Skip to main content
1P_Blake
Community Manager
September 17, 2025
Solved

1Password now available in Comet, the AI-powered browser by Perplexity

  • September 17, 2025
  • 19 replies
  • 2378 views

We’re excited to share that the 1Password browser extension is now available in Comet. With 1Password, credentials and sensitive data, like credit card information, used in Comet are protected by the same end-to-end encryption and zero-knowledge architecture trusted by millions of people and over 165,000 businesses.

Try Comet and get the 1Password browser extension to start browsing smarter and safer today.

Learn more in our blog: 1Password now available in Comet, the AI-powered browser by Perplexity

Best answer by 1P_Blake

Hi all, thanks for raising these questions and sharing your concerns.

At 1Password, our guiding principles are privacy, security, and transparency, and ensuring people can use the tools they choose safely. We know AI and new browsing technologies raise important questions, which is why our role is to give people choice without compromising trust.

To clarify a few points about our partnership with Perplexity on the Comet browser:

  • Your data remains private. Nothing about this partnership changes how 1Password works. Vaults are end-to-end encrypted, and neither Perplexity nor Comet has access to your information. Your secrets remain encrypted and never leave your control.

  • The extension is the same. The 1Password browser extension works in Comet exactly as it does in Chrome, Safari, Firefox, and other Chromium-based browsers. There is no special integration that exposes additional data.

  • This is about choice. Our customers want us to be where they are. For those who want to try Comet, we are ensuring their login and autofill experience is secure, just as it is in other browsers.

We take trust seriously and will continue to make decisions with privacy, transparency, and security at the core.

19 replies

September 18, 2025

So sick of having AI shoved down my throat. Yes, 1P_Blake has made it abundantly clear that this browser is an optional install. Thin edge of the wedge. I’ve also been a 1Password user since the first Mac app — and iOS since 2008 — and am allergic to the idea of 1Password saddling up alongside AI of any kind. They’re clearly more focussed on the enterprise market now, and I didn’t think that would be a problem, but now I’m not so sure. They’re going to be forced to go all-in on the bull**bleep**-generators to keep investors happy. Here’s hoping they remember what makes customers happy, too.

September 18, 2025

Yesterday, I received an email invitation from 1Password offering early access to the forthcoming 1Password browser extension for Comet, an AI browser from Perplexity.

Personally, I am disappointed that “1Password is partnering with Perplexity,” since 1Password is a brand that emphasizes privacy – and, Perplexity is a brand that apparently does not.  More specifically, the Comet browser records the following information:

  • "URLs of the websites you visit
  • The text, images, and other resources of those pages
  • The permissions you grant those websites
  • The number of windows and tabs you have open
  • Your search queries
  • What you download
  • The cookies from websites

It also asks your permission to access all the data in your Google Account, meaning it can read your emails, go through your contacts, see all your stored files, and more."  (source)

I hope that 1Password reconsiders this business relationship in order to protect its brand integrity….

September 18, 2025

Yup. Strongly agree. If there's no absolute walkback and apology I'll be cancelling my subscription.

September 18, 2025

I already did

1P_Blake
1P_BlakeAuthorAnswer
Community Manager
September 18, 2025

Hi all, thanks for raising these questions and sharing your concerns.

At 1Password, our guiding principles are privacy, security, and transparency, and ensuring people can use the tools they choose safely. We know AI and new browsing technologies raise important questions, which is why our role is to give people choice without compromising trust.

To clarify a few points about our partnership with Perplexity on the Comet browser:

  • Your data remains private. Nothing about this partnership changes how 1Password works. Vaults are end-to-end encrypted, and neither Perplexity nor Comet has access to your information. Your secrets remain encrypted and never leave your control.

  • The extension is the same. The 1Password browser extension works in Comet exactly as it does in Chrome, Safari, Firefox, and other Chromium-based browsers. There is no special integration that exposes additional data.

  • This is about choice. Our customers want us to be where they are. For those who want to try Comet, we are ensuring their login and autofill experience is secure, just as it is in other browsers.

We take trust seriously and will continue to make decisions with privacy, transparency, and security at the core.

September 18, 2025

If it were really purely about choice then why is Zen left in the dirt here?

I'm very glad it's the same extension and those responses are helpful for sure. However it remains that an email was sent to (seemingly?) all 1Password personal customers promising:
"With Comet and 1Password together, you can ask Comet to:

  • Find a recipe, add ingredients to your cart, and use 1Password to securely check out on your behalf.
  • Plan a walking route for your next vacation, then use 1Password to sign into your email and share it.
  • Sign in to your favorite news site with 1Password, then ask Comet for a quick summary of the latest articles."

If it were the case there was no integration, then why was this email sent, seemingly promising such integration?
I think a key part of the issue, at least for me, was that if such a badly phrased email could be sent, despite a well-worded blog post as linked in the original post above, what else could go wrong in the company we're trusting some of our most private credentials to? The email bigging up Comet does not indicate to me that trust is taken seriously.

