Using passkeys without the browser extension
Comments
-
I would love this feature. I actually don't run the browser extensions on any browser and the mac autofill on applications works for all my flows.
It seems like without the browser extension it is impossible to use passkeys, is this something that could change in the future?
0 -
Hello @alock! 👋
Thank you for the suggestion. You can sign in to a website using a passkey from another device by using 1Password on your iPhone. If you're using Safari on your Mac then you'll see the following option when trying to sign in with a passkey:
Make sure that "iPhone, iPad, or Android device" is selected and click Continue. Then use the Camera app on your iPhone to scan the QR code and open the 1Password app on the iPhone to approve the sign in.
I actually don't run the browser extensions on any browser
Is there any reason in particular why you don't? 1Password in the browser is the heart of the 1Password experience and unlocks many amazing features like smart password suggestions, phishing-resistant password filling and saving, masked email aliases, item search in the browser, and more.
-Dave
0 -
Thanks for the reply/creation of the discussion.
Is there any reason in particular why you don't?
I stopped using the extension when 1pw switched it to be fully connected to the online DB. Mostly I don't trust the browser extension ecosystems. Even without the extensions the dedicated macOS auto-filling feature works great, and I believe I get most of the amazing features you highlight.
0 -
I agree with @alock. While the browser extension does offer a pleasing user experience, as mentioned by you, @Dave_1P, I personally prioritize minimizing the attack surface. I guess not installing the extension in a potentially dangerous environment (1Password – About the security of 1Password in your browser: "Limit your use of other browser extensions. A malicious or badly made browser extension could interfere with 1Password or attempt to expose your data. If you need to use untrusted extensions, consider using a separate browser profile just for 1Password.") and therefore no inter-process communication between the native app and the browser extension enhances security, even though the risk might be low. On macOS the autofill feature works just fine for me.
Beyond my security considerations, I'd be really excited to see passkeys function beyond the browser on non-mobile operating systems, ideally with a direct communication not only between the browser and the 1Password app (without requiring an extension, much like accessing a passkey directly on a FIDO security key) but between all native apps and the 1Password app. This could involve a process similar to the experience on iOS (and hopefully soon Android 14) such as opening a native app, selecting "Login with passkey," and triggering a 1Password pop-up that prompts you to "Unlock the vault" and choose from a list of available passkeys.
@Dave_1P: Could you provide insight into the feasibility of this idea? I understand that it might depend on the willingness of OS vendors like Apple and Microsoft to integrate the necessary APIs. However, are there any plans within the FIDO ecosystem to move in this direction?
Thanks a lot for the awesome and speedy work on getting passkeys integrated into 1Password. It's pretty cool to see you guys ahead of the curve while other password managers are still trying to figure it out. I love the new login experience (when the browser extension is installed).
2