6 Sources
[1]
Claude can now use your 1Password credentials for you
1Password has launched a new browser integration for Claude that allows the Anthropic chatbot to access stored security credentials like usernames and passwords. The 1Password for Claude feature means that users can authorize Claude to complete multi-step tasks like booking travel and managing online accounts on their behalf without having to manually input their login credentials, but without actually exposing your security information to Anthropic's AI models, according to 1Password. That's made possible by a new "zero-exposure security framework" developed by 1Password, which works by injecting the required credentials for each task through a secure channel that the Claude agent can't view. That means that while the AI can be granted permission to use your stored details, it can't actually see your passwords or MFA one-time code. Claude access is granted per task, and 1Password says its users can approve or deny each request with a single biometric prompt. That's still a workflow interruption, but less of a nuisance compared to temporarily taking over to sign into accounts. As a precaution, 1Password says it also scans the page after every autofill to ensure nothing in form submissions remains exposed before returning control to Claude. "The moment an AI agent takes control of the browser, 1Password locks down automatically, limiting access to only the credentials explicitly granted for the current task," 1Password said in its press release. "Nothing else in the 1Password vault is reachable." 1Password for Claude is available now for 1Password users on Mac, across business, family, and individual plans. The 1Password desktop app and browser extensions are required to use the feature, as well as the Claude desktop app and browser extensions. You can store a wide variety of security information in 1Password's vaults, including passwords, passkeys, 2FA codes, API tokens, and personal information like your address and financial details. 1Password doesn't specify which credentials Claude will be able to access, but it appears to be limited to login-related details for now -- the company says that support for payment cards and identity details will be available sometime after launch.
[2]
1Password's new Agentic Mode lets Claude log into your accounts without seeing your credentials
Follow ZDNET: Add us as a preferred source on Google. ZDNET's key takeaways * Claude can use protected accounts without seeing credentials. * 1Password injects passwords and MFA codes outside the AI. * Agentic Mode launches first with Claude, with more agents ahead. As I've been working with Claude Cowork and ChatGPT Work, I've found real, tangible time-saving opportunities that both tools offer. While it's not possible to delegate everything to these AI agents, some tedious tasks are perfect to assign to the digital members of my team. But there's a gotcha. Most of what I do online, especially those activities that have some administrative component, is locked behind a login of some kind. Also: I let ChatGPT Work and Claude Cowork loose on my files - only one made me nervous Whether it's Stripe for managing payments, my web hosting provider, my other web hosting provider, my yet another web hosting provider, my accounting system, or even my list management app, they're all secured behind a login system. The challenge, then, is what actual actions you can take when you charge up your courage enough (or maximize your laziness or overwhelm enough) to delegate a project to an AI. How can you set an AI loose on a project without giving it complete access to your protected resources? 1Password points the way Password management giant 1Password thinks it has a solution. The company announced today that it has built an integration with Claude that allows Claude to request access to services from 1Password. The key idea here is that Claude never sees the password. Instead, Claude requests a password, 1Password offers up an authorization sheet that requires approval, and then those credentials are filled in at the desired destination site -- all without Claude ever getting access to a single password or authentication code. The company provided two examples of this access. In one, a manager uses Claude via 1Password to sift through Stripe transactions to find any red flags. In the other, an Audible user uses Claude via 1Password to find audiobooks that might prove to be a good listen. Also: Don't let an AI chatbot pick your password, ever I can certainly see the benefit of using Claude to help do some financial forensic accounting, even if I'd still be worried about letting Claude have access to my Stripe account. But looking for an audiobook recommendation? I recognize this is just a demo, but using the AI to help you use up your Audible credits seems ... unnecessary? Disappointing? Overkill? In any case, the point is that Claude never gets access to your account credentials. I was concerned about repeat access, so I asked the company, "So how do you make sure, if you let it go into Stripe once to check something, that it won't just randomly go there again? You've now just given it access to your entire income-producing section, for example." I was told, "This concern is exactly what 1Password for Claude was designed to solve. Access is granted per session, scoped to a specific task, and does not carry over. There is no standing access." It was explained to me that when Claude wants a credential, it asks for access for the one task it's currently working on. The user is asked for approval. According to the company, this can be done with biometric verification, a password, or Touch ID. YubiKey is generally supported in 1Password, but it's not yet available for this application, although I'm told that it's planned. Upon completion of the task, authorization ends. The company told me, "If the agent goes