To summarise: I don't mind Comet having 1Password Support, and to be fair to yourself you have alleviated those concerns somewhat. What I do mind is 1Password treating Comet differently to other browsers and/or users by sending marketing crap on their behalf. What I do mind is 1Password working (apparently closely, given the difference in the marketing copy vs the blog!) with a privacy-hating organisation.

September 19, 2025

One factor that is impacting my own perception of the announced partnership of 1Password and Perplexity is the content of the email sent by 1Password entitled “1Password Exclusive:  Early access to Comet, the new AI browser from Perplexity.”

 In my opinion, that email is not a neutral announcement of the forthcoming availability of a 1Password extension for Comet.  For example, consider that the email subject line is explicitly promoting “early access to Comet” and not “early access to the 1Password browser extension for Comet.”

Additionally, as I read the message, it seems that 1Password is endorsing the use of Comet and encouraging its customers to “be among the first to explore the future of browsing” by claiming “your early access.”  The three examples in the email of using “Comet and 1Password together” suggest that 1Password users would benefit by installing and using Comet for browsing.  For some users, that may be true; but for others who are more concerned about privacy, the situation is different.

Am I misinterpreting this email, or reading it too harshly?  Interested to hear the opinions of others in the 1Password community….

September 19, 2025

You're 100% right.  Been trying to say as much for two days now.

September 20, 2025

This just made things much easier for attackers.  The problem with an AI powered browser is that it doesn't know the difference between data and commands so it can easily be hijacked to do things.  If it has access to 1Password then your info can be exfiltrated or just used even if not copied.

Sure, people should be okaying and authenticating for every transaction but as 1Password makes it easy to not do so, bet heaps of people don't.    You are encouraging people to use a browser which scammers can very easily use to steal things and allowing that browser to use 1Password to help.

See https://guard.io/labs/scamlexity-we-put-agentic-ai-browsers-to-the-test-they-clicked-they-paid-they-failed

for examples of what I am talking about.   You can talk about privacy all you like, the problem is that AI has no way to distinguish between data and commands, so a malicious webpage can make the AI do whatever it wants.    

You have no control over Perplexity so you can't make promises about what they will do or how they will solve this problem.   Until it is solved you are utterly irresponsible to have anything at all to do with an AI agent browser,

The minimum you should do if you are touching this with any length of barge pole is to set your extension so that there is no way to set any kind of automatic use of passwords so a human must agree to every use of a password on any browser using AI agents.  Then you get AI haters to test it until everyone agrees 1Password can't be used by a malicious page to do things without intervention by a human who is fully informed on what is actually happening, not what a non-1Password dialog box says is happening.

 

September 21, 2025

When 1Password announced its partnership with Perplexity, the importance of security was emphasized:  “At 1Password, we believe security must be part of the foundation when building AI products, not an afterthought.”

However, achieving that goal may be problematical, as described in this “Scamlexity” article (kudos to @Seria for the reference) – which I highly recommend reading.  In brief, the article makes the case that an AI Browser such as Comet “can, without your knowledge, click, download, or hand over sensitive data, all in the name of ‘helping’ you.”

More specifically, the article presents proof-of-concept security vulnerabilities using Comet.  For example, watch the video in the article to witness Comet’s ability to autofill credit card details on a fictious retail website.

Is 1Password truly confident that it can deliverSecurity that Enables AI Browsing” today – especially when the browsing is solely under the control of its partner Perplexity?

This is a sincere question.  I encourage 1Password to considering authoring a white paper describing the company’s approach to “Security that Enables AI Browsing,” so that users of 1Password can understand the protections that have been put in place when utilizing Comet.

AJCxZ0
September 22, 2025

Coincidentally, in my feed client which includes the 1Password Blog

 

October 14, 2025

Readers of this thread will likely find a recent blog by 1Password to be of interest:  Closing the credential risk gap for AI agents using a browser.

The blog describes the 1Password Secure Agentic Autofill solution that “…injects credentials via the 1Password Browser Extension into a browser on behalf of an AI agent only when required and always authorized by a person,” without “…allowing that agent to have access to or visibility into the credentials being used.”

Given the Secure Agentic Autofill technology, is AgileBits confident that using 1Password in Comet is currently as safe and secure as using 1Password in any other supported browser (Chrome, Firefox, Edge, Brave, Safari)?

October 14, 2025

For extra points they give it to Scamlexity and get them to agree it solves the problem.

This really needs stress testing by people who have no stake in it succeeding.

October 15, 2025

Hopefully, 1Password will ensure that its ongoing security audits include an independent review of the Secure Agentic Autofill technology.

October 30, 2025

I just got another Comet related mail: 

"1Password has introduced a Comet-compatible browser extension, giving you a safer, more seamless way to access and protect their credentials "

So maybe they have listened...   I'm not about to test it mind you!

I'm still interested to know if the Comet agent can see what the browser is sending.  If 1Password fills in a password filed and that password is then sent down an encrypted https connection does the Comet LLM see that password as part of the text that is encrypted and sent before it is encrypted?  Just how closely entwined is this LLM to the guts of the browser?