DEV Community

Cover image for AWS re:Invent 2025 - Using Amazon Nova Act to simplify login workflows (AIM271)
Kazuya
Kazuya

Posted on • Edited on

AWS re:Invent 2025 - Using Amazon Nova Act to simplify login workflows (AIM271)

🦄 Making great presentations more accessible.
This project enhances multilingual accessibility and discoverability while preserving the original content. Detailed transcriptions and keyframes capture the nuances and technical insights that convey the full value of each session.

Note: A comprehensive list of re:Invent 2025 transcribed articles is available in this Spreadsheet!

Overview

📖 AWS re:Invent 2025 - Using Amazon Nova Act to simplify login workflows (AIM271)

In this video, 1Password's Anand Srinivas and Floris van der Grinten discuss their partnership with Amazon Nova Act to enhance login workflows. They explain 1Password's zero-knowledge security model for Agentic AI, emphasizing that secrets stay secret and raw credentials never enter model contexts. The presentation covers two main areas: securing browser-use Agentic AI through encrypted credential filling (demonstrated via partnerships with BrowserBase, Perplexity, and OpenAI's Atlas browser), and using Amazon Nova Act within 1Password's product to power Universal Sign On. This new feature automates complete login flows across various authentication methods by deploying AI agents that gather website-specific intelligence, validated by a second agent, enabling seamless authentication without manual password entry.


; This article is entirely auto-generated while preserving the original presentation content as much as possible. Please note that there may be typos or inaccuracies.

Main Part

Thumbnail 0

Security for AI: How 1Password Secures Browser-Use Agentic AI Workflows

Okay, everybody, we're going to get started. If you're on the outskirts, come on into the center. We're going to be talking about using Amazon Nova Act to simplify login workflows. Please give a warm welcome to your speakers, Anand Srinivas and Floris van der Grinten. Hey, what's up folks? First off, we're super excited. Thank you very much for coming in. We're excited to be talking about being a Nova Act launch partner and using Amazon Nova Act to simplify login workflows. My name is Anand Srinivas. I'm the VP of Product and AI here at 1Password, and I'm here with Floris van der Grinten, who's a Senior Developer at 1Password as well.

Thumbnail 50

So the thing I want to get started with is 1Password. We're pretty well known for our security model. There's actually a 70-page white paper out there if anyone wants some bedtime reading about exactly how that works. We recently updated that security model for Agentic AI. What we think is important, I want to go through a couple of these that are key here. The first is this idea that secrets stay secret. We have a very strict zero knowledge model where any system hosted by 1Password cannot decrypt your credentials, and that's the model that we intend to keep with Agentic AI as well.

The second and third here, authorization should be deterministic, not probabilistic, and raw credentials should never enter into a model's context. Those have to do with things like MCP. For instance, sending raw credentials down the MCP channel is probably not best practice, right? That's how we look at that. We look for deterministic workflows to transfer credentials in that way. The rest of the principles are all around transparency, auditability, and other aspects of it.

Thumbnail 130

So overall at 1Password, the way we look at AI in general is there's a component of this which is using AI within our products. We might call that AI for security, and actually Floris will be covering that later on today. That's exactly how we use the Nova Act models to make the 1Password product better. He'll cover that. The other side of this is security for AI, which is using 1Password's products to help secure Agentic AI as they are deployed. That's the part I'm going to talk about a little bit before I hand off to Floris.

Thumbnail 160

But before I do, I want to talk about a taxonomy that will make this discussion a little bit more clear and useful. The way we look at Agentic AI in particular is on the vertical axis of this. We classify it into two broad categories. The first is Agentic AIs that interact with other applications and services by clicking around in a web browser or more generally computer use. They're mimicking a person in terms of that interaction. The other type of Agentic AI uses programmatic means, so think MCP, APIs, and other kinds of standard approaches that way.

