Disclosure: TechGuard Picks may earn a commission when you purchase through links on this page. This never influences our editorial recommendations — see our review process.

How to Set Up Passkeys in 1Password on Safari with iOS 17 (Step-by-Step Guide)

To set up passkeys in 1Password on Safari with iOS 17, you need to enable 1Password as your AutoFill password and passkey provider in iOS Settings, then allow 1Password to save the passkey when a supported site prompts you to create one in Safari. The entire process takes under five minutes once 1Password is installed and your account is active.


What You'll Need Before You Start

  • iPhone or iPad running iOS 17.0 or later (check in Settings → General → About → iOS Version)
  • 1Password app version 8.10 or later installed from the App Store (free download; subscription required)
  • Active 1Password account — Individual plan at $2.99/month billed annually, or Families plan at $4.99/month billed annually covering up to 5 users
  • Safari (built-in; no separate download needed — this guide is Safari-specific; Chrome on iOS uses a different provider flow)
  • A website that supports passkeys — Google, GitHub, Apple ID, Shopify, and PayPal all support passkey creation as of 2026
  • Face ID, Touch ID, or device passcode enabled (required for passkey authentication)
  • Stable internet connection during initial passkey creation (passkey storage itself is local/synced via 1Password's servers)

Step 1: Install and Sign In to 1Password on iOS

Download 1Password from the App Store if you haven't already. Open the app and either sign in to your existing account or create a new one.

During sign-in, 1Password will ask you to scan your Secret Key QR code or enter it manually — this is a 34-character alphanumeric string unique to your account, separate from your Master Password. Store it somewhere safe; 1Password uses it as part of a two-secret key derivation model (PBKDF2-SHA256, 650,000 iterations as of 2026) so even 1Password's servers cannot decrypt your vault data.

Expected output: You land on the 1Password home screen showing your vaults. If you see "Sign In Required" or a blank vault list, your credentials didn't authenticate — double-check your Secret Key and Master Password.

Common gotcha: If you're on a Family or Teams plan, make sure you're signing into your personal vault URL (e.g., yourteam.1password.com), not the generic my.1password.com. Using the wrong subdomain causes a silent auth failure on iOS.


Step 2: Enable 1Password as an AutoFill & Passkey Provider in iOS Settings

This is the step most guides skip over, and it's the one that actually makes passkeys work in Safari.

  1. Open the Settings app on your iPhone.
  2. Tap General.
  3. Tap AutoFill & Passwords (on iOS 17 this label replaced the older "Passwords & Accounts" label).
  4. Under "AutoFill From," you'll see a list of available password providers. Tap the toggle next to 1Password to enable it.
  5. You can leave iCloud Keychain enabled simultaneously — iOS will present both as options when a passkey prompt appears, and you choose which to use.

Expected output: The 1Password toggle turns green. You may see a Face ID/Touch ID prompt to confirm the change.

Common gotcha: If 1Password doesn't appear in the AutoFill list, the app isn't fully installed or you haven't completed sign-in. Force-quit the app, reopen it, verify you're signed in, then return to Settings.


Step 3: Navigate to a Passkey-Compatible Site in Safari

Open Safari and go to a site that supports passkey creation. For testing purposes, I recommend using account.google.com or github.com/settings/security because both have clear passkey enrollment flows and trigger the iOS passkey sheet reliably.

On Google:

  1. Sign in to your Google account.
  2. Go to Manage your Google Account → Security → Passkeys.
  3. Tap Create a passkey.

On GitHub:

  1. Go to Settings → Password and authentication → Passkeys.
  2. Click Add a passkey.

Step 4: Complete the Passkey Creation Prompt

When the site initiates passkey creation, iOS intercepts the WebAuthn navigator.credentials.create() call and displays a system sheet at the bottom of the screen.

  1. The sheet will say something like "Save a passkey for [site]?" and show two or more options — typically iCloud Keychain and 1Password.
  2. Tap 1Password.
  3. Authenticate with Face ID, Touch ID, or your device passcode when prompted.
  4. 1Password briefly opens (or a modal appears) to confirm where the passkey is being saved — select the vault you want (Personal, Shared, etc.) if prompted.
  5. Tap Save.

Expected output: The website confirms passkey creation with a success message ("Passkey saved" or similar). You'll see a new item appear in your 1Password vault under the site's name, with a passkey icon (a key with a person silhouette) rather than the standard password icon.

