1Password Passkey Tutorial | How to Use Passkeys in 1Password

Поделиться
HTML-код
  • Опубликовано: 29 сен 2024
  • НаукаНаука

Комментарии • 48

  • @JadeSambrook
    @JadeSambrook 2 месяца назад +1

    Thank you for the great and helpful video. A couple questions though: if I was originally using a password to login to my Google account and that password is stored in 1Password, once I create the passkey for Google in 1Password do I delete the password or do I need to keep it just in case? In other words, is it redundant to have a passkey and a password? Or does it weaken security in any way to have both?
    And the second question: if I set up a passkey in my 1Password, can I also set up a passkey on my Yubikeys for the same account (i.e., Google) in case the device I am using does not have 1Password installed on it or in case I ever lose access to my 1Password account?

  • @JazzzzzyG
    @JazzzzzyG 9 месяцев назад +5

    This is hands down one of the best tech tutorials I've ever watched, on any topic. Subscribed. Thanks Jason!

    • @teachmecyber
      @teachmecyber  9 месяцев назад

      Thanks for the feedback! Glad it was helpful for you.

  • @Lemmiiiiii
    @Lemmiiiiii 5 месяцев назад +1

    I think I start to get the idea of passkeys, however one thing I still do not understand, to me it seems like passkeys are kinda inconvenient compared to the conventional password/user. it may be great for desktop only usage but in todays world with Phones, tables etc to my understanding they don´t corporate? Meaning if you set up a passkey for a website, it´s only for that website, apps etc would need another passkey or am I wrong?

  • @MayureshKadu
    @MayureshKadu 4 месяца назад +1

    As a long time 1password user - I found this a decent summary. Nicely done!

  • @rodrigoaraujo7323
    @rodrigoaraujo7323 13 дней назад

    I cant use that on Android

  • @jasekdominik
    @jasekdominik 11 месяцев назад +2

    So private key is not stored on the actual device, but rather on 1Password cloud instead?
    Is it true also for other password managers like icloud Keychain or Google Password Manager?
    I am little confused, because I read that private keys are always stored on a physical device 🤔

    • @teachmecyber
      @teachmecyber  11 месяцев назад +1

      For device bound passkeys, they are always stored on a physical device like your phone, computer, desktop, etc. For synced passkeys, the private key is stored in the cloud where it can then be synced to other devices. This is what icloud and Google Password Manager do.
      1Passwords implementation is more in line with synced passkeys. The passkeys you create with 1Password are stored in your vault. So that will be stored in the 1Password cloud as well as in a local copy of your vault.

    • @StijnHommes
      @StijnHommes 10 месяцев назад

      @@teachmecyber The only password Google is getting is the password for my Google account. What makes them think my passkeys would be any different?
      This vendor lock-in should NOT extend to authentication. 1Password, LastPass and Dashlane don't get anything from me at all.

  • @paulreilly4510
    @paulreilly4510 7 месяцев назад +1

    Thanks for a very good tutorial Jason. I have avoided going too far into passkeys for two reasons. 1st, confusion about passkeys in 1password vs passkeys in iCloud Keychain. I accept that 1password is more secure but I still wonder if there is a wall between the two systems? Are there any cases where using one is better than the other? 2nd, how about a passkey for a site like Google? I just watched your tutorial on RUclips on my Mac. If I change my Google credentials to a passkey in 1password what is going to happen when I open the RUclips app on an AppleTV? Will I have to authenticated using an iPhone? Is this a case where saving a passkey in iCloud Keychain is preferable because of the AppleTV that is tied to iCloud?

    • @teachmecyber
      @teachmecyber  7 месяцев назад

      The biggest difference between the two is going to be ease of use (e.g. how easily can you access 1Password vs keychain) and security on those (1Password is more secure because of the amount of info you need to access it, which also makes it harder initially to get set up on multiple devices).
      In your RUclips example, it's likely going to prompt you on your phone which you can access either your keychain or 1password.
      Keep in mind that you can configure multiple forms of MFA. So while you want to use passkeys where you can, it isn't going to be supported everywhere. So you can always fall back to another form of MFA (like the authenticator app).

