It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
Forum Discussion
Solved
How do I disable passkey support?
How do I disable all prompting or integration for passkeys in the 1password browser plugin for safari?
Hello ProratedMongoose! đź‘‹
Thanks for reaching out! Is there a particular reason why you wanted to turn off passkey support for 1Password in Safari? Passkeys are the future of authentication and I would recommend upgrading to passkeys wherever possible: Save and sign in with passkeys in your browser
That being said, you can turn off passkey support by following these steps:
- Open your browser.
- Right-click on the 1Password icon in your browser's toolbar and click Settings.
- Click Autofill & save.
- Turn off "Offer to save and sign in with passkeys".
If you're an administrator for a 1Password Business membership then you can also turn off passkeys for your entire team using app usage policies.-Dave
19 Replies
How do I disable Passkey support entirely on iOS? This includes both in Safari and in other apps I never want 1Password to offer to save a passkey. I have already disabled iOS from doing it
I am aware that 1Password wishes I would use passkeys. As I once again had to assist a friend with an account recovery because of the poor user experience that is passkeys in the world, I find I need to disable it entirely from 1Password on iOS.
- 1P_Dave
Moderator
Hello ProratedMongoose​! 👋
I'm sorry that you're running into issues with passkeys. On iOS, AutoFill is specifically handled by the operating system and 1Password just provides the data for the experience. iOS AutoFill doesn't provide an option to just turn off the passkey functionality while keeping password AutoFill turned on, if you look at AutoFill settings on your phone you'll see there's only one switch for both passwords and passkeys:
That being said, AutoFill will only offer to save a passkey if the website or app that you're on makes a webauthn request. Usually this happens because you've tapped on an option to create a passkey on that website or app. Then AutoFill intercepts that webauthn request and offers to create a passkey in your preferred password manager.
Out of curiosity, what are the issues that you and your friend ran into? Did a passkey that you had previously saved in 1Password not work to sign you into a specific app or website?
-Dave
- 1P_Dave
Hello ProratedMongoose! đź‘‹
Thanks for reaching out! Is there a particular reason why you wanted to turn off passkey support for 1Password in Safari? Passkeys are the future of authentication and I would recommend upgrading to passkeys wherever possible: Save and sign in with passkeys in your browser
That being said, you can turn off passkey support by following these steps:
- Open your browser.
- Right-click on the 1Password icon in your browser's toolbar and click Settings.
- Click Autofill & save.
- Turn off "Offer to save and sign in with passkeys".
If you're an administrator for a 1Password Business membership then you can also turn off passkeys for your entire team using app usage policies.-Dave
A bit late to the party, but I'll be happy to answer why I'm not interested in passkeys.
In addition to just being clunky to use, no one has been able to satisfactorily explain how to recover them when *all* the trusted devices are lost or stolen.
Because if the fallback in those situations is to use email verification (which so far it looks like every site will use), then why bother with passkeys when the system can be forced into a very insecure access method (and that of course, assumes that the email account isn't also protected by a lost passkey). Login security is only as secure as the least secure fallback method.
The issue with 1P is that it prompts on every single page refresh on a site to create a passkey. if I've said no, then darn it, stop prompting me on that site. So my only other alternative is to disable it completely (which I've now happily done thanks to finding this thread).
Passkeys need more time in the oven. Fine for corporate internal use, where there's a helpdesk that can help recover account access (or be socially engineered to provide it, but that's another story). Completely different situation for consumer sites where you can never get a human being to assist.
- 1P_Dave
Thank you for sharing your perspective! If you use 1Password as your passkey authenticator app then you'll be able to sign into any website that you've saved a passkey for as long as you have access to 1Password on one of your devices. You can avoid losing access to 1Password by doing the following:
- Download and save your Emergency Kit
- Create and save a recovery code
- If using 1Password Families, add another family organizer
If you do lose access to a passkey then most websites will offer a backup method to regain access to your account however the exact method used will differ from website to website.Login security is only as secure as the least secure fallback method.
Not necessarily. Even if you have weaker sign-in methods available as an alternative, each time that you use a passkey to sign in you're benefitting from increased protection against phishing since a passkey will only ever work on the website that it was saved for.
The issue with 1P is that it prompts on every single page refresh on a site to create a passkey. if I've said no, then darn it, stop prompting me on that site.
That doesn't sound right. 1Password should only offer to save a passkey if a website tries to generate a passkey, the passkey prompt from 1Password only appears if it detects a webauthn request being made by a website. Are you able to post a screenshot of the prompt that you see? And the website that you see it on?
-Dave
My question has seemingly been resolved with that answer.
After helping the 4th person get themselves back into accounts that they got locked out of because of the terrible state of Passkey usability I came to the conclusion that for many, this half-baked feature should be turned off.
See also these articles which I would assume 1password is familiar with.I'll second your "half-baked" observation. I never initiated it on my account, yet upgrading to v8 led to a persistent/annoying "No passkeys available" prompt on my Android (with the unhelpful option to "Use a different device"). I get the impression they have organizationally changed along with their business values.