back to Stripe a second time, it cannot simply reuse the earlier permission. It has to request access again, and the user has to approve it again." Also: I gave Claude Cowork 7 non-coding jobs, and it earned a spot in my toolbox That might be a bit optimistic. Many sites grant ongoing access via cookies or other means once access has been secured. In practice, the session is likely to persist the way any browser session would after a sign-in. From the release, this workflow didn't seem entirely complete, so I asked for more clarification. I was unofficially told that the need for reauthentication applies as long as you log out at the end of the first session. The key to this would be prompting Claude with something like, "Log in to Stripe, give me my current revenue, and log out when you're done." At that point, if you do need to be logged in again, you would receive a new authorization prompt. Claude won't simply reuse the earlier permission. That said, Claude won't return to the site on its own. 1Password says Claude will only return with clear instructions from the user. Technically, this access is supported by 1Password's new Agentic Mode, which "activates automatically the moment a recognized AI agent takes control of the browser." 1Password says that when Agentic Mode is on, the agent can only reach those credentials specifically granted for the current task. No other vault-stored passwords are available through the browser. I was told, "So, to answer your question directly: granting access once to check something in Stripe does not open the door to your vault. It opens a window for one specific task, and 1Password closes it when that task is done. And throughout that entire task, Claude never sees the credential itself. The password and the MFA one-time code are injected directly into the page by 1Password through a secure channel, outside the agent's view. They never reach the model, Claude's context, or Anthropic's systems at any point." Availability According to the company, Agentic Mode will be available to all 1Password users as of today. I was told, "While credential [controls] will be available on day one, future support for payment cards and identity details in 1Password will be available after launch." The company also says, "Agentic Mode activates automatically and runs quietly in the background. Users can see when it is active directly in the 1Password browser extension, with the option to cancel it at any time. Starting with Claude, the underlying framework is designed to extend to any browser-based agent or platform as the ecosystem grows." Also: 5 security tactics your business can't get wrong in the age of AI - and why they're critical Random factoid: Superhero actors Robert Downey Jr. (Iron Man) and Ryan Reynolds (who played Deadpool and the Green Lantern, but we won't hold that against him) are investors in 1Password. Would you trust Claude to access your Stripe account through 1Password? Let us know in the comments below. You can follow my day-to-day project updates on social media. Be sure to subscribe to my weekly update newsletter, and follow me on Twitter/X at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, on Bluesky at @DavidGewirtz.com, and on YouTube at YouTube.com/DavidGewirtzTV.
[3]
You can now grant Claude access to your 1Password credentials - Engadget
1Password promises your login information will never interact with Anthropic's AI, or its servers. If you like putting Claude's AI agents to work on personal chores but are concerned about giving them access to your credentials, there's a new solution available. 1Password just announced 1Password for Claude, a new feature on its browser extension that lets Claude use your credentials, but blocks your private info from reaching the model, its memory or Anthropic's systems. "Users can now authorize Claude to complete real-world tasks like booking travel and managing accounts securely with credentials injected directly to the target system on their behalf," 1Password explains. Security has emerged as a big issue when using agents to complete tasks on your behalf. Sharing credentials directly with an agent exposes them to the model, its memory and the systems behind it, which can pose a risk if the model gets hacked. To solve that problem, 1Password built a "zero-exposure security framework" that allows agents to use stored credentials from your 1Password vault without them reaching the model. Access is granted per session, limited to specific, approved items and not carried over. Since passwords and one-time MFA codes are injected through a secure channel managed by 1Password, they stay outside the model. At the same time, 1Password allows authenticated multi-site sessions to complete multi-step workflows without prompting the user for credentials at each step. For extra security, 1Password locks down when an AI agent takes control of your browers, limiting access to only the credentials explicitly granted for the current task. Finally, 1Password also scans pages after every autofill to ensure no secrets remain exposed. Along with the Claude integration, 1Password introduced a new Agentic Mode for all 1Password users that will safeguards credentials against active agents. When it detects one, 1Password locks down, so the agent can only find passwords explicitly granted for the current task. Users will also see that this security feature is active directly in the 1Password browser extension. This will only work with Claude at first, but will expand to other agents "as the ecosystem grows," 1Password said. 1Password for Claude is now available to 1Password users on Mac for business, family and individual plans. Getting started requires the 1Password desktop app and browser extensions, plus the Claude desktop app and browser extensions. "Future support for payment cards and identity details will be available after launch," according to 1Password.