Common gotcha: If the system sheet appears but 1Password is greyed out or missing, you skipped Step 2. Go back and re-enable 1Password in AutoFill & Passwords settings.


Step 5: Test Signing In With the Passkey

Sign out of the site, then attempt to sign back in from Safari.

  1. On the login page, tap the username or email field.
  2. 1Password's AutoFill bar appears above the keyboard — tap the passkey suggestion for that site.
  3. Authenticate with Face ID or Touch ID.
  4. The site logs you in without a password field.

Expected output: You're authenticated instantly. No password prompt. No SMS code. The site's session starts as if you typed credentials, but you didn't — the passkey completed a FIDO2 challenge-response using a device-bound private key stored in 1Password's vault (encrypted with AES-256-GCM).


Verification Checklist

After completing the steps, confirm the following:

  • In 1Password: Open the app, find the site's entry, and verify it shows a "Passkey" section with a creation date — not just a saved password.
  • In Safari: On the site's security settings page, the passkey should appear with your device name and today's date.
  • Authentication test: Signing out and back in should require only biometrics, not a password.
  • Sync check: Open 1Password on a second device (Mac, iPad, another iPhone) — the passkey entry should appear there too, because 1Password syncs passkeys across devices, unlike device-bound passkeys in iCloud Keychain.

Recommended Tool: Why 1Password Is the Right Choice Here

1Password is the only third-party password manager on iOS that functions as a full passkey provider through Apple's ASCredentialIdentityStore API, which means it integrates directly with Safari's WebAuthn flow rather than requiring a workaround.

Pricing:

  • Individual: $2.99/month billed annually ($35.88/year)
  • Families: $4.99/month billed annually ($59.88/year), up to 5 users
  • Teams Starter Pack: $19.95/month billed annually, up to 10 users
  • Business: $7.99/user/month billed annually, no seat minimum

Security specs: AES-256-GCM encryption, PBKDF2-SHA256 key derivation (650,000 iterations), zero-knowledge architecture. MFA support includes TOTP (via any authenticator app), WebAuthn/FIDO2 hardware keys (YubiKey 5 series, Google Titan), and Duo push. No SMS MFA, which is a deliberate security decision I agree with.

Audit trail: SOC 2 Type II audited; 1Password has published security audits conducted by third-party firms including Cure53 (most recently in 2022, with ongoing engagements). Headquartered in Toronto, Canada — subject to PIPEDA and Canadian privacy law, not subject to US CLOUD Act by default.

Platforms: iOS 17+, macOS 13+, Windows 10/11, Android 9+, Linux (CLI and desktop app), browser extensions for Safari, Chrome, Firefox, Edge, and Brave.

Honest limitation: 1Password's passkey sync is convenient but means your passkeys live in 1Password's cloud infrastructure rather than being hardware-bound. If you need purely device-bound passkeys for compliance reasons (some HIPAA and FedRAMP contexts), iCloud Keychain's device-bound model may be more appropriate — see our best password manager for healthcare workers guide for that use case.

Try 1Password — the only third-party iOS password manager with native passkey provider support in Safari.


Troubleshooting

Issue 1: "1Password doesn't appear in the AutoFill & Passwords list"

Fix: This usually means the app install is incomplete. Delete 1Password from your device, reinstall from the App Store, sign in fully (past the vault screen), then check Settings again. You must be signed into an account — the app in a signed-out state doesn't register as an AutoFill provider.

Issue 2: "The passkey prompt shows only iCloud Keychain, not 1Password"

This happens when iOS defaults to iCloud Keychain because it's listed first. After enabling 1Password in AutoFill & Passwords, look more carefully at the system sheet — there is typically a "More Options" or "Other Options" button at the bottom of the sheet that reveals all available providers including 1Password. Tap it and select 1Password.

Issue 3: "Face ID fails during passkey creation and the sheet dismisses"

Fix: Three consecutive Face ID failures cause iOS to require a device passcode instead. Re-initiate the passkey creation flow on the website, and when the sheet appears, tap "Use Passcode" instead of waiting for Face ID. Once saved, Face ID will work for subsequent authentications.

