Why does an Apple fanboy like me need 1Password for Passkeys?
Every device I have or anticipate having uses iCloud, and Apple’s implementation of Passkeys shares them across all devices. Given that, am I not just as well off to let Apple host my Passkeys, and use 1PW only for sites that don’t yet support them?
I apologize if this is an old question, but the only answers I could find refer to mixed-platform environments.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Hello @Tangible409! 👋
Good question! I'd start by recommending that, whichever password manager you choose, you keep your passkeys and passwords in the same place. There are two big reasons:
- Most websites typically don't allow you to fully replace your existing passwords with a passkey, they'll allow you to use either. This means that you'll want to hang on to your passwords for now and managing two different records, one containing passwords and the other a passkey, for the same website in two different managers will just give you a headache.
- Keeping credentials for websites split across two different password managers is confusing. It's better to keep everything in one place, whether you're logging in with a password, passkey, sign-in with, SSO, or some other method. Keeping website A in iCloud Keychain and website B in 1Password will soon become frustrating.
1Password fully supports passkeys and once you save a passkey in 1Password it'll be available on all of your devices.
I'm obviously biased but, as a fellow Apple fan, I use 1Password over iCloud Keychain in my personal life for a few reasons:
- All items are protected using end-to-end encryption using your account password and Secret Key. This dual-key encryption protects data even if 1Password is breached and this architecture is unique in the industry: About the 1Password security model
Amazing dedicated apps for both macOS and iOS that provide powerful editing and search tools:
* Search in the 1Password app to find what you need
* Get to know Quick AccessYou can store all of your most important data in 1Password: passkeys, passwords, sign-in with providers, driver licenses, passports, medical and vaccine information, notes, etc...
- You can share items with your entire family, even if they're not using Apple devices themselves: Share passwords with your family
- Share items even with people not using 1Password: Securely share 1Password items with anyone
- And, if you ever do decide to use a non-Apple device, you'll have access to all of your items there without having to migrate.
I hope that helps!
-Dave
0 -
Another reason might be that if you use a simple (6 digits) PIN code for your iPhone, it might be very easy for a thief of that phone to get to your passkeys (but if you use 1Password, they would also need your, hopefully much stronger, 1Password account password to access get to your passkeys).
0 -
Dave, you make some good points. For now, I will continue to use passkeys in 1p, although once they become universal – a matter of years I think – that may change. The one weakness in your argument may be non-login data. Apple has an advantage in this stuff because it can offer such deep integration among its first-party apps.
13, you also make a good point about stolen phones. Of course 1P has some of this same vulnerability, especially since it odiously and paternalistically insists that we re-enter the master password periodically, and always allows it in place of the biometric. That does require a double theft, of the phone’s code and the master password, so it’s more protected.
The best defense is to not hang out in crowded bars at night, and to use a less convenient long password to open the phone when the biometric fails.
0 -
Unless you specifically decide to allow 1Password to be unlocked using your device passcode, 1Password for iOS will always require either your account password or biometrics to unlock the app. The issue that XIII brought up only applies to unlocking a password manager using a device passcode, not your account password.
especially since it odiously and paternalistically insists that we re-enter the master password periodically
You can choose how often your account password is required by following these steps:
- Open and unlock 1Password.
- Tap the icon for your account or collection at the top left and choose Settings. (If you’re using an iPad, tap your account or collection at the top of the sidebar.)
- Tap Security.
- Choose the desired time period for "Require password".
I hope that helps!
-Dave
0 -
@Dave_1P Thanks for the clarification, and especially for the ability to turn off the forced password entry. But I do look forward to a 100% passwordless future. I assume you guys are having lots of meetings about changing your name: 1 is one too many.
0 -
I have current 1P desktop & iPhone, but iOS 16 so have not yet begun using passkeys. I know there are reasons to use 1P other than passwords-cross-platforms, storing other info, et al. I was however surprised to learn that Apple Keychain, which I have not to date activated, is required for passkeys. Does this mean that passwords & passkeys will then be subject to Apple security measures (as well as 1P)?
0 -
Thanks for the post. iCloud Keychain is not required to save passkeys in 1Password, passkeys are saved in 1Password itself and are protected using the same account password and Secret Key that protects your passwords and other items.
You can learn more about using passkeys on iOS here:
- Save and Sign In with Passkeys Using 1Password on the Web and iOS
- Use 1Password to save logins and sign in to apps and websites on your iPhone and iPad
Let me know if you have any questions.
-Dave
0