[4]
1Password now lets Claude sign in to websites without seeing your passwords
1Password is launching a new Claude integration for Mac users today. It's designed to let Anthropic's AI agent sign in to websites without seeing your password or two-factor authentication code. 1Password for Claude arrives on Mac, here's how it works 1Password for Claude lets you authorize Claude to complete browser-based tasks that require an account login. This is useful for things like booking travel or managing online accounts. According to 1Password, approved credentials are delivered through a secure channel and injected directly into the destination page. The password, one-time code, and other secrets never enter Claude's context, memory, or Anthropic's systems. Instead of granting ongoing access to a vault, Claude requests the specific login items it needs for a task. The user can approve or deny that request with a biometric prompt, and the permission lasts only for the current session. 1Password can also broker access across multiple websites during the same task, allowing Claude to complete a multi-step workflow without stopping for a new login each time. 1Password Agentic Mode The launch also introduces what 1Password calls Agentic Mode. When a compatible AI agent takes control of the browser, the 1Password extension automatically locks down the vault so that only the credentials explicitly approved for that task remain available. Users can see when the mode is active and cancel it at any time. 1Password says it also analyzes the page after each autofill. If a form submission fails, any filled values are wiped before control returns to the agent. Availability 1Password for Claude is available now to Mac users on business, family, and individual plans. It requires the 1Password desktop app and browser extension, along with the Claude desktop app and browser extension. Support for payment cards and identity information is planned for a later update. The Anthropic partnership was first outlined in March, when 1Password said Claude would gain consent-based access to vault items. This release turns that plan into a shipping Mac feature, while laying the groundwork for similar integrations with other browser-based AI agents. With iOS 27 and macOS 27, Apple has its own modest password reset feature that uses AI behind the scenes as well. You can learn more about 1Password's new Claude integration here.
[5]
1Password brings secure credential access to Anthropic's Claude
1Password brings secure credential access to Anthropic's Claude Identity security company 1Password today launched 1Password for Claude, a browser integration that lets Anthropic PBC's Claude use a person's stored logins to complete online tasks without those credentials ever reaching the artificial intelligence model. The tool targets a problem that has grown as AI agents begin acting on people's behalf. To let an agent sign in somewhere, users have generally had to paste credentials straight into the agent's context, where the model can read them. The other option was stopping to authenticate by hand at every step. 1Password for Claude drops that tradeoff. Credentials are injected into the target site through a secure channel that 1Password controls, and the password and any multifactor onetime code stay outside the model, its memory and Anthropic's systems. Access is granted per session and scoped to a set of approved items. It does not carry into other sessions and it leaves no standing access behind. Claude requests the credentials it needs for a given task and the user approves or denies each request with a single biometric prompt. "We need a new security model that is purpose-built for agents, not just humans," Chief Technology Officer Nancy Wang said in the announcement. "The answer isn't handing agents your secrets. It is to let a user give an agent permission to use a credential without letting the agent see it." The integration runs on what 1Password calls a zero-exposure security framework. Alongside it, the company is introducing a feature called Agentic Mode for all users. The moment a compatible agent takes control of the browser, the vault locks down. Only the credentials granted for the current task stay reachable. Nothing else is accessible. Agentic Mode turns itself on and stays active while an agent works. Users can see it running in the 1Password browser extension and switch it off whenever they want. Two other features fill out the release. 1Password brokers credential access across multiple sites inside one task, so Claude can move through multistep workflows without asking for logins again. It also scans each page after every autofill and wipes any filled values if a form submission fails, cutting off a common way for secrets to linger on screen. 1Password says Agentic Mode starts with Claude and is built to extend to other browser-based agents as the market grows. 1Password for Claude is available now to 1Password users on Mac across business, family and individual plans. It requires the 1Password desktop app and browser extensions along with the Claude desktop app and browser extensions. Support for payment cards and personal details such as names and addresses is due after launch. The company's enterprise vault holds more than 1.5 billion credentials and secrets and is used by more than 1 million developers and 180,000 businesses, including Figma Inc., GitHub Inc., MongoDB Inc., Notion Labs Inc., Perplexity AI Inc., Salesforce Inc. and Stripe Inc.
