you have any other questions. 🙂
-Dave
1 -
Questions below:
1. If I have a Passkey for a site, can I still use my old password to access that same site?
2. Is it possible to have both a Passkey and a Password for a given site? (I understand that this would defeat the security advantage of a Passkey. I'm just asking.)
3. My laptop is new but my current iPhone cannot be used with iOS17. If I use a Passkey on a given site, does this mean I can ONLY get into that site from my laptop, since I cannot use Passkey on my phone?
4. Right now, I can log into a password-protected site from a hotel computer then print a boarding pass from that computer. Is such a thing even possible with a Passkey? I obviously wouldn't want to risk accessing 1Password from a public computer. How would I manage that process using a Passkey with my current phone? With a iOS17-capable phone?
5. If I set up a Passkey through my Apple iPhone with a specific site, then later want to use that Passkey through 1Password, can I share that Passkey from Apple with 1Password? Or do I need an entirely different Passkey in 1Password to access that particular site?I get that Passkeys are more secure. Eventually they may also be more convenient. I'm not sure that they are more convenient, for me, yet.
Thanks so much for your help.
0 -
Thank you for the reply, I'm happy to answer your questions.
- If I have a Passkey for a site, can I still use my old password to access that same site?
- Is it possible to have both a Passkey and a Password for a given site? (I understand that this would defeat the security advantage of a Passkey. I'm just asking.)
For the moment, many websites don't offer the ability to fully remove your password after adding a passkey so you'll be able to sign in using either your passkey or your password in most places. Continue to make sure that all of your passwords are strong and unique: Use the password generator to change and strengthen your passwords
If you're using websites that do fully replace the password with a passkey then you won't need the old password anymore.
- My laptop is new but my current iPhone cannot be used with iOS17. If I use a Passkey on a given site, does this mean I can ONLY get into that site from my laptop, since I cannot use Passkey on my phone?
Saving and signing in using passkeys with 1Password on an iPhone or iPad requires iOS 17 or later. If you're using an older version of iOS where passkeys aren't available then apps should provide fallback sign in options like a password or magic link (a one-time sign in link sent to your email address).
- Right now, I can log into a password-protected site from a hotel computer then print a boarding pass from that computer. Is such a thing even possible with a Passkey? I obviously wouldn't want to risk accessing 1Password from a public computer. How would I manage that process using a Passkey with my current phone? With a iOS17-capable phone?
Be careful about signing into websites on public computers, some might contain malware that will monitor what you do on the website or try to steal your credentials. If you're certain that a certain public computer is safe to use then you can sign in with a passkey using an iPhone running iOS 17 or later. This is what the general process looks like:
- Open the browser on the computer.
- Find the website's sign in page and choose to sign in using a passkey.
- The website will display a QR code.
- Use the Camera app on your iPhone to scan the QR code. A prompt from the 1Password app will appear on your iPhone asking you if you want to sign into the website on that computer.
Once you tap on the prompt from 1Password on your iPhone, you'll be signed into the website on the computer. This also helps you to avoid typing in passwords on public computers. Make sure that you log out from the public computer when you're done.
- If I set up a Passkey through my Apple iPhone with a specific site, then later want to use that Passkey through 1Password, can I share that Passkey from Apple with 1Password? Or do I need an entirely different Passkey in 1Password to access that particular site?
You'll need to save a new passkey in 1Password and remove the old passkey from iCloud Keychain.
At this stage, you cannot import or export passkeys. We’re working closely with platform vendors and other password managers through the FIDO Alliance to create a secure way to import and export passkeys. We believe it’s your choice where to store and use your passkeys. Hopefully we’ll have more to share soon.
I hope that helps. 🙂
-Dave
0 -
Thanks for your help, Dave. I'm thrilled that 1Password is moving forward on this. Right now I will use Passkeys judiciously, but look forward to the day when the road is smoothed out. I see the friction, for me, at the moment, but it's a great option.
0