Password manager 1Password has launched a new integration that lets Anthropic’s Claude AI assistant sign in to websites and complete authenticated tasks without exposing passwords or one-time authentication codes.
The feature, called 1Password for Claude, is designed for the growing era of agentic AI, where assistants can browse websites, complete forms, manage accounts and make decisions for users. The challenge has been giving AI agents enough access to perform tasks while preventing them from becoming a security risk.
How the credential-protected access system works
Instead of handing Claude a password, 1Password keeps credentials inside its encrypted vault and acts as a secure middle layer.
When Claude needs to sign into a website, 1Password shows the user which saved credential is being requested and why. The user must approve the request through biometric authentication, such as Touch ID, before 1Password fills in the login details directly on the website.
Claude can complete the task, but it never receives the actual password, saved login item or one-time passcode. The credentials also do not enter Claude’s memory, model context or Anthropic’s systems.
1Password describes the system as a “zero-exposure architecture,” saying credentials are available only for the duration of an approved task. After filling in credentials, 1Password checks whether any sensitive information was accidentally exposed on the page. If a submission fails, it clears the entered details before returning control to Claude.
Agentic mode adds extra protection
Alongside the Claude integration, 1Password introduced Agentic Mode, a security feature designed for situations where AI agents control a browser.
When a compatible AI agent takes over, the 1Password browser extension automatically locks down. The AI can only access credentials that were specifically approved for that task, while the rest of the password vault remains unavailable.
“The rest of the vault stays out of reach.” 1Password wrote in its announcement. The company said Agentic Mode will also work beyond Claude as more AI agents become capable of controlling browsers.
Must-read security coverage
- UK Police Convicts Pair in £5.5 Billion Bitcoin Launder Case
- Blackpoint Cyber vs. Arctic Wolf: Which MDR Solution is Right for You?
- How GitHub Is Securing the Software Supply Chain
- 8 Best Enterprise Password Managers
Why this matters for the future of AI agents
The biggest obstacle for AI assistants moving from chatbots to digital workers has been trust. An assistant that can book flights, manage subscriptions or update business accounts needs access to sensitive systems — but giving it passwords creates a new attack surface.
1Password’s approach shifts the security model away from sharing secrets with AI and toward temporary, controlled permission. That is similar to how modern software systems limit access using short-lived tokens rather than permanent credentials.
However, the system does not remove every risk. Users still need to carefully approve requests, and AI agents remain vulnerable to problems such as malicious instructions hidden inside websites or prompt injection attacks. Security researchers have already raised concerns about browser-based AI agents being manipulated into exposing sensitive information.
Even with biometric approval, users remain responsible for recognizing whether an AI agent is requesting access for a legitimate task.
1Password for Claude is available now for Mac users on individual, family, and business plans. Users need the 1Password desktop app, the 1Password browser extension, the Claude desktop app, and Claude browser extension.
The feature currently supports usernames, passwords, and one-time passwords stored in 1Password login items. Social sign-ins, such as “Sign in with Google,” and passkeys are not currently supported.
More News: The U.S. has given the UAE license-free access to advanced AI chips, a move that could accelerate the country’s AI ambitions while raising fresh geopolitical and national security questions.