Thu 16 Jul 2026 / 12:39 ET
Kernel
AI 2 min read

1Password adds Claude login handoff for web tasks

1Password says its new Claude browser integration can fill saved logins for approved tasks without exposing credentials to Anthropic’s models.

Theo Lindgren

By Theo Lindgren / Columnist

1Password has released a browser integration that lets Anthropic’s Claude use saved login credentials during user-approved web tasks, The Verge reported.

The feature, called 1Password for Claude, is built for the kind of assistant workflow that breaks the moment a website asks for a username and password. According to 1Password, a user can authorize Claude to handle multi-step jobs such as booking travel or managing online accounts without typing credentials into the chat or handing them to Anthropic’s AI models.

That distinction is the product pitch and the security line. 1Password says the integration relies on a new “zero-exposure security framework” that supplies the needed credentials for a specific task by injecting them through the browser. In plain English: Claude can get past a login screen as part of an approved action, while 1Password says the underlying secret is not exposed to the model.

The mechanism matters because agent-style chatbots are being pushed beyond answering questions and into operating websites on a user’s behalf. Those workflows often require access to accounts that are protected by stored usernames and passwords. If the credential has to be pasted into a chat window, the assistant becomes an obvious new place for sensitive data to leak. 1Password is claiming its browser-based handoff avoids that route.

The Verge reported that the integration can be used for tasks involving travel reservations and account administration. The available details do not say which browsers are supported, whether the feature is limited to specific Claude plans, or how 1Password handles failures when a site changes its login flow.

The integration also does not mean Anthropic gets a general copy of a user’s vault, based on 1Password’s description. The company’s claim is narrower: credentials needed for an approved task are injected when required, and the security information is not exposed to Anthropic’s models.

That claim will matter more than the demo. Password managers are built on users trusting that secrets stay contained. AI agents are built on giving software more room to act. 1Password for Claude sits exactly at that fault line: useful if the boundary holds, risky if the handoff becomes another place where credentials can be mishandled.

This story draws on original reporting from The Verge AI.

More AI/

view all ↗