Questions about passkeys

System
System
in Windows
This discussion was created from comments split from: Confused About Passkeys.

Comments

  • Gardenopolous
    Gardenopolous
    Community Member

    I am confused too. No doubt these queries have been answered elsewhere. Sorry.
    How do passkeys work on a multi-user PC? In practice, does 1Password itself become a device? So that the passkey is stored on 1Password.
    But if this is so, how is that different from a password? (Apart from length of course.)
    And how is storing a passkey in 1Password device-specific? Would it not be "1Password-account-specific"?
    If so, is the Windows Security instruction that says, "Choose a device with a saved passkey" strictly incorrect?
    If I'm on track with the above, do passkeys not simply move the "weakest link"
    FROM EITHER (a) the strength of the password (on the “app” you’re trying to log in to),
    TO the strength of security on the “1Password account” (which happens to be, incidentally, on a device)?
    (Both of these require device-security on the device also.)
    -Gardenopolous

  • Dave_1P
    Dave_1P
    edited January 20

    Hello @Gardenopolous! 👋

    Thank you for the questions! Passkeys are a modern alternative to passwords – they enable people to log in to their online accounts without having to enter a password. Passkeys are based on a public-private key pair – one key is public and connected to the website or app you’re using, the other key is private and stored in 1Password.

    But if this is so, how is that different from a password?

    Unlike passwords, you can’t create a weak passkey. Passkeys are generated by your device using a public-private key pair, which makes them strong and unique by default. Passkeys can't be phished like traditional passwords because the underlying private key never leaves 1Password – this also makes them resistant to social engineering scams.

    Once you've created and saved one passkey for an account using 1Password on one device there's no need to create another passkey using 1Password on another device. 1Password makes sure that the passkey that you saved on one of your devices will be immediately available for sign-in on the rest of your devices. Passkeys are encrypted and saved directly to your 1Password account.

    You can read more about passkeys here:

    Let me know if you have more questions.

    -Dave