1Password helps author a new standard for secure credential transfer

Migrating credentials no longer has to mean insecure plaintext files or vendor lock-in.

That’s why we’re proud to share that the FIDO Alliance has published the Credential Exchange Format (CXF) as a Proposed Standard, co-edited in part by contributors from 1Password. This new format gives providers a consistent JSON-based way to transfer credentials securely between services and represents a real move away from CSV exports.

CXF lays the groundwork for secure migration across services without exposing sensitive data or forcing people to rely on ad-hoc export tools. It supports a wide range of credentials from passwords, passkeys, SSH keys, TOTPs, payment cards, Wi-Fi credentials, API keys, and more — and creates a path for providers to handle transfers in a more consistent way.

Early support for CXF is already starting to land across the industry. Apple has introduced APIs for bulk credential import and export, Google is doing the same on Android, and 1Password and other FIDO members have already demonstrated cross-platform passkey transfers using the format.

Read more about the work behind this milestone, the contributors involved, and what comes next in the full blog post.

Got questions about the Credential Exchange Format? Drop them here in the thread!