It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
Unable to create and save a passkey in Costco android app
I am getting the error message when trying to create a passkey in the Costco android app on my Samsung S22 Ultra phone: "Unable to save passkey. For security reasons, 1Password did not save this passkey. The associated URL for this passkey does not match the selected app."
Passkey no longer working on Boursobank
Hello, I uses passkey since 2023 on Boursobank without any issues. Since a few days, I have a error that is displayed immediately (no loading or timeout) telling me that it timed out, the website switch directly to a normal login. So I guessed there was an issue on the key itself. I tried to revoke and create a new one, but same issue. When trying to create a new passkey, 1Password display the error "The request to create a passkey timed out". The error is also immediate (no loading or anything). On the website, it displays "Enrolment has expired or been cancelled". I've tried using other passkeys I have, without any issue. It seems to only impact Boursobank. Using Firefox 138.0 + Extension on Windows 11 24H2
Private beta: Unlock 1Password with a passkey
Hello everyone! 👋 Today, I’m pleased to announce the private beta of unlocking 1Password with a passkey! This private beta is an important step as we move toward our goal of releasing this capability for everyone later in the year, and we’re extremely excited for you to test what we’ve been working on. Important call outs: You must create a new 1Password test account with a passkey using an iPhone or iPad. This should be treated as a test account, as it’s a temporary way to try an experimental feature. It’s free to set up and test for the duration of the beta period. It doesn't replace your existing 1Password account. You can add trusted devices to unlock 1Password with a passkey on iOS, macOS, and the web. Adding trusted devices is crucial to accessing your new 1Password account with a passkey on additional devices. How to get started: You should have received an email with instructions and links on how to access the private beta, but for a quick reminder – follow along here: Turn on iCloud Keychain on all of your devices and make sure you're signed in to the same iCloud account. Download TestFlight for iOS from the App Store, if you don’t already have it installed. Use the link provided in your email to join 1Password on TestFlight. Accept the 1Password invitation within the app. Visit our sign-up link provided via email to create and unlock a 1Password account with a passkey. What’s coming next? Here are the features and functionality that you’ll see in the public beta and general release of unlocking 1Password with a passkey later this year: The ability to create a new 1Password account with a passkey on other platforms – not just iOS and iPad OS. The ability to unlock 1Password with a passkey on Android, Windows, and Linux. The option to update your existing 1Password account, so it can be unlocked with a passkey. The ability to secure a 1Password account with both a passkey in addition to a traditional account password and Secret Key. The option to secure a 1Password account with multiple passkeys tied to different devices. Recovery codes that allow you to unlock 1Password in the event that you lose your passkey and other trusted devices. Our private beta is just the beginning so please keep in mind, this is an early access feature. Your feedback is crucial to helping us perfect the public version of using a passkey to access your 1Password accounts. Your questions, comments, and advice will help us shape the future of 1Password. You can also learn more about the private beta by reading our support article. On the forum, feel free to create threads anytime you have a question, concern, or just product feedback. You’ll find your fellow testers and 1Password product & engineer teams will join in. Thank you for all your support and feedback. Happy testing!
Passkey unlocked using device passcode
Hi, A silly question, maybe, regarding unlocking 1Password with a passkey. I was one of the private beta users and, while I found it very convenient, there is an aspect that worries me a lot. Probably it’s just me not understanding the details, that’s why I am asking here. In the blog post describing the introduction of passkeys to unlock 1Password (https://blog.1password.com/unlock-1password-individual-passkey-beta/) you can read: “Once you’ve created a passkey, you can unlock 1Password by using biometrics or, as a fallback, the passcode that protects your device. You can then use your first device to set up more trusted devices with 1Password.” Let’s imagine that someone has access to my iPhone and tries to get into 1Password. Biometric will not work, as his face is different from mine. With the current master password, he needs to guess a long and complex sequence of letters, numbers and special characters. Very difficult. With the passkey, he will only need to guess the passcode that protects my device. Much easier than my master password. Entropy level of the secret key of the passkey pair can be as high as possible, but if anyone can access it with the phone passcode (usually 6 digits, nobody will ever use a 26 characters random password as a phone passcode), can someone explain me how the passkey is as safe as the master password in a situation like the above? Thanks! 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not ProvidedReally like what's coming next!
