lengotengo
2 years agoNew Contributor
Q - What exactly happens when we unlock an already trusted app with a passkey?
I was wondering.
When we unlock an installed app, let's say 1Password on the browser on ChromeOS, we have to log in again with a passkey.
I suppose this is necessary to get again the key to the vault itself, be it from our system or from your system.
(I will call this key the master key, forgive me if it is wrong.)
The question is: when unlocking the 1Password app with a passkey, is there (a) new a handshake with the server for security purposes, so it is not necessary to store an obfuscated master key on the system, or (b) the passkey handshake is done locally, just "unmasking" the master key stored on the device?
Thank you.
1Password Version: Not Provided
Extension Version: 2.18.1
OS Version: ChromeOS 119.0.6045.212
Browser: Chrome