February 2026 at 1Password: Benchmarking AI security & helping developers access secrets everywhere

February was all about AI agent security and developer workflows. From benchmarking model behavior to expanding programmatic access in 1Password Environments and SDK authentication, we continued strengthening how teams build and secure with 1Password.

An ongoing conversation on OpenClaw and AI agents

OpenClaw exploded in popularity this month, sparking curiosity across AI and tech circles. In short, OpenClaw is an AI agent that runs locally and performs personal assistant-style tasks such as managing your calendar, checking your email, or prioritizing tasks in your GitHub repository.

From making reservations to building custom integrations, users have been quick to push the boundaries of OpenClaw. But with the excitement has also come concern. Agent gateways, such as OpenClaw, have access to the systems where they’re installed, making them a prime target for malicious actors. Since the beginning of the year, we’ve already seen skills that secretly instruct AI agents to deliver malware. As the use of tools like OpenClaw expands, it’s increasingly important to understand how to use them securely, and where the potential threats lie.

Interested in the whole story? Our VP of Product, Jason Meller, has penned two recent write-ups on the topic:

Security Comprehension and Awareness Measure benchmark

You might know how to spot and avoid phishing attacks, but can AI agents navigate the same scenarios? In our testing, even the most capable AI models were susceptible to common phishing strategies. As AI agents take on more tasks for us, and begin to act like employees, how they handle phishing is becoming a significant security concern.

That’s why we built the Security Comprehension and Awareness Measure (SCAM). It’s a benchmark that tests how AI models handle phishing attacks when performing tasks like scanning your inbox or filling credentials.

Security Comprehension and Awareness Measure (SCAM) Demo

Alongside the benchmark, we also created a security skill. that serves as a phishing crash course for AI models. Introducing this skill improved the likelihood that each model we tested would detect and avoid a phishing test by as much as 59.9%.

Programmatic access to 1Password Environments beta and desktop SDK authentication general access

Building on last year’s introduction of 1Password Environments, we’re now adding programmatic read-only access. This release allows you to programmatically fetch secrets via CLI and SDKs when those secrets are needed, and only for the time that they are needed.

Secure your secrets at runtime with the 1Password CLI and Environments

With many thanks to our developer community for testing and feedback, we’re also introducing an update to 1Password SDKs. SDK integrations can now authenticate through the 1Password desktop app with a biometric, or password prompt. This supports workflows such as vault management, vault permissions, and batch item operations.

Secure your desktop apps with 1Password SDKs

Read the full launch post

Evolving our partner ecosystem

The 1Password Partner Program enables MSPs and other partners to help their customers adopt the familiar security solutions we provide. This program includes access to sales and technical training, as well as go-to-market resources to support onboarding and growth.

We’re now focusing on simplicity, transparency, and consistency to best serve our mutual customers, and help partners scale their businesses. If you’re interested in becoming a partner, or learning more about the program you can read more in our blog post, or check out our partner program site.

Random but Memorable

February marks the start of a new season for Random but Memorable, our award-winning cybersecurity podcast! In this month’s episodes you can learn about practical security for the people you care about most, as well as guiding children to securely adopt AI tools.

Release note highlights

1Password in the Browser

1Password items are now immediately cleared from the browser extension when a user is suspended.
We’ve fixed an issue where 1Password could get stuck in a loop of repeatedly unlocking in Safari.
We now correctly detect GitHub redirect URLs in the “Sign in with” flow.
We’ve fixed an issue where 1Password could unexpectedly reload on a new tab in Firefox.

Mac, Windows, and Linux

We’ve fixed an issue where a prompt to turn on two-factor authentication couldn’t be selected.
We’ve fixed an issue where the multi-factor authentication prompt could be missing when trying to unlock the app.
We’ve added a new developer setting to enable SDK integrations, so you can authenticate SDKs with authorization prompts from the 1Password desktop app.
If you load an empty .env file in Developer > Environments, it will now show a message saying no variables were found.
[Windows only]: 1Password now supports a wider set of custom trusted browsers.
[Windows only]: We’ve fixed an issue where the Windows Hello prompt could appear behind other windows or seem unresponsive.
[Linux only]: We’ve updated our Flatpak Freedesktop dependencies to version 25.08.

iOS, and Android

[iOS only]: We’ve fixed an issue where Secure Note text would be cut off.
[iOS only]: We’ve fixed an issue where exporting through Credential Exchange could fail for items with empty or incomplete website addresses.
[iOS only]: We’ve fixed an issue where fields were intermittently visible when switching apps on iOS 26 if “Lock on Exit” was set to “Immediately”.
[iOS only]: When a file attachment preview screen is dismissed in search results, it no longer re-appears automatically.