Forum Discussion

New Contributor

3 years ago

1Password seems to hijack webauthn rather than use CTAP for communication

I might have misunderstood something about the passkey promises 1password made here. But it seems that the browser plugin hijacks all webauthn-calls rather than to emulate a proper CTAP authenticator...

browser extension

1p_jac

1Password Team

3 years ago

Hi flindeberg

In the Open Beta of saving and signing in with passkeys from 1Password, you will see a prompt appear from 1Password asking you if you would like to save the passkey you're creating into 1Password. You'll also see the same prompt if the 1Password in your browser detects that you have a passkey stored in your account for that website.

If you wish to use a passkey stored in another location or save it in another location other than 1Password such as iCloud Keychain or Google Password Manager, you can dismiss the 1Password prompts and the request will be forwarded to your device/browser's passkey provider method.

Forum Discussion

1Password seems to hijack webauthn rather than use CTAP for communication

Featured discussions

November at 1Password: the Access-Trust gap, planning your estate, and an updated unlock experience

Recent discussions

Bug? Browser extension not unlocking or filling in password

"1password quit unexpectedly" at every startup

Ongoing Autofill Issues on Android

Storing PGP Keys

[BUG] Beta and Nightly extension degrade page's original functionallity