WebAuthn & TPM issue

Question

Hi!
I started testing 'unlocking with passkeys' few days ago, and I have encountered few problems, especially with webauthn (in browser) and TPM (in Desktop app).

1Password doesn't seem to hijack webauthn listeners on this type of account and instead of extension popup, I'm getting native windows popup to either use Mobile or Security Key.
I tested this behavior on both GitHub and Google - both show the native windows popup.

TPM issue is, when I enable Use the Trusted Platform Module with Windows Hello, I'm required to type my PIN two times before unlocking the vault, or allowing an app to access my ssh key. This isn't the case on normal account.

If you'd like some logs from me, I will gladly provide them. Thanks!

1Password Version: 8.10.33
Extension Version: 2.25.0
OS Version: Windows 11 26120.670
Browser: Edge 128.0.2620.0

1p_dave · Answer

Hello ririxi! 👋

I'm sorry that you're running into trouble when using passkeys. Just to clarify: are you using a 1Password account that's secured using an account password and Secret Key to sign in to Gitlab and Google using a saved passkey? Or are you using a beta 1Password account that is itself unlocked using a passkey?

If you're not using a beta passkey unlock 1Password account then can you tell me what kind of account you are using? Is it a family, individual, business, or teams account?

As a first step, please make sure that the built-in password manager is turned off in Edge and that 1Password in the browser is set as the default: Turn off the built-in password manager in your browser

Then, make sure that saving and signing in with passkeys is enabled:

Open your browser.
Right-click on the 1Password icon in your browser's toolbar and click Settings. 
Click Autofill &amp; save. 
Make sure that "Offer to save and sign in with passkeys" is turned on.

I look forward to hearing from you.

-Dave

ririxi · Answer

Disabling Offer to save and sign in with passkeys actually fixed it. It must have enable itself at some point, but the problem with Use the Trusted Platform Module with Windows Hello still exists since it's related to the desktop app. It is happening on the beta account of Unlocking with Passkeys

1p_dave · Answer

ririxi

Thanks for the reply. So that I can look into this further, can you reproduce the TPM issue one more time and then I'd like to ask you to create a diagnostics report from your Windows PC:

Sending Diagnostics Reports (Windows)

Attach the diagnostics to an email message addressed to support+forum@1password.com.

With your email please include:

A link to this thread: https://1password.community/discussion/146046/webauthn-tpm-issue
Your forum username: ririxi
Please do not post your diagnostic report to the forum. This is for your privacy and security.

Please send the entire file.

You should receive an automated reply from our BitBot assistant with a Support ID number.  Please post that number here.  Thanks very much!

-Dave

ririxi · Answer

The Support ticket ID is: EUJ-14134-173

1p_dave · Answer

ririxi

Thank you for posting the Support ID. I see that my colleague has already sent you a response, please continue the conversation there.

To prevent duplication of efforts, I'll close this thread.

-Dave

ref: EUJ-14134-173
ref: dev/core/core#19590

Forum Discussion

WebAuthn & TPM issue

5 Replies

Sending Diagnostics Reports (Windows)

Featured discussions

November at 1Password: the Access-Trust gap, planning your estate, and an updated unlock experience

Recent discussions

Browser auto fill popup not working for some websites using IP

How do I prevent 1Password from autofilling on specific urls?

Safari-extension not working on self hosted app

Chrome extension breaks client side code snippet rendering

Increasing the minimum iOS version to iOS 18