With AI agents unleashed, they can search for products, compare prices, and fill out forms. They are aborted the moment the task requires logging in. Until now, the only options were to hand over the password and accept the security risks, or to grab the keyboard every time the login screen appeared, defeating the idea of having an agent in the first place. Now, there’s 1Password and Anthropic Fired Integration that removes this bottleneck.
The 1Password for Claude app, currently in beta, allows Claude to complete tasks that require usernames, passwords and authentication codes without those credentials reaching the AI model, 1Password wrote on Thursday (July 16). Blog post. When Claude reaches the login screen during a task, he asks 1Password for credentials. A prompt appears explaining to the user exactly what credentials are required and why. The user agrees with his fingerprint. 1Password then fills the password directly into the website. Claude never sees that. Access ends when the task is finished. The next time Claude needs the same login, he has to ask again, Help Net Security I mentioned.
Claude gets access without ever seeing the password
This distinction is architecture. A user who agrees to the fingerprint prompt tells the system: Use this login information for this task. They don’t hand the AI anything that it can read, store, or reuse. “The answer is not to hand over your secrets to customers,” Nancy Wang, CTO at 1Password, said in the statement. “It’s allowing the user to give the agent permission to use the credentials without letting the agent see them.”
After filling out the login information, 1Password checks to see that nothing sensitive is detected on the page. If the login fails, what has been entered will be erased before control is returned to the agent.
Timing is important. Security researchers recently showed that AI browser tools can be tricked into leaking user credentials through injection attacks and hidden instructions embedded in web pages, with the Cloud Private Browser extension among those affected, The Next Web I mentioned. The 1Password integration is a direct response. When an AI agent takes control of the browser, the 1Password extension automatically restricts access to the vault to only credentials approved for that specific task, 9to5Mac I mentioned. Everything else stays closed.
Outdated identity controls cost companies nearly $100 billion annually
The broader risk is commercial. AI agents are already booking travel, managing accounts, and processing purchase orders at speeds that no human oversight can match, PYMNTS I mentioned. The infrastructure needed to verify an agent’s identity, authorization, and whether he or she is operating within approved limits does not yet exist at scale. Outdated identity controls cost companies nearly $100 billion annually in fraud losses and lost business, according to PYMNTS Intelligence research Conducted with Trulioo.
The 1Password form indicates one answer. Instead of giving the AI agent permanent access to accounts, it grants the agent task-specific permission that automatically expires. “Once authorization and indefinite trust is not a security model, but a responsibility,” said CrowdStrike CTO, Ilya Zaitsev, when announcing the company’s new proxy identity platform. I mentioned By piments.
For banks, retailers and payment platforms that deploy agents to handle customer-facing tasks, the question of how to authenticate an agent, and what happens when it can’t, is no longer theoretical.





