1Password users can now preview passwordless sign-on technology - The Verge
source link: https://www.theverge.com/2023/6/6/23750908/1password-public-passkey-beta-release-password-security
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
1Password launches its public passkey beta
/The public 1Password passkey beta for web browsers allows users to replace passwords on supported websites with their device’s own authentication.
By Jess Weatherbed, a news writer focused on creative industries, computing, and internet culture. Jess started her career at TechRadar, covering news and hardware reviews.
Share this story
If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.
:format(webp)/cdn.vox-cdn.com/uploads/chorus_asset/file/24706500/1Password_passkey_head.jpg)
After several months of teasing, password manager 1Password has now launched its public beta for passkeys — a new login technology that allows users to replace passwords with authentication systems built into their devices. From today, 1Password users can now create, store, and share passkeys for supported websites by installing the 1Password beta browser extension for Chrome, Edge, Safari, Firefox, or Brave.
What are passkeys?
Passkeys are a new type of passwordless login technology developed by the FIDO Alliance, whose members include tech giants like Apple, Microsoft, and Google, that’s designed to provide better security and convenience compared to traditional passwords and user verification methods like 2FA or SMS.
Passkeys allow users to replace traditional passwords when logging into websites and services with their device’s own authentication methods. That way you can sign in to Gmail, PayPal, or iCloud just by activating Face ID on your iPhone, your Android phone’s fingerprint sensor, or with Windows Hello on a PC.
Built upon an API called WebAuthn (or Web Authentication), two different keys are generated when you create a passkey: a public key which is stored by the website or service on which you’re creating an account, and a private key which is stored on the device you’ll use to verify your identity.
Both of these keys must match to sign the user into their account. That means passkeys provide greater security than passwords in two ways. There’s no fixed password sequence for someone to guess or steal, and phishing attacks are harder to pull off because it uses your phone or laptop’s security to make sure you’re logging into a legitimate site.
Of course, if passkeys are stored on your device, what happens if it gets broken or lost? Since passkeys work across multiple devices, you may have a backup available. Many services that support passkeys will also reauthenticate to your phone number or email address or a hardware security key if you have one. Meanwhile, other services like Gmail won’t let you completely remove the password from your account yet, just in case.
The hope is that passkeys will eventually replace passwords entirely. Several platforms already support the feature, including Apple and Google’s password vaults, and password managers like 1Password and Dashlane. There aren’t many services where passkeys can actually be used yet, however, with Best Buy and PayPal as notable early adopters, but third-party services need to integrate their own support. If you want to stay up to date then 1Password has created an online directory listing services that allow users to sign in using a passkey.
Passkeys can only be created for websites and services that have rolled out their own support. 1Password is keeping a directory of platforms where passkeys can already be used, in addition to a new tab where users can vote on which sites and services they’d like to see passkey support. This doesn’t guarantee that those platforms will actually add passkey support, but perhaps it’ll motivate some companies to develop the feature if they see enough demand. Alternatively, 1Password also has a feature called Watchtower that keeps tabs on your existing accounts and notifies you when passkey support becomes available.
Today’s release doesn’t include all of the passkey features coming to 1Password, however. Passkey support on mobile is still unavailable, as it’s still being developed for 1Password’s iOS and Android mobile apps, for example. You also can’t replace your 1Password master password with a passkey just yet, either, but that feature is currently expected to launch next month.
1Password claims it provides a superior passkey experience compared to offerings like Google Password Manager or Apple’s passkey support (which relies on the iCloud Keychain to sync passkeys across Apple devices) because those services only synchronize access on devices within the same ecosystem. You can still create passkeys for the same account on devices in different ecosystems; it just might mean doing it more than once. By comparison, 1Password’s Universal Sign On feature supports multiple platforms and devices with cross-platform syncing.
While 1Password’s goal is to eventually move away from passwords entirely, the platform isn’t ditching them just yet. It’s expected that passkeys will eventually become the new standard for login technology, but widespread adoption is going to take some time. Rival password managers like Dashlane have similarly announced support for passkey technology in the face of becoming obsolete as passwords are phased out.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK