Forum Discussion
Community Manager1Password now available in Comet, the AI-powered browser by Perplexity
Hi all, thanks for raising these questions and sharing your concerns.
At 1Password, our guiding principles are privacy, security, and transparency, and ensuring people can use the tools they choose safely. We know AI and new browsing technologies raise important questions, which is why our role is to give people choice without compromising trust.
To clarify a few points about our partnership with Perplexity on the Comet browser:
- Your data remains private. Nothing about this partnership changes how 1Password works. Vaults are end-to-end encrypted, and neither Perplexity nor Comet has access to your information. Your secrets remain encrypted and never leave your control.
- The extension is the same. The 1Password browser extension works in Comet exactly as it does in Chrome, Safari, Firefox, and other Chromium-based browsers. There is no special integration that exposes additional data.
- This is about choice. Our customers want us to be where they are. For those who want to try Comet, we are ensuring their login and autofill experience is secure, just as it is in other browsers.
We take trust seriously and will continue to make decisions with privacy, transparency, and security at the core.
- Your data remains private. Nothing about this partnership changes how 1Password works. Vaults are end-to-end encrypted, and neither Perplexity nor Comet has access to your information. Your secrets remain encrypted and never leave your control.
This just made things much easier for attackers. The problem with an AI powered browser is that it doesn't know the difference between data and commands so it can easily be hijacked to do things. If it has access to 1Password then your info can be exfiltrated or just used even if not copied.
Sure, people should be okaying and authenticating for every transaction but as 1Password makes it easy to not do so, bet heaps of people don't. You are encouraging people to use a browser which scammers can very easily use to steal things and allowing that browser to use 1Password to help.
See https://guard.io/labs/scamlexity-we-put-agentic-ai-browsers-to-the-test-they-clicked-they-paid-they-failed
for examples of what I am talking about. You can talk about privacy all you like, the problem is that AI has no way to distinguish between data and commands, so a malicious webpage can make the AI do whatever it wants.
You have no control over Perplexity so you can't make promises about what they will do or how they will solve this problem. Until it is solved you are utterly irresponsible to have anything at all to do with an AI agent browser,
The minimum you should do if you are touching this with any length of barge pole is to set your extension so that there is no way to set any kind of automatic use of passwords so a human must agree to every use of a password on any browser using AI agents. Then you get AI haters to test it until everyone agrees 1Password can't be used by a malicious page to do things without intervention by a human who is fully informed on what is actually happening, not what a non-1Password dialog box says is happening.