[6]
1Password And Anthropic Bring Secure Credential Access To Claude
1Password announced 1Password for Claude, the first browser integration that gives Claude access to stored credentials without those credentials ever reaching the model, its memory, or Anthropic's systems. The launch marks a critical new step in securing agents that do real work. It gives them the access they need to complete tasks while keeping people in control of which credentials are used, when, and for what purpose. Users can now authorize Claude to complete real-world tasks like booking travel and managing accounts securely with credentials injected directly to the target system on their behalf. As AI agents increasingly act on behalf of people, the new security question isn?t whether an agent can complete a task, but which identity it uses, what it can access, and whether the user can prove what happened. Sharing credentials directly with the agent exposes them to the model, its memory, and the systems behind it. Requiring a human-in-the-middle to authenticate at each step limits agent productivity, forcing workflows to start, stop, and wait for manual intervention. 1Password for Claude is built for that shift. Trusted Credential Access Framework for AI Agents. Until now, giving an AI agent access to credentials in a browser meant passing them as plain text into the agent's context, where they were directly accessible to the model. 1Password built a zero-exposure security framework that allows agents to use stored credentials in the 1Password vault without them ever reaching the model. Rather than forcing users to choose between sharing their credentials or manually authenticating, it gives agents exactly what they need, scoped to the task, with multiple layers of protection that ensure secrets remain encrypted until the moment they are injected into the page by 1Password. Access is granted per session and scoped to a specific set of approved items. That authorization does not carry over to other sessions, eliminating standing access. 1Password for Claude is the first integration built on it. Key capabilities include: Per-task, user-approved access: Claude requests the credentials required for each task from 1Password, and users approve or deny access with a single biometric prompt, eliminating standing access or persistent sessions. Credentials stay outside the model: Credentials are injected through a secure channel managed by 1Password, outside the agent's view. The password and the MFA one-time code are never accessible to the model, its context, or Anthropic's systems. Agentic Mode: The moment an AI agent takes control of the browser, 1Password locks down automatically, limiting access to only the credentials explicitly granted for the current task. Nothing else in the 1Password vault is reachable. Authenticated multi-site sessions: 1Password brokers credential access across multiple sites within a single task, so Claude can complete multi-step workflows without prompting the user for credentials at each step. Continuous field analysis: 1Password scans the page after every autofill to ensure no secrets remain exposed. If a form submission fails, it wipes any filled values before returning control to the agent. Automatic Vault Lockdown with Agentic Mode. Alongside the Claude integration, 1Password is introducing Agentic Mode for all 1Password users. When a compatible AI agent takes control of the browser, 1Password locks down. The only credentials the agent can reach are those the user has explicitly granted for the current task. Nothing else in the vault is accessible through the browser. Agentic Mode activates automatically and runs quietly in the background. Users can see when it is active directly in the 1Password browser extension, with the option to cancel it at any time. Starting with Claude, the underlying framework is designed to extend to any browser-based agent or platform as the ecosystem grows. For 1Password, this represents a natural expansion from managing people's credentials to governing AI agent access on their behalf. 1Password for Claude is now available to 1Password users on Mac, across business, family, and individual plans. Getting started requires the 1Password desktop app and browser extensions, as well as the Claude desktop app and browser extensions. Future support for payment cards and identity details will be available after launch.
