1Password today announced a new capability called Secure Agentic Autofill, built to protect credentials as AI agents perform tasks in the browser. The feature is launching in early access through a partnership with Browserbase, a platform for browser automation. By connecting a 1Password vault, developers can give agents just-in-time access to login details while keeping them private and out of the hands of the AI or its underlying model.
David Faugno, CEO of 1Password, explained, “AI is opening up new ways to help people work smarter and get more done, but the fundamentals of security don’t change. At 1Password, we have always believed security should empower productivity, not block it. By partnering with Browserbase, we’re making it simple for teams to build and innovate with Agentic AI while keeping credentials and sensitive data protected by default. That way, you can focus on creating real value, knowing agentic AI identity security is built in by default.”
The company says the problem is simple but dangerous: “AI agents increasingly are completing real tasks in the browser, acting on behalf of employees, and connecting to the same systems humans rely on to get work done. This introduces a new security problem: AI agents require credentials – passwords, API keys, and one-time codes – to operate. As agents proliferate, the risk surface increases and it brings a variety of identity and access management challenges.” Among those issues are no single source of truth for secrets management, difficulty revoking long-lived credentials, and the spread of untracked or outdated credential grants.
1Password notes that users often try to bypass these issues by feeding credentials directly into agentic browsers, but “instead of reducing friction, taking these shortcuts can undo years of progress in credential security. They scatter sensitive secrets across agents, prompts, and logs, and create blind spots that traditional IAM and PAM tools were never designed to handle.”
To address this, Secure Agentic Autofill injects credentials via the 1Password browser extension only when required and only after approval. The process uses an end-to-end encrypted channel based on the Noise Framework between the approving device and the extension, ensuring secrets stay separate from the rest of the agentic workflow. As 1Password put it, “Raw credentials should never enter the LLM context.”
When an agent requests a credential, 1Password identifies the correct one, asks for human approval, and injects it into the browser. If there are multiple accounts for a service, the user is prompted to select the right one. This prevents the need to embed or hardcode secrets, reduces credential sprawl, and maintains human oversight.
Paul Klein, CEO of Browserbase, said, “We see AI agents changing the way work gets done, from procurement and onboarding to customer service and research. As we move toward an AI-native internet, these agents need a trust layer for credential access. Our partnership with 1Password creates exactly that, extending their proven security framework into the emerging world of agentic browser automation, so organizations can scale AI confidently.”
Secure Agentic Autofill is available today in early access for 1Password customers using Browserbase.
