1Password has begun testing a way to access the app without the namesake password, adding an option to use the new passkey technology. The change, which uses a quick biometric check to unlock and use your password vault, helps improve the security of the widely used password manager.
The main job of the software is to create, store, sync and autofill passwords for all the apps and websites you use. Until now, its password storage vaults were protected by its own password (in combination with a secret key the first time you use 1Password on a new device). But now 1Password developer AgileBits has started a private test that will allow participants to unlock their password vaults with a passkey.
The test works on iPhones, Macs and web browsers, but it’s a private beta and testers need to create a new account to try it. Android, Windows and Linux support will come later, as well as the ability to upgrade an existing account, the company said. 1Password aims to release the technology to everyone by the end of 2023.
1Password is currently CNET’s pick for the best premium password manager. See how it compares to the competition in our guide to the best password managers of 2023.
The passkey unlock for 1Password is designed to be easier to use than passwords. By default, 1Password’s phone apps require you to retype your password every two weeks. But with a less hassle passkey authentication, you can keep your vaults locked, reducing the risks from stolen devices.
“Unlocking 1Password with a passkey offers the best of both worlds: best-in-class security paired with ultimate convenience,” AgileBits said in a blog post.
Passkeys are a newer authentication technology designed to overcome the shortcomings of password-based login. They are the prime example of products made for the “no password” era that tech companies are trying to usher in slowly.
Interested in trying it out? “We recommend that people sign up for our password-free newsletter to let them know if and when seats in this private beta become available,” the company said. If you are not a 1Password customer, you can also use passkeys on Android, iOS and web browsers with Apple and Google software without actually using 1Password.
How passkeys work
Apple, Google and Microsoft have helped make passkeys as easy to use as passwords but more secure. To use a passkey, you usually perform a face or fingerprint biometric authentication step on a device that stores the passkey. If your biometrics don’t work, you can use the fall back method to unlock the device and type your device’s passcode.
The combination of device ownership and biometric check is considered strong two-factor authentication that is more secure than passwords alone or weaker two-factor authentication measures such as login codes sent via text message.
In June, 1Password began testing the ability to store passkeys in its software and to sync passkeys across devices.
Password problems abound. Because they are hard to remember, we often reuse them on many websites and services, which increases the ability of a hacker to get a password. Password managers make it easy to create strong, unique passwords, but they can be complicated to use.
However, passkeys are not without complications. Currently, Apple can sync passkeys on Apple devices and its Safari browser, but Google syncs it with its own products. 1Password and another password manager that adds passkey support, Dashlane, add additional management responsibilities.
You can set up separate passkeys to sign in to the same site, though — for example log in to Gmail with your Android phone and with Safari on your Mac. Passkey developers are working on passkey import and export tools to alleviate those problems.
Passkeys use a technology called public key cryptography that is also used to secure countless online connections. Passkeys only work on the website or app they’re set up on, preventing fake websites from being used to trick you into sharing your login credentials.
Google has enabled passkey login for its online services such as Gmail, WorkSpace and YouTube, and its tests have shown that passkey authentication is twice as fast as password login.
Apple, too, has adopted passkeys for signing into iCloud and other Apple ID-based accounts in the upcoming iOS 17 and MacOS Sonoma.
