How can I see my actual passkey?

milad
milad
Community Member
edited September 20 in Lounge

I started using passkeys on one or two websites. I'm not super familiar with how they work but I assumed they're more or less like SSH keys. However, in the 1password app I can only see that 1p has stored a passkey but I haven't figured out how I can actually see the content of my keys.

Where in the app can I actually see and export my keys?

Data ownership and visibility is super important to me so if 1password doesn't expose and allow that then I'll never trust 1password with my passkeys

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • Dave_1P
    Dave_1P

    Hello @milad! 👋

    Thanks for reaching out! Passkeys can't be viewed in plain text by design, it's an important part of their resistance to phishing and one of the ways in which they provide better security than passwords. A passkey can only be used on the service that it was made for. If a passkey could be viewed in plain text then it could be phished just like a password can.

    Can you tell me a little more about why you'd want to view the underlying passkey private key? I'm not aware of any website or service that can use those for anything.

    We’re working closely with platform vendors and other password managers through the FIDO Alliance to create a secure way to import and export passkeys. We believe it’s your choice where to store and use your passkeys. Hopefully we’ll have more to share in the future.

    -Dave

  • milad
    milad
    Community Member

    Thanks for your message.

    The same arguments can be made about passwords but 1p does show the password in its app. It's mostly about data ownership rather than using the key files for something.

    If exporting them is not possible then they're not ready to be used.

  • Dave_1P
    Dave_1P

    @milad

    Passkeys have been designed to be more resistant to phishing than passwords, it's why you're able to reveal a password but not a passkey in 1Password. With the design of passkeys, there's been a conscious effort to solve the weaknesses that passwords are vulnerable to.

    If exporting them is not possible then they're not ready to be used.

    Hopefully our team, in collaboration with other members of the FIDO Alliance, are able to release a secure way to import/export passkeys soon. I know that this is something that is being actively worked on.

    -Dave

  • milad
    milad
    Community Member

    so there's no way to actually export them right now? What happens to them if I want to move my data to a different password manager?

  • Dave_1P
    Dave_1P

    @milad

    If you choose to move to another password manager then you can create a new passkey for a website at any time within the other password manager and remove any existing passkeys from 1Password.

    -Dave