"1Password's browser extension fills in your passwords automatically when you browse, and now the company has built a similar tool for AI bots browsing the web on your behalf, but for a very different reason. AI tools and browsers built on Claude, Gemini, and ChatGPT are increasingly using AI agents to browse the web, book tickets, and make Spotify playlists for you, and unlike your risk of forgetting a unique password, an AI bot risks remembering it and causing a breach later."
"1Password's fix for that potential risk, a new Secure Agentic Autofill feature that "injects the credentials directly into the browser if, and only if, the human approves the access." With the tool, when a browser AI agent determines that it needs login credentials, "the agent informs 1Password that a credential is being requested," 1Password says. "At that point, 1Password identifies the appropriate credentials, requests approval from the user via a human-in-the-loop workflow.""
1Password introduced Secure Agentic Autofill to prevent AI browsing agents from retaining or exposing user passwords. The feature injects credentials directly into the browser only after explicit human approval. When an AI agent requests credentials, the agent notifies 1Password, which identifies the matching credentials and prompts the user through a human-in-the-loop workflow. The user authenticates the request using local methods such as Touch ID, and the credentials are delivered via an end-to-end encrypted channel between the extension and the approving device. The AI agent and underlying LLM never see the plaintext credentials. Early access is available via Browserbase.
Read at The Verge
Unable to calculate read time
Collection
[
|
...
]