Testing passkey support. Is it supposed to be this difficult?

LeVeL5
LeVeL5
Community Member
edited August 14 in 1Password in the Browser

What I read was that I could log in with biometrics on another device, but my experience leaves a bit to be desired:

Trying to log in with a device that already has 1Password installed is seamless (1Password pops up and authenticates right away, just as it would do with a regular password), but trying it on a device that doesn't have 1Password installed, as it could be the case of an emergency, I get a prompt to scan a QR code which will then request the passkey to 1Password:

Does this mean that if I don't have access to a device that has both, 1Password installed and a functional camera, I cannot log in using saved passkeys?

To me this would mean flexibility is limited and I'm still better off using password and 2FA one-time-codes.

Also, I can change the default passkey and password provider in iOS (Home screen -> Settings -> Passwords -> Password Options, then enable or disable password/passkey providers), but not on Mac OS, which has the same menu and options, but the only provider is iCloud Keychain.

1Password Version: 8.10.39
Extension Version: Not Provided
OS Version: macOS 14.6.1
Browser: Firefox 129

Comments

  • Dave_1P
    Dave_1P

    Hello @LeVeL5! 👋

    Thank you for reaching out. So that I can better undertstand the situation, and advise appropriately, can you tell me:

    1. Are you trying to sign into 1Password itself using a passkey?
    2. Are you trying to sign into other websites/apps on a device that doesn't have 1Password installed?

    Or are you trying to do something else?

    Also, I can change the default passkey and password provider in iOS (Home screen -> Settings -> Passwords -> Password Options, then enable or disable password/passkey providers), but not on Mac OS, which has the same menu and options, but the only provider is iCloud Keychain.

    1Password on the Mac doesn't use the "Autofill & Passwords" feature in macOS System Settings so you won't see it listed there. Instead you can fill and save logins using either 1Password in the browser (our browser extension) or using Universal Autofill:

    If you don't see 1Password in Safari then try the steps in this article: If you don't see the 1Password icon in your browser's toolbar

    Let me know if that doesn't work. 🙂

    -Dave

  • LeVeL5
    LeVeL5
    Community Member
    edited August 15

    Hi Dave,

    Thank you very much for replying. I'm testing passkeys to see how they work in a best-case scenario, like authenticating on iOS and Mac where 1Password is installed as well as all requisite browser extensions, and also in cases where I would have to use a loaner device and rely on another family admin and their devices for authentication in case of an emergency.

    I didn't know I could sign in to 1Password using a passkey... My test consisted on enabling passkeys on a single Yahoo account and test different scenarios to understand how the process would be different in every case and to plan ahead, so the case is actually #2. I admit I was surprised by the Firefox prompt not mentioning a Mac, because it's easier to lose a mobile device than one that's always at home.

    I kinda expected a 1Password notification to pop up on one of my devices, but that may be borne out of complete ignorance on my part about how passkeys actually work.

    I do get why they're more secure, but I'm also curious as to how consistent would the experience be across platforms and browsers, or how things like the Mac's Internet Accounts would authenticate with passkeys too, as the OAuth authentication opens a webview that wouldn't be running the 1Password browser extension... Too many things to think about but I want to be thorough and responsible.

  • Dave_1P
    Dave_1P
    edited August 16

    @LeVeL5

    Thank you for those details. On a device that you own, I recommend that you use 1Password in the browser to sign in using a passkey since that will provide you with the best experience.

    On other devices, you can scan a QR code on that device using your mobile device and use 1Password on your mobile device (iOS or Android) to sign in using your saved passkey. You'll scan the QR code using the camera app on your mobile device and then tap on the prompt to open 1Password and allow the sign in.

    how things like the Mac's Internet Accounts would authenticate with passkeys too, as the OAuth authentication opens a webview that wouldn't be running the 1Password browser extension

    At the moment, choosing the QR code option when you're prompted for your passkey and scanning that QR code using your mobile device to sign in with a passkey saved in 1Password is the best option for this scenario as well.

    Let me know if you run into any issues or have any questions.

    -Dave

  • LeVeL5
    LeVeL5
    Community Member

    That sounds reasonable and I'll keep it mind. I'll continue doing testing with passkeys and increasing the security of my accounts.

    Thank you very much, Dave!

  • ag_tommy
    ag_tommy

    On behalf of Dave, you're welcome.

  • Unknown
    Unknown
    edited August 22
    This content has been removed.