Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Forum Discussion
1P_Blake
Community Manager
Community Manager1Password now available in Comet, the AI-powered browser by Perplexity
We’re excited to share that the 1Password browser extension is now available in Comet. With 1Password, credentials and sensitive data, like credit card information, used in Comet are protected by the...
Hi all, thanks for raising these questions and sharing your concerns.
At 1Password, our guiding principles are privacy, security, and transparency, and ensuring people can use the tools they choose safely. We know AI and new browsing technologies raise important questions, which is why our role is to give people choice without compromising trust.
To clarify a few points about our partnership with Perplexity on the Comet browser:
- Your data remains private. Nothing about this partnership changes how 1Password works. Vaults are end-to-end encrypted, and neither Perplexity nor Comet has access to your information. Your secrets remain encrypted and never leave your control.
- The extension is the same. The 1Password browser extension works in Comet exactly as it does in Chrome, Safari, Firefox, and other Chromium-based browsers. There is no special integration that exposes additional data.
- This is about choice. Our customers want us to be where they are. For those who want to try Comet, we are ensuring their login and autofill experience is secure, just as it is in other browsers.
We take trust seriously and will continue to make decisions with privacy, transparency, and security at the core.
- Your data remains private. Nothing about this partnership changes how 1Password works. Vaults are end-to-end encrypted, and neither Perplexity nor Comet has access to your information. Your secrets remain encrypted and never leave your control.
It looks like the security certificate of Perplexity AI's website that the 1password marketing email is sending users is not secure. I feel like this referral to this insecure website creates a little bit of a bad look for 1password where security is obviously their number one priority. Thoughts?
1P_BlakeCommunity Manager
Community ManagerHey OverSurge! Thanks for flagging this. I just checked on my end and the Perplexity site’s certificate looks valid, and I haven’t seen other reports of an issue so far.
Could you let us know which browser (and browser version) you’re using, and if you're seeing same thing in any other browser?
Interesting. My Edge browser Version 140.0.3485.66 (Official build) (64-bit) and Chrome Version 140.0.7339.128 (Official Build) (64-bit) are both reflecting the certificate as invalid.
I am on my corporate laptop with additional security measures in place, so it could be something related to that, but I haven't seen this before with other websites.
Attackers might be trying to steal your information from www.perplexity.ai (for example, passwords, messages, or credit cards). ERR_CERT_AUTHORITY_INVALID
That's ... odd. Hitting www.perplexity.ai, not on a corporate intranet, I'm seeing a Let's Encrypt cert.
I just talked to my security and network team and have learned that we are migrating to a new firewall provider and that is our device that is issuing the internal certificate. They are looking at this on our side. My apologies for triggering an invalid concern.
I see what's going on. Their certificate is issued by FG181FTK25900273, which is a Fortinet device. Fortinet firewalls often perform SSL deep packet inspection by intercepting HTTPS traffic and re-signing it with their own internal CA. My corporate browser doesn't explicitly trust the Fortinet CA, thus it will flag the certificate as untrusted or invalid. As a result, any certificate signed by it (like the one for perplexity.ai) is considered self-signed or untrusted. Our corporate policies are seeing this as a self-signed certificate and won't trust it. It also flags it as risk of man in the middle attack.
