Where are passkeys stored?

Options
CCal
CCal
Community Member
in Windows

Hi,
I tried to use the passkeys function in 1Password.

I got prompted during a login into my gmail by 1Password to save my passkey.
So i did. The process was very quick, but I do not recall seeing where the passkey private key is saved.

I did this on my desktop computer, so does that mean the passkey is saved on my computer?
Or my phone (which i did not use during the passkey process) or is the private kay saved on the 1Password cloud?

When I try signing in using incognito to my gmail on my mobile. I was able to get into very quickly. so quickly in fact , I dont even know when the passkey was prompted.

So, can someone help me understand how 1Password passkey work? and where it the actual private key stored?

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • AliH1P
    AliH1P
    Options

    Hey @CCal, thanks for reaching out. When a passkey is created, the private key is stored in your 1Password vault which is synced across all of your devices using the 1Password servers.

    Keep in mind that a local copy of your data is also available on all of your devices. (This is why you can continue using 1Password even when you're offline). While connected to the internet, that local copy will sync and update any changes or additions made across your other devices.

    Let me know if you have any further questions!

    Ali

  • jbrowdy
    jbrowdy
    Community Member
    Options

    This is great. So, from what I am reading, it should not be necessary to set up a passkey on multiple devices (for the same site)? If I create a passkey through 1Password on my computer (example, Marketcircle's Daylite), the same passkey will work across all devices, and I don't have to create one for each device?

  • AliH1P
    AliH1P
    Options

    Hey @jbrowdy, that's correct. Any passkey you setup using 1Password will be available for use across all of your devices!

    Ali

  • NSAtech3
    NSAtech3
    Community Member
    Options

    @AliH1P

    "When a passkey is created, the private key is stored in your 1Password vault which is synced across all of your devices using the 1Password servers."

    That is completely incorrect!!!!

    The private key for a passkey NEVER leaves the device's secure element (eg. TPM in Windows, Apple Secure Element, Android Keystore system ie. Trusted Execution Environment). The Android StrongBox Keymaster is actually a Hardware Security Module. There's no way to extract the private key that's the whole point of these security keys...

    Your docs even state this:
    https://blog.1password.com/passkeys-faqs/#:~:text=Each passkey consists of two parts – a public and private,want to log in to.

  • NSAtech3
    NSAtech3
    Community Member
    Options

    ok now I get what you were saying... this is the 1password passkey not authenticator passkeys. sorry!

  • AliH1P
    AliH1P
    Options

    Hey @NSAtech3, no worries - I appreciate you following up!

    Don't hesitate to reach out if you ever have any questions.

    Ali