1Password announced on its official blog the launch of “1Password for Claude,” with the core design being a zero-exposure architecture: Claude can access credentials stored in 1Password to complete logins, but the password itself, the password vault contents, and one-time verification codes never enter the Claude model or memory.
According to the 1Password official blog, the zero-exposure architecture works as follows: when Claude needs to log into a service, 1Password first explains to the user which set of credentials it will use and why; after the user grants consent via biometric authentication such as Touch ID, 1Password directly fills the username and password into the web form, and Claude cannot see the vault contents, the password itself, or one-time verification codes (OTP) throughout the entire process.
1Password Chief Technology Officer Nancy Wang said in the statement, “We need a security model built specifically for agents, not just for humans… The answer is not to hand your secrets to an agent, but to have the user authorize the agent to ‘use’ a credential without letting the agent see it. Claude knows it used your login information, but it doesn’t need to have the password or the one-time verification code placed into its context.” Even if the action fails after submission, 1Password will clear the already-filled contents and return control to the user.
1Password Agentic Mode is a built-in new mechanism in the browser extension. Once a compatible AI agent (including Claude and other compatible agents) takes over the browser, the 1Password extension will automatically hide and lock the entire operation interface; the agent can only use the login information and one-time verification codes explicitly approved for the task at hand, and nothing else from the vault is accessible.
According to 1Password, Agentic Mode requires no additional setup to take effect; it will start even if the current task doesn’t use 1Password, and the protection scope is not limited to Claude—other compatible agents are supported as well.
According to the 1Password official blog, the current technical requirements and support scope for “1Password for Claude” are as follows:
Supported platforms: Mac version only
Version requirements: 1Password desktop app + browser extension v8.12.28 or higher
Companion apps: Claude desktop app + Claude in Chrome
Supported plans: personal, family, and enterprise
Currently supported credential types: account and password in login-type credentials, and one-time verification codes (OTP)
Not yet enabled: Passkeys, social logins, payment cards, and identity information (the official explanation says they will be added progressively after the announcement)
PYMNTS Intelligence survey data provides market context for this architecture: 56% of online shoppers are willing to let AI agents help with price comparisons, but fewer than 40% are willing to let agents touch payment credentials; the gap between these two figures is the trust gap this architecture design targets.
According to 1Password’s official explanation, the zero-exposure architecture lets Claude obtain credentials to complete logins, but the password itself, the password vault contents, and OTP are never put into the Claude model or memory. 1Password only directly fills the credentials into the web form after the user completes consent via biometrics (such as Touch ID); once the task is finished, access is immediately revoked.
According to 1Password’s official explanation, Agentic Mode is a new mechanism for the browser extension: when a compatible AI agent takes over the browser, the 1Password extension automatically hides and locks, and the agent can only use credentials explicitly approved for the task at hand. No extra setup is required for it to work; it applies to Claude and other compatible agents.
According to 1Password’s official explanation, for now it is available only on Mac. It requires 1Password v8.12.28 or higher and must be paired with the Claude desktop app and Claude in Chrome. It supports personal, family, and enterprise plans. At this stage, it handles only login-type account/password credentials and OTP. Passkeys, social logins, payment cards, and identity information have not been enabled yet; the official says they will be added progressively.
Related News
Vibe Coding sparks panic in software stocks; a tech writer responds with the “Bread Paradox”
Two Canadian provinces sign AI cooperation memorandums of understanding, with key agreements involving Meta and Claude emerging
Jesse Pollak: Base’s social strategy failed; the future will focus on transaction-payment AI agents
OpenAI Introduces GPT-Red to Strengthen GPT-5.6 Against Prompt Injection