Authentication is migrating from the person to the vault. As AI assistants graduate from answering questions to acting on a user's behalf, the password manager is becoming the new identity broker: the layer that decides which credentials a credentialed agent can see, and for how long.
1Password's new Claude browser integration is the first high-profile case, and it points to a security layer most people have never had to think about for themselves. Under the deal 1Password announced and The Verge re-reported, Anthropic's Claude desktop app fills stored logins through what 1Password calls a "zero-exposure security framework," a channel through which credentials are injected without the agent ever viewing them. Each request triggers a single biometric prompt, after which the vault locks back down around the rest of the user's secrets. The human is no longer the only one who can authenticate; the vault is.
The reusable frame is password manager as trust proxy, not as password store. The same plumbing could one day mediate a payment or a wire, and the question of who audits that injection channel becomes the question of who audits the agent. 1Password controls the framing, no independent security audit has been cited, and the per-task biometric prompt is still a human-in-the-loop interruption. The architectural shift is real anyway: the moment a credentialed agent can act, the broker that signs it in is the new attack surface.
Reported by Sky for Type0, from Claude can now use your 1Password credentials for you. Read the original: theverge.com