I'm liking the list of features coming to passkey unlock. This helps settle some of the questions I had: The option to update your existing 1Password account, so it can be unlocked with a passkey. The ability to secure a 1Password account with both a passkey in addition to a traditional account password and Secret Key. The option to secure a 1Password account with multiple passkeys tied to different devices. Recovery codes that allow you to unlock 1Password in the event that you lose your passkey and other trusted devices. 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not Provided
Passkey saving gets interfered with Windows Hello
Hello everybody, as Passkeys get more and more supported by web services, I tried to save a passkey in 1Password on Windows 11 Pro 24H2, Build 26100.4770 and 1Password Version 8.11.2. The problem I encounter happens with both browsers on my system: Edge Browser 138.0.3351.109 and Chrome 138.0.7204.184. Both have the latest version of the 1Password browser extension installed. The website is https://www.huk.de; an insurance company. I can login to the website with my normal credentials and get the opportunity to create a passkey. When I try to save the passkey, the 1Password browser plugin prompts me to create a new entry or update my existing entry. Of course I chose the update entry option. Then 1Password tells my that it encountered a problem and instantly the Windows hello mechanism pops up and asks me to save the passkey in Windows hello. This is not what i want. Then I tried the same with my iPad and the passkey gets automatically saved as a new entry in 1Password (its the only option). I am able to login with the passkey, but the URL tied to the passkey is another than the URL for Web login: https://zugang.huk-digitale-services.de It seems that this login only works when used from my tablet, but I am not able to login under Windows in my browser. I saw a lot of discussions from other 1Password users who have problems with 1Password and Windows Hello, too. Is there a timeline, when "the normal 1Passaword user" gets a build which works without the need to participate in Windows insider and the use of the MSIX version? Any helpful answers are appreciated. Kind regards from Germany.Hardware Passkey n of m
Hey there, guys. Is there a way that you could have 2/3 hardware passkeys needed to decrypt an account? This would be amazing - because it would strike the perfect balance between resilience and security. The ability to use a hardware passkey to unlock a 1PW account is great. But it is a single factor. You could up that by using a Yubikey Bio - to combine both biometrics and ownership as factors. But both factors are still collapsed onto a single TPM. Ideally 2 keys at least. But then for added resilience, N of M would be great. Usecase E.G.: 2 of 3 officers are needed to unlock an account that stores crypto seed phrases / private keys for an exchange or any other extremely important secret. 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not Provided
Use of PRF extension
Hi, I've tried out the beta to unlock 1Password with a passkey, and it seems to work well, but I'm surprised that passkeys only serve the purpose of authentication. According to the white paper, the actual encryption key is stored on the already logged in clients, wrapped by a key provided by the server when the authentication succeeds. This is different from the way Bitwarden has released its passkey unlock beta. The encryption key is directly derived from the passkey using the FIDO2 PRF extension. This allows the use of security keys as passkeys. I know that 1Password does support physical tokens as passkeys too, but it is not of much use, since you need a trusted device to transfer the encryption key anyway, which means you can not rely on your key as a backup method. The absence of PRF also means that users can not take advantage of the passkey backup offered by Google Password Manager and iCloud Keychain. I think that the ability to set up PRF with supported authenticators would be a great addition to the system. It would allow a much more consistent experience and would probably prevent some account losses due to the recovery code not being saved (or access to the associated email being lost, e.g. because it was stored within 1Password). I know that not all platforms currently support PRF, but it is already quite widespread, as from what I have tried, at least Android, Chromium and YubiKeys do support it. Even users of unsupported browsers would benefit this feature since they could temporarily use a supported platform to regain access when needed. By the way, based on my test with Bitwarden, 1Password as an authenticator (for third-party websites) doesn't seem to support PRF. This would be a great addition too, because it's the most practical way to use zero-knowledge encryption with passkey login, so we can probably expect more and more websites to implement it. Thanks a lot for your work! Guillaume 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not Provided
