Hardware Passkey n of m
Hey there, guys.
Is there a way that you could have 2/3 hardware passkeys needed to decrypt an account?
This would be amazing - because it would strike the perfect balance between resilience a...
Forum Discussion
1P_Dave
Moderator
ModeratorHello bitkeeper! 👋
Thank you for the feedback about 1Password's passkey unlock beta! You can indeed store your passkey for 1Password on a hardware security key but it alone won't allow you to add your 1Password account to a new device, you'll need to also authorize the sign in using an existing trusted device.
Once a 1Password account is added to a device using a passkey, your 1Password account is decrypted not using your passkey but using a unique device key that is stored locally on your device. You can read more here: About the security of unlocking 1Password with a passkey
Usecase E.G.:2 of 3 officers are needed to unlock an account that stores crypto seed phrases / private keys for an exchange or any other extremely important secret.
That's definitely an interesting use case. Data in 1Password is primarily protected using encryption not authentication. Even if multiple passkeys were required by 1Password's user interface, the device key itself (already stored locally on the device) is used to decrypt your data.
That being said, I've shared your feedback and request with the team. 🙂
-Dave
ref: PB-40249541
