Passkey stored in 1password?
I apologize in advance if this question is dumb, but I'm throwing it out there anyway. I have added a Yubikey 5NFC passkey to several providers I use. So now I have the physical yubikey I can use, OR I can simply store the passkey in 1password and use that to login.
I thought the whole idea with a passkey is that my private key never leaves my device, is never transmitted over the wire, which is what makes it so secure. If my passkey is being stored in 1password, doesn't that imply that 1password is storing my key in my vault, which is in their private cloud? So my key IS being transferred over the internet as it's stored and retrieved from my vault.
Am I missing something here?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
Hello @timminator! 👋
Thanks for reaching out! Passkeys are generated by 1Password on your device using a public-private key pair and the underlying private key never leaves 1Password. When you save a passkey to your 1Password account it is encrypted locally using end-to-end encryption which means that it can only ever be accessed by first decrypting it using two secrets that only you know: your account password and Secret Key.
You can read more about 1Password's security model here: About the 1Password security model
Let me know if you have any questions. 🙂
-Dave
0