  • @usmanzubair3479
    @usmanzubair3479 10 месяцев назад +1

    (Android) In my vault it shows passkeys available and when i click on that and go to Chrome set up my account it doesn't save the passkey into 1password, it's still showing me the popup

    • @teachmecyber
      @teachmecyber  10 месяцев назад

      Have you disabled Google password manager?

  • @miner3993
    @miner3993 10 месяцев назад +1

    Great stuff Thanks 1 quick question , Would I be about to use a Security Key C NFC The YubiKey 5 C NFC to create passkeys for my APPs and Websites? Or do I need to get The YubiKey 5 C NFC. What would be the reason way I would want to get The YubiKey 5 C NFC over the Security Key C NFC

    • @teachmecyber
      @teachmecyber  10 месяцев назад +1

      Both will be able to create passkeys for any online app / website that supports passkeys. The main difference between the two just comes down to features and supported connectors. The yubikey has much more but most of them you likely will never use.
      A full breakdown of comparisons is here:
      www.yubico.com/store/compare/?gad_source=1&gclid=CjwKCAiA04arBhAkEiwAuNOsIioh1abLX857kr5RWWomzuizlKhg4OkvnpDNXPFpxozmNDhTMPsd5RoCs8oQAvD_BwE

  • @PureRiff
    @PureRiff 6 месяцев назад +1

    Does Bitwarden or 1password handle passkeys better?

    • @teachmecyber
      @teachmecyber  6 месяцев назад +1

      I like 1Password better for passkeys

  • @steverosenblum823
    @steverosenblum823 11 месяцев назад +1

    My main hesitation about adopting biometric passkeys is what happens after I die? How will my designated family member get access to my accounts if they can't use my fingerprint or face? Thanks!

    • @teachmecyber
      @teachmecyber  11 месяцев назад +1

      You can set up 1Password with a physical yubikey as a backup. With your emergency kit and the yubikey, your family would have access. Separately, you can follow the steps in this guide to set up a family recovery plan
      support.1password.com/family-recovery-plan

    • @JohnSmith-zl8rz
      @JohnSmith-zl8rz 8 месяцев назад

      Actually I hate and do not trust on biometrics for that reason and some others, like be attacked and force to login.

  • @michaeleichner7522
    @michaeleichner7522 9 месяцев назад +1

    Great video. I have a few questions.
    1. Am I correct that if 1Password DIDN’T synch passkeys that I would need to set up a different passkey for each of my devices within 1Password for a specific website?
    2. If I set up a passkey for a website and my fingerprint scanner breaks will I be able to log in using username and password?
    3. If I use a Yubikey to secure 1Password wouldn’t it make sense to use the Yubikey for all the sites I log into instead of using 1Password and passkeys?
    Thanks

    • @teachmecyber
      @teachmecyber  9 месяцев назад +3

      1. That's correct. If 1Password did not sync the passkey, you would need to set up a passkey for every device you would to use to authenticate to the website. This is the convenience tradeoff for synced vs device bound passkeys.
      2. For almost every website today, you still need to have a username / password first and then set up the passkey. So the username / password (and other MFA methods) can be a fall back method.
      3. The tech behind the Yubikey and passkeys are are the same, just a different device. E.g. the yubikey can be considered just another device you use with passkeys. You can certainly approach it the way you said (e.g. using Yubikey for every website). It would be more secure because it's a device bound passkey but you lose the convenience factor. All a personal choice.

    • @michaeleichner7522
      @michaeleichner7522 9 месяцев назад +2

      @@teachmecyber Thanks so much for getting back to me. And thanks for the clear well thought out explanations.

    • @explorergal91
      @explorergal91 2 месяца назад

      If you still have to have a username and password for most sites as a back up, then can’t they still be hacked by that method?

  • @mikewright9547
    @mikewright9547 11 месяцев назад +1

    Thanks great video I’m going to tackle this today.

    • @teachmecyber
      @teachmecyber  11 месяцев назад

      Great to hear that! Let me know how it goes!

  • @jfhjr5097
    @jfhjr5097 10 месяцев назад +1

    This guy is really cute.

  • @MichaelToub
    @MichaelToub 5 месяцев назад

    Great Video!

  • @stevetanaka4753
    @stevetanaka4753 11 месяцев назад +1

    Momo Misawa