SafetyDetectives
$ United States dollar
$ United States dollar Euro£ British poundAED UAE dirhamARS Argentine pesoAU$ Australian dollarBGN Bulgarian levR$ Brazilian realCA$ Canadian dollarCHF Swiss francCLP Chilean pesoCN¥ Chinese yuanCOP Colombian pesoCZK Czech korunaDKK Danish kroneEGP Egyptian poundHK$ Hong Kong dollarHUF Hungarian forintIDR Indonesian rupiah Israeli new shekelINR Indian rupee¥ Japanese yen South Korean wonMX$ Mexican pesoMYR Malaysian ringgitNOK Norwegian kroneNZ$ New Zealand dollarPLN Polish złotyRON Romanian leuRUB Russian rubleSAR Saudi riyalSEK Swedish kronaSGD Singapore dollar฿ Thai bahtTRY Turkish liraNT$ New Taiwan dollarUAH Ukrainian hryvnia Vietnamese DongZAR South African rand

1Password Solves Major Problem With Passkeys

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

Leading password manager company, 1Password, solved one of the biggest roadblocks for widespread passkey adoption.

Until now, there was no way to encrypt your passkeys in the same way that you could encrypt a password. While passkeys have several security benefits over passwords, the fact that couldn’t be encrypted left a glaring hole in their ability to keep you safe.

Let’s say you use an app that protects all of your notes with end-to-end encryption,” 1Password explains in a blog post. “That means only you have the key required to decrypt and read your notes. Historically this key would be a password. It would be used to verify who you are and decrypt your data.

“That changes with the Pseudo-Random Function (PRF) extension.”

To explain in better detail, passkeys work by using a public and private key, with the private key only ever being seen by you. 1Password employs the PRF tool to create a third key that interacts with a randomly generated value from the website you’re trying to connect to (also called a salt).

By combining the “shared secret” with a “salt”, you can essentially create encryption that applies to passkeys.

Each website will always use the same shared secret and salt, though it will be unique to each user. Even if a hacker is able to figure out certain shared secret and salt combinations, there are billions of potential combinations per website.

“A deterministic output doesn’t mean it’s predictable. The salt on its own doesn’t tell an attacker anything about the shared secret. If the attacker knows both the salt and the final shared secret, they still can’t infer anything about the secret key nor any future shared secrets should the salt change,” 1Password explains.

While this doesn’t act as traditional encryption, the end result is the same. Your information becomes unreadable and hackers can’t intercept your passkeys.

You’ll have to use passkeys stored within the 1Password vault if you want to encrypt them. This feature is currently available in the 1Password for Android (8.10.38) and browser extension beta (2.26.1) betas.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends.

Leave a Comment