'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
1Password is saying goodbye to passwords in favor of passkeys. Here's why
Password manager provider 1Password has announced that it will allow users to abandon passwords in favor of passkeys as the company pushes towards a passwordless future.
A passkey offers an alternative to passwords by storing a unique digital key on your device, perhaps on your smartphone, a laptop, or something else.
Also: The 6 best password managers: Easily maintain all your logins
The passkey requires you to be actively in possession of your device to access online accounts tied to the passkey, making it much harder for cyber criminals to remotely steal your usernames and passwords with phishing or malware attacks.
Password theft is still one of the most common and problematic kinds of cyberattack and one that is often the starting point for major cybersecurity incidents, both for individual people and whole businesses.
Security
"Instead of playing whack-a-mole with passwords, why not eliminate that avenue of attack outright? That's our mission. It's why we're at the forefront of passwordless advocacy, and why we've committed to adding full support to 1Password for generating, managing, and using passkeys," Steve Won, chief product officer at 1Password wrote in a blog post.
So, from later this year, users will be able to use a passkey to unlock their 1Password password manager, rather than using a password.
This approach helps bring an additional layer of security to passwords, because while using a password manager is highly recommended for improving online security, they're still ultimately protected by a password -- and it's possible to breach a password.
That means, if an attacker stole or guessed the password for your password manager, they could potentially gain access to all the accounts it holds passwords for. But for 1Password users, that won't have to be the case soon, because they will be able to switch to a passkey instead, preventing unauthorised intruders from accessing the 1Password account.
"We're incredibly excited to announce that, starting this summer, you'll have the option to create and unlock your 1Password account using only a passkey! No passwords required," said Won.
Also: How to protect and secure your password manager
While 1Password does currently offer the ability to unlock accounts with biometrics, the company points out that they don't replace the password, they only mask it -- which is why the application occasionally asks for the password; to make sure you still have it.
1Password also notes that it might sound counterintuitive to not use passwords -- after all, not using a password sounds like it will allow anyone to gain access to the account, no matter what. But the reason a password isn't required is because the unique passkey is stored on your device.
"Unlike user-created passwords, passkeys are strong and unique by default. They're generated and stored on your devices, and they're never shared with our cloud service," said Won.
1Password aims to start introducing the passkey feature in "early 2023", starting with a browser extension and desktop apps, with mobile support to follow.
MORE ON CYBERSECURITY
- You're definitely not making the most of your password manager
- We're all still using the same passwords, even after they've been breached
- Phishing attacks are easy for criminals. This is how expensive they could be for you
- What is Security Keys for Apple ID and why does it matter?
- A security researcher easily found my passwords and more: How my digital footprints left me surprisingly over-exposed