1Password passkey integration balloons to the millions in just over a year

Your accounts, savings, personal details, and entire identity are only as secure as your login details. Carefully developed password managers like 1Password aim to not only reduce the burden of remembering credentials for various sites and services, but also employ the most advanced technology to keep users safe.

Since 1Password’s 2023 passkey introduction, nearly a third of accounts have adopted at least one passkey. On a positive, forward-looking note, the overwhelming majority of passkeys are associated with personal accounts, which means real people are taking security seriously, and not just being forced to by corporate policy. Here’s the skinny.

Why passkeys are the future

And how passwords could someday become obsolete

Most users create passwords they can easily remember. But our brains can only keep tabs on a certain number of phrases, dates, and combinations of characters. Writing credentials on physical sticky notes introduces a major security and reliability risk, and reusing passwords across sites is arguably worse.

Related

What is a passkey, and how is it different from a password?

Passkeys and their speedy encryption are already starting to replace passwords: Here are the big differences

Passkeys exist so you don’t have to remember, or make up something else memorable when there’s a security breach or long-term credential timeout. Instead of a phrase you won’t forget, passkeys consist of computer-generated strings that a computer can’t forget. Rather than simply match with the username and password a service has on file, they link to similar, cryptographically designed keys on the server side.

Naturally, computer-generated passkeys require a computer to keep them straight. 1Password is far from the only password manager, but it was one of the first to see widespread use, and hasn’t looked back. Here are some promising stats from the service’s year-plus of passkey support.

• 1Password now stores over 4 million passkeys, with over 15 million instances of quick, easy passkey autofills.
• Nearly 30% of 1Password users now store at least one passkey.
• Almost three-quarters of those passkey users are personal accounts, rather than business.
• Over 200 services now support passkey login.

Source: 1Password

Let’s look at some takeaways. Widespread use of passkeys exploded in late 2022, partly thanks to their introduction in Apple’s iOS 16. Considering how resistant people are to change, and how long internet users have spent making up new passwords and resetting forgotten ones, nobody expected instantaneous adoption. These numbers from 1Password offer encouraging confirmation that people are still waking up to the realities of digital security.

Why else are passkeys safer than passwords?

If 1Password notices you’re using a password on a passkey-supported site, it makes the switchover painless.

Other than eliminating the need for memorable passwords, passkeys ensure security by disguising their nature from potential hackers. A service like 1Password stores keys securely using dual-key encryption, meaning nothing can decipher them during transmission, and no one with server access can read them.

Related

How to create passkeys in the 1Password app

Start your password-free experience with 1Password’s passkeys

An encrypted pool of passkeys makes all the difference. If a hacker steals a site’s credentials database, they at least know everything is a username and password for that site. Even in the extremely unlikely event a bad actor accesses a secure, encrypted server, the resulting keys could be for anything — your primary investment account, or your recurring antiperspirant subscription. Even the metadata is encrypted, adding multiple levels of protection.

1Password joined the FIDO Alliance, an open industry working group, to stay at the forefront of passkey integration just before the current, massive push began for their adoption. FIDO’s main focus is on easing passkey use and ensuring their effectiveness, without necessarily relying on durable, physical security keys for long-term protection.

We’ll be speaking with Anna Pobletts, longtime cryptography and security professional and current head of 1Password’s passwordless department, soon. We’re excited to dig into the pros, cons, and ongoing developments behind passkeys, and how 1Password has managed passkeys and enabled their streamlined use since bringing them to Android in March 2024. Stay tuned for what’s sure to be another thought-provoking Android Police interview.

Related

The end goal isn’t to have zero passwords, says Bitwarden’s passkey expert

In our interview, passwordless.dev lead Anders Åberg explains how passkeys will change the future of authentication