Hot Take 1Password says it has a solution for AI agents leaking your passwords

lokamoka820

lokamoka820

Level 43
Thread author
Verified
Top Poster
Well-known
Mar 1, 2024
3,243
3
10,656
4,169
Banana Republic
Agentic browsing is the next big thing in AI, at least when you ask the likes of Microsoft, Google, Opera, Perplexity and others. It is an integrated AI that performs tasks on behalf of the user. From research to creating Spotify playlists or, my personal favorites, buying groceries (that's irony).
Click to expand...
While some of these tasks do not require special permissions or data, others, like making a purchase on your behalf, do. This usually requires authorization. If you want the AI to buy something from Amazon, it needs your Amazon account credentials to do just that. At other times, it may need access to API keys or one-time codes.
Click to expand...
That is seen as a problem by some, as you have to trust the maker of the AI that the artificial intelligence won't do anything problematic with the data. There is also the chance of it being retained and then stolen, if things go really wrong.
Click to expand...
1Password, maker of the password manager of the same name, announced a solution to the problem. According to the company's announcement, agentic browsers introduce a whole range of issues:
  • No single source of truth for secrets management across agentic AI and employees
  • Difficulty of revoking credentials/items, especially long-lived ones
  • Proliferation of untracked/out-of-date credential grants
Click to expand...
www.ghacks.net

1Password says it has a solution for AI agents leaking your passwords - gHacks Tech News

1Password has developed a new protocol to make agentic browsing more secure and less prone for data leaks of credentials.
www.ghacks.net www.ghacks.net
 
  • Like
Reactions: Halp2001, Wrecker4923, Sorrento and 1 other person
So why would we, anyone allow that in the first place? That does not sound good!

While some of these tasks do not require special permissions or data, others, like making a purchase on your behalf, do. This usually requires authorization. If you want the AI to buy something from Amazon, it needs your Amazon account credentials to do just that. At other times, it may need access to API keys or one-time codes.

That is seen as a problem by some, as you have to trust the maker of the AI that the artificial intelligence won't do anything problematic with the data. There is also the chance of it being retained and then stolen, if things go really wrong.
Click to expand...
 
  • Like
Reactions: Halp2001, Wrecker4923, Sorrento and 1 other person
The maker of the password manager has developed a new protocol for that very purpose.
...
The integration is only available through Browserbase.
...
Can 1Password succeed with Secure Agentic Autofill? Much depends on adoption, preferably by bigger players.
Click to expand...
All the browser platforms will likely have their own things.

Would you hand over credentials to AI agents so that they can act on your behalf?
Click to expand...
Not yet, or ever. As long as somebody can change how my system behaves by sending me hidden love letters 😏.

lokamoka820 said:
Maybe it's not up to you to allow it in the first place
Click to expand...
Adding NeuralLink to the mix, soon, grok (or others) will act on your behalf too. Tin hats have never been so attractive.
 
  • Like
  • Hundred Points
Reactions: Halp2001, Sorrento and lokamoka820

You may also like...