cd /news/ai-agents/1password-s-new-agentic-mode-lets-cl… · home topics ai-agents article
[ARTICLE · art-62056] src=zdnet.com ↗ pub= topic=ai-agents verified=true sentiment=· neutral

1Password's new Agentic Mode lets Claude log into your accounts without seeing your credentials

1Password launched Agentic Mode, an integration with Anthropic's Claude that lets the AI log into user accounts without ever seeing passwords or MFA codes. The system injects credentials directly into login fields after user approval, granting per-session, task-scoped access with no standing permissions. The feature debuts with Claude, with support for more AI agents planned.

read6 min views1 publishedJul 16, 2026
1Password's new Agentic Mode lets Claude log into your accounts without seeing your credentials
Image: Zdnet (auto-discovered)

Follow ZDNET: Add us as a preferred source on Google.

ZDNET's key takeaways

  • Claude can use protected accounts without seeing credentials.
  • 1Password injects passwords and MFA codes outside the AI.
  • Agentic Mode launches first with Claude, with more agents ahead.

As I've been working with Claude Cowork and ChatGPT Work, I've found real, tangible time-saving opportunities that both tools offer. While it's not possible to delegate everything to these AI agents, some tedious tasks are perfect to assign to the digital members of my team.

But there's a gotcha. Most of what I do online, especially those activities that have some administrative component, is locked behind a login of some kind.

**Also: **I let ChatGPT Work and Claude Cowork loose on my files - only one made me nervous

Whether it's Stripe for managing payments, my web hosting provider, my other web hosting provider, my yet another web hosting provider, my accounting system, or even my list management app, they're all secured behind a login system.

The challenge, then, is what actual actions you can take when you charge up your courage enough (or maximize your laziness or overwhelm enough) to delegate a project to an AI. How can you set an AI loose on a project without giving it complete access to your protected resources?

1Password points the way #

Password management giant 1Password thinks it has a solution. The company announced today that it has built an integration with Claude that allows Claude to request access to services from 1Password.

The key idea here is that Claude never sees the password. Instead, Claude requests a password, 1Password offers up an authorization sheet that requires approval, and then those credentials are filled in at the desired destination site -- all without Claude ever getting access to a single password or authentication code.

The company provided two examples of this access. In one, a manager uses Claude via 1Password to sift through Stripe transactions to find any red flags. In the other, an Audible user uses Claude via 1Password to find audiobooks that might prove to be a good listen.

**Also: **Don't let an AI chatbot pick your password, ever

I can certainly see the benefit of using Claude to help do some financial forensic accounting, even if I'd still be worried about letting Claude have access to my Stripe account. But looking for an audiobook recommendation? I recognize this is just a demo, but using the AI to help you use up your Audible credits seems ... unnecessary? Disappointing? Overkill?

In any case, the point is that Claude never gets access to your account credentials. I was concerned about repeat access, so I asked the company, "So how do you make sure, if you let it go into Stripe once to check something, that it won't just randomly go there again? You've now just given it access to your entire income-producing section, for example."

I was told, "This concern is exactly what 1Password for Claude was designed to solve. Access is granted per session, scoped to a specific task, and does not carry over. There is no standing access."

It was explained to me that when Claude wants a credential, it asks for access for the one task it's currently working on. The user is asked for approval. According to the company, this can be done with biometric verification, a password, or Touch ID. YubiKey is generally supported in 1Password, but it's not yet available for this application, although I'm told that it's planned.

Upon completion of the task, authorization ends. The company told me, "If the agent goes back to Stripe a second time, it cannot simply reuse the earlier permission. It has to request access again, and the user has to approve it again."

Also: I gave Claude Cowork 7 non-coding jobs, and it earned a spot in my toolbox

That might be a bit optimistic. Many sites grant ongoing access via cookies or other means once access has been secured. In practice, the session is likely to persist the way any browser session would after a sign-in.

From the release, this workflow didn't seem entirely complete, so I asked for more clarification. I was unofficially told that the need for reauthentication applies as long as you log out at the end of the first session. The key to this would be prompting Claude with something like, "Log in to Stripe, give me my current revenue, and log out when you're done." At that point, if you do need to be logged in again, you would receive a new authorization prompt. Claude won't simply reuse the earlier permission.

That said, Claude won't return to the site on its own. 1Password says Claude will only return with clear instructions from the user.

Technically, this access is supported by 1Password's new Agentic Mode, which "activates automatically the moment a recognized AI agent takes control of the browser." 1Password says that when Agentic Mode is on, the agent can only reach those credentials specifically granted for the current task. No other vault-stored passwords are available through the browser.

I was told, "So, to answer your question directly: granting access once to check something in Stripe does not open the door to your vault. It opens a window for one specific task, and 1Password closes it when that task is done. And throughout that entire task, Claude never sees the credential itself. The password and the MFA one-time code are injected directly into the page by 1Password through a secure channel, outside the agent's view. They never reach the model, Claude's context, or Anthropic's systems at any point."

Availability #

According to the company, Agentic Mode will be available to all 1Password users as of today. I was told, "While credential [controls] will be available on day one, future support for payment cards and identity details in 1Password will be available after launch."

The company also says, "Agentic Mode activates automatically and runs quietly in the background. Users can see when it is active directly in the 1Password browser extension, with the option to cancel it at any time. Starting with Claude, the underlying framework is designed to extend to any browser-based agent or platform as the ecosystem grows."

**Also: **5 security tactics your business can't get wrong in the age of AI - and why they're critical

Random factoid: Superhero actors Robert Downey Jr. (Iron Man) and Ryan Reynolds (who played Deadpool and the Green Lantern, but we won't hold that against him) are investors in 1Password.

Would you trust Claude to access your Stripe account through 1Password? Let us know in the comments below.

You can follow my day-to-day project updates on social media. Be sure to subscribe to my weekly update newsletter, and follow me on Twitter/X at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, on Bluesky at @DavidGewirtz.com, and on YouTube at YouTube.com/DavidGewirtzTV.

Artificial Intelligence

Editorial standards

── more in #ai-agents 4 stories · sorted by recency
── more on @1password 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/1password-s-new-agen…] indexed:0 read:6min 2026-07-16 ·