It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
Forum Discussion
Where are passkeys stored?
Hi,
I tried to use the passkeys function in 1Password.
I got prompted during a login into my gmail by 1Password to save my passkey.
So i did. The process was very quick, but I do not recall seeing where the passkey private key is saved.
I did this on my desktop computer, so does that mean the passkey is saved on my computer?
Or my phone (which i did not use during the passkey process) or is the private kay saved on the 1Password cloud?
When I try signing in using incognito to my gmail on my mobile. I was able to get into very quickly. so quickly in fact , I dont even know when the passkey was prompted.
So, can someone help me understand how 1Password passkey work? and where it the actual private key stored?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
6 Replies
AliH1P1Password Team
Hey @NSAtech3, no worries - I appreciate you following up!
Don't hesitate to reach out if you ever have any questions.
Ali
"When a passkey is created, the private key is stored in your 1Password vault which is synced across all of your devices using the 1Password servers."
That is completely incorrect!!!!
The private key for a passkey NEVER leaves the device's secure element (eg. TPM in Windows, Apple Secure Element, Android Keystore system ie. Trusted Execution Environment). The Android StrongBox Keymaster is actually a Hardware Security Module. There's no way to extract the private key that's the whole point of these security keys...
Your docs even state this:
https://blog.1password.com/passkeys-faqs/#:%7E:text=Each%20passkey%20consists%20of%20two%20parts%20%E2%80%93%20a%20public%20and%20private,want%20to%20log%20in%20to.- AliH1P
Hey @jbrowdy, that's correct. Any passkey you setup using 1Password will be available for use across all of your devices!
Ali
This is great. So, from what I am reading, it should not be necessary to set up a passkey on multiple devices (for the same site)? If I create a passkey through 1Password on my computer (example, Marketcircle's Daylite), the same passkey will work across all devices, and I don't have to create one for each device?
- AliH1P
Hey CCal, thanks for reaching out. When a passkey is created, the private key is stored in your 1Password vault which is synced across all of your devices using the 1Password servers.
Keep in mind that a local copy of your data is also available on all of your devices. (This is why you can continue using 1Password even when you're offline). While connected to the internet, that local copy will sync and update any changes or additions made across your other devices.
Let me know if you have any further questions!
Ali