Issue 4: "The passkey saved but doesn't appear in 1Password on my Mac"

Fix: Open 1Password on your iPhone and pull down to force a sync. If the item still doesn't appear on your Mac after 60 seconds, open 1Password on Mac, click the vault menu, and select "Sync Now." If sync is consistently broken, sign out and back in on the Mac — this re-establishes the sync connection without deleting vault data.

Issue 5: "The website says 'Passkey creation failed' after I authenticate with Face ID"

This usually means the site's WebAuthn implementation has a timeout (typically 60 seconds) that expired while the system sheet was open. Reload the page, restart the passkey creation flow, and complete it within 30 seconds of the sheet appearing. Some older site implementations (pre-2024 WebAuthn deployments) also reject passkeys stored in third-party managers due to strict attestation requirements — in that case, iCloud Keychain is the fallback.


Frequently Asked Questions

Can I use 1Password passkeys on Safari for Mac, not just iOS?

Yes. 1Password supports passkey storage and autofill on macOS 13 Ventura and later via the 1Password Safari extension (version 8.10+). The setup process on Mac is slightly different: you enable 1Password in System Settings → Passwords → Password Options rather than iOS Settings. The passkeys themselves sync between your iPhone and Mac automatically via 1Password's encrypted sync, so a passkey created on your iPhone is immediately available in Safari on your Mac with the same $2.99/month Individual subscription. You authenticate on Mac using Touch ID, Apple Watch, or your Mac login password.

Is it safe to store passkeys in 1Password instead of iCloud Keychain?

Passkeys stored in 1Password are protected by AES-256-GCM encryption with a zero-knowledge architecture — 1Password cannot read your vault contents. The private key component of your passkey never leaves your encrypted vault in plaintext. The trade-off versus iCloud Keychain is that iCloud Keychain passkeys are hardware-bound to Apple's Secure Enclave and never leave the device unencrypted, while 1Password passkeys sync across devices via 1Password's servers. For most users, 1Password's approach is practical and secure. For strict compliance environments (HIPAA, FedRAMP), evaluate hardware-bound options separately.

Do passkeys in 1Password work across Android and Windows too?

Yes, with a qualification. 1Password syncs passkeys to its apps on Android 9+ and Windows 10/11, and the Android app supports passkey autofill in Chrome and other browsers via Android's Credential Manager API. On Windows, passkey support depends on the browser — Chrome and Edge on Windows both support 1Password's passkey autofill via the browser extension. Safari is an Apple-only browser, so the Safari-specific passkey flow covered in this guide applies only to iOS and macOS. All of this is covered under the same 1Password subscription tiers starting at $2.99/month.

What happens to my passkeys if I cancel my 1Password subscription?

If your 1Password subscription lapses, your vault enters a read-only state — you can view and export items but cannot add new ones. Passkeys, unlike passwords, cannot currently be exported in a portable format (the FIDO Alliance's passkey portability spec is still in draft as of 2026). This means if you cancel and don't migrate, you lose the ability to use those passkeys for authentication. The practical fix is to delete the passkey from each website's security settings and re-enroll using iCloud Keychain or another provider before canceling. This is a genuine limitation of the current passkey ecosystem, not specific to 1Password.

Does setting up passkeys in 1Password replace my existing saved passwords?

No. 1Password stores passkeys as a separate credential type alongside existing password entries. When you create a passkey for a site that already has a saved password in your vault, 1Password creates a new passkey item — it does not delete or overwrite the password. Many sites support both authentication methods simultaneously during the transition period. You can manually delete the old password entry from your vault once you've confirmed the passkey works reliably. 1Password displays a passkey icon (distinct from the key icon used for passwords) so you can tell them apart at a glance.


Final Recommendation

Setting up passkeys in 1Password on Safari with iOS 17 takes five minutes and meaningfully reduces your attack surface — no password to phish, no SMS code to intercept. The cross-device sync is 1Password's biggest advantage over iCloud Keychain here: create a passkey on your iPhone, use it on your Mac or Windows PC without re-enrolling.

If you're managing passkeys and credentials for a team rather than personal use, our best password manager for teams and remote work review covers 1Password Business ($7.99/user/month) alongside competing options with detailed feature comparisons. For enterprise deployments with stricter compliance requirements, the best enterprise password manager review for 2026 is worth reading before committing.

Get started with 1Password — the most complete passkey management solution available for Safari on iOS in 2026.

Get our free password manager security comparison guide