Identity
management
company
1Password
is
spinning
up
a
pair
of
new
features
that
constitute
a
major
shift
away
from
passwords
and
toward
their
low-friction
replacement:
passkeys.
On
June
6,
1Password
will
take
a
big
step
away
from
passwords
by
allowing
customers
to
save
and
sign
into
online
accounts
with
passkeys
via
the
1Password
browser
extension.
The
extension
puts
1Password
instances
in
the
log-in
fields.
It
allows
users
both
which
enables
customers
to
use
vault-linked
biometrics
to
sign
into
accounts.
In
July
2023,
the
company
will
go
further,
releasing
a
beta
that
lets
users
sign
into
their
1Password
vaults
with
a
public/private
encrypted
passkey.
Jump
to:
Tipping
point
for
passkeys
with
acceptance
by
tech
giants
and
e-commerce
platforms
The
evolution
of
identity
management
away
from
methods
requiring
memory,
lists
and,
yes,
password
managers,
got
help
last
month
from
Apple
and
Google,
which
have
paved
the
way
with
multi-device
passkey
sign-in
capabilities.
According
to
the
industry
standards
group,
the
FIDO
Alliance
companies
—
including
PayPal,
Yahoo!
Japan,
CVS
Health
and
Shopify
—
are
providing
their
customers
with
passkey
sign-ins.
SEE:
Too
many
passwords,
logins,
accounts
causing
security,
transaction
problems
(TechRepublic)
“Our
mission
is
to
help
people
safeguard
their
digital
identities
and
by
doubling
down
on
passkeys,
we’re
providing
users
with
both
greater
security
and
ease
of
use,”
said
Steve
Won,
the
chief
product
officer
of
1Password,
in
a
statement.
“Passkeys
have
reached
a
tipping
point
and
people
are
beginning
to
navigate
a
hybrid
state
of
authentication
methods.”
According
to
1Password,
with
the
new
system:
-
Passkeys
are
synced
across
devices
and
all
platforms,
and
1Password
automatically
remembers
which
websites
and
apps
users
have
signed
in
with
passkeys. -
Passkeys
can
be
shared
securely
with
other
1Password
users
by
simply
adding
them
to
a
shared
vault
or
providing
access
to
anyone
via
item
sharing. -
An
alert
on
1Password’s
Watchtower
notification
interface
informs
users
when
the
apps
and
services
they
use
start
supporting
passkeys
so
they
can
upgrade
their
logins
(Figure
A).
Figure
A
Research:
Customers
ready,
willing,
and
able
to
switch
to
passkeys
According
to
research
by
1Password,
when
consumers
were
shown
an
example
of
passkeys,
75%
said
they’d
consider
using
them.
Sixty-five
percent
of
respondents
to
the
April
2023
survey
in
which
the
study
is
based
said
they
are
open
to
technologies
that
make
life
simpler,
and
75%
stated
they
would
consider
using
passkeys.
Nineteen
percent
said
they
would
start
using
passkeys
as
soon
as
they’re
available.
FIDO
Alliance
issues
UX
guidelines
for
passkeys
For
its
part,
the
FIDO
Alliance,
of
which
1Password
is
a
board
member,
released
this
week
a
set
of
passkey
user
experience
guidelines
based
on
contributions
from
over
79
product,
design,
accessibility,
marketing
and
technical
leaders
from
31
companies,
including
1Password,
Google,
Trusona
and
U.S
Bank.
“Since
we
first
announced
the
concept
of
synced
passkeys
a
year
ago,
we’ve
seen
remarkable
market
interest
and
significant
early
adoption
as
businesses
around
the
world
accelerate
their
efforts
to
eliminate
the
threat
and
hassle
of
passwords,”
said
Andrew
Shikiar,
the
executive
director
of
FIDO
Alliance,
in
a
statement.
UX:
Three
keys
to
passkeys
The
Alliance
offered
three
principles
for
content
framing
the
passkey
user
experience,
recommendations
informed
by
content
the
group
tested
on
a
group
of
U.S.
participants
using
a
Figma
prototype
and
a
live
demo
website:
-
Pair
passkeys
language
with
wording
users
know
since
passkeys
are
a
new
concept
for
many
users. -
Use
clear
“create
account”
or
“create
passkey”
messaging
before
the
OS
dialog
and
a
confirmation
or
success
message
after. -
Use
passkey
prompts
and
information
across
multiple
areas
to
encourage
users
to
try
passkeys
at
account-related
moments
in
the
customer
journey
(Figure
B).
Figure
B
Shikiar
recently
told
TechRepublic
that
companies
like
1Password
are
very
well
positioned
to
make
the
transition
to
encrypted
keys,
in
part
because
they
inhabit
an
intermediate
zone
between
individuals
worried
about
their
digital
footprints
(link)
and
losing
control
of
personal
data,
including
logins,
to
e-commerce
platforms
that
are
perpetual
targets
for
data
exfiltration.
“A
lot
of
consumers
use
password
managers
because
they
live
in
a
multi-platform
world.
Password
managers
give
you
independent
cross-platform
implementation
and
independent
options,”
he
said.
“For
consumers,
if
they
are
comfortable
using
password
managers
today,
they’ll
be
comfortable
using
them
with
passkeys.”
He
said
the
FIDO
Alliance’s
goal
is
to
create
opportunities
by
working
on
ways
to
formalize
a
process
so
companies
like
1Password,
DashLane
and
LastPass
will
be
able
to
manage
passkeys
and
protect
important
user
credentials.
“There
are
some
950
FIDO-certified
products
for
the
enterprise
workforce
and
for
consumers.
The
benefit
of
open
standards
and
certification
around
that
is
it
creates
competition,
with
interoperable
specifications.
It
has
been
interesting
to
watch
the
vendor
ecosystem
iterate
and
innovate
and
find
ways
to
add
value
to
customers
while
also
competing
with
each
other,”
he
said.
When
will
passwords
be
past
tense?
Shikiar
does
not
see
passwords
vanishing
soon,
but
rather
coexisting
with
passkeys
at
least
over
the
course
of
the
next
three
to
four
years
as
every
major
consumer
service
online
rolls
out
passwordless
sign-in
options.
“The
next
generation
of
digital
natives?
They
may
not
even
know
passwords.
It
won’t
be
long
before
we
look
back
on
passwords
as
we
do
on
dial-in
modems,”
he
said.