Share
Copy Link
1Password launched a browser integration that allows Claude to complete tasks requiring logins without exposing credentials to Anthropic's AI. The zero-exposure security framework injects passwords through a secure channel that Claude cannot view, while a new Agentic Mode locks down vaults when AI agents take control. Access is granted per session with biometric approval.
1Password has launched a browser integration for Claude that fundamentally changes how AI agents handle authentication. The new 1Password for Claude feature allows Anthropic's chatbot to complete multi-step tasks like booking travel and managing online accounts without users manually inputting login credentials—and crucially, without the AI agent ever seeing those passwords
1
. This addresses a growing security concern as AI agents increasingly act on behalf of users across protected online services.
Source: 9to5Mac
The integration is now available to Mac users across business, family, and individual plans, requiring both the 1Password desktop app and browser extensions alongside the Claude desktop app and browser extensions
4
. The identity security company serves more than 1 million developers and 180,000 businesses, with its enterprise vault holding over 1.5 billion credentials and secrets5
.The breakthrough lies in what 1Password calls a zero-exposure security framework. When Claude needs to sign in to websites without seeing passwords, the system injects required credentials through a secure channel that the AI agent cannot view
3
. This means passwords, MFA codes, and other secrets never enter Claude's context, memory, or Anthropic's systems. "The answer isn't handing agents your secrets. It is to let a user give an agent permission to use a credential without letting the agent see it," explained Chief Technology Officer Nancy Wang5
.
Source: Engadget
Credential access is granted per session and scoped to specific approved items. Access does not carry over between sessions, eliminating standing access that could pose security risks
2
. Claude requests the specific login items it needs for a task, and users approve or deny each request with a single biometric authentication prompt1
. While this represents a workflow interruption, it's less disruptive than manually taking over to log into accounts.Alongside the Claude integration, 1Password introduced Agentic Mode for all users. This AI-specific security model activates automatically when a recognized AI agent takes control of the browser
3
. The moment an AI agent assumes control, 1Password locks down automatically, limiting credential access to only those explicitly granted for the current task. "Nothing else in the 1Password vault is reachable," the company stated1
.Users can see when Agentic Mode is active directly in the browser extension and cancel it at any time
4
. The feature starts with Claude but is designed to extend to other browser-based agents as the ecosystem grows5
. This consent-based access model represents a shift in how identity security companies are adapting to the agent era.Related Stories
One practical advantage of the integration is 1Password's ability to broker credential access across multiple websites during the same task. This allows Claude to complete multi-step workflows without stopping for a new login each time
4
. For instance, a manager could use Claude via 1Password to sift through Stripe transactions looking for red flags, with the AI agent moving through different sections without repeated authentication2
.As an additional precaution, 1Password scans the page after every autofill to ensure nothing in form submissions remains exposed before returning control to Claude
1
. If a form submission fails, any filled values are wiped before the agent regains control. This addresses a common way for secrets to linger on screen and potentially become exposed.The partnership between 1Password and Anthropic, first outlined in March, signals how infrastructure providers are building the security foundations needed for broader AI agent adoption
4
. Currently, users can store passwords, passkeys, 2FA codes, API tokens, and personal information like addresses and financial details in 1Password's vaults. For now, Claude can only access login-related credentials, with support for payment cards and identity details planned for after launch1
.
Source: ZDNet
The question facing users is whether this security model adequately addresses the risks of letting AI agents handle sensitive account access. While credentials remain hidden from the model, authenticated sessions may persist through cookies and other mechanisms typical of any browser session after sign-in
2
. Users concerned about repeat access should explicitly prompt Claude to log out after completing tasks. As AI agents become more capable of handling administrative work, the tension between convenience and security will likely shape how quickly these tools move from early adopters to mainstream use.Summarized by
Navi
[2]
[5]
08 Oct 2025•Technology

17 Mar 2026•Technology

22 Apr 2025•Technology

1
Technology

2
Policy and Regulation

3
Business and Economy