On the horizontal axis at the top is where these Agentic AIs are deployed. Are they deployed on your device, like on your laptop, or are they in the cloud? So if you look at what this looks like in practice, just some examples, when a browser-use style Agentic AI is running on your laptop, examples of this are things like Perplexity or OpenAI's Atlas browser. The use cases here are just automating something on behalf of yourself.

Thumbnail 210

Whereas in the remote cloud, we're talking about Nova Act plus something like Agentcore Browser tool where the use cases are, I don't want to have to sit in front of my laptop and run this. I can run this asynchronously in the cloud. It can be automation for myself. It can be an internal application for employees, or it can be a production application that's deployed in the cloud on behalf of customers. So any of those use cases. The other side of this is programmatic.

Thumbnail 260

And so again on your laptop, what this looks like is something like Cursor, Lovable, or Claude Desktop. The use cases here are a lot about vibe coding, but it's about automating and making yourself more efficient as well. Then the cloud version of this are deployed applications or applications that are built through Agent Builders or AI that's embedded in other applications like Notion, for example Notion AI. The use cases here again are very similar to the use cases for the cloud applications for browser-use Agentic AI as well. So what we're going to focus on for this talk because it's relevant to Nova Act in particular and our launch partnership with AWS is the first side of this or the top half of this, which is around browser-use Agentic AI. Hopefully we'll be back another day to talk about the programmatic AI stuff as well and how 1Password can help secure that side of it as well.

Thumbnail 320

The first thing I want to talk about is remotely deployed browser-use style agentic AI. Think about this as a headless browser running in the cloud, and an LLM that's driving that headless browser. Basically, you can prompt that LLM and let it run asynchronously. Obviously, for it to be of any value, it has to log into things. It has to log into different websites and access different services.

So how do we solve the problem of getting those credentials securely filled on behalf of the agentic AI without actually giving those credentials to the agentic AI in the context window, and without a person having to pause the process and manually type in their password? We've recently made an announcement, and we're going to be making many more announcements with partners on this. Our solution is that we have a 1Password browser extension running inside the headless browser in the cloud. When that LLM wants to access some website, it asks that browser extension: "I would like to fill in this website." Previously, you would have connected the service with 1Password. In this example, we made an announcement with a company called BrowserBase, so you would beforehand connect BrowserBase with 1Password to set it up.

What happens in the flow is the LLM asks the browser extension if it can fill this website. The browser extension asks you, the person, by giving you an authorization prompt. It says: "Hey, BrowserBase headless browser is trying to access this particular website and wants your credentials for it. Do you authorize it?" You would approve that flow, and the credentials are sent end-to-end encrypted. They're only decrypted inside the browser extension that is actually in that headless browser. That's the solution we've come up with that solves the problem of filling the credentials on behalf of the agent in a secure, encrypted way without exposing the credentials to the agent.

Thumbnail 480

Some of the things we're working on going forward are asynchronous workflows. How do you set policy on the fact that maybe you don't want to approve every single credential? There are some low-risk ones that can just go through with no problem, but maybe some higher-risk ones where you do want an explicit human-in-the-loop approval prompt. Those are some of the things we're working on. That's an example of browser-use agentic AI in the cloud and how we're securing that. The next part is: what about browser-use agentic AI that is running on your laptop? We've recently announced partnerships with Perplexity as well as OpenAI's Atlas browser, and we are launch partners with them and the only security launch partners with them. The idea is that the 1Password browser extension can work on these browsers, and it solves the problem of you not manually typing passwords into these things. You're able to fill them from your vault. Going forward, we'll be looking to add more automations to this particular workflow.

Thumbnail 560

Thumbnail 580

Thumbnail 600

AI for Security: Using Amazon Nova Act to Power Universal Sign On

Hopefully, that gives you an idea that on the browser-use side, that's the breadth of how we're looking at securing agentic AI. As I said earlier, hopefully we'll be back in the future to talk about the programmatic AI stuff as well. With that, I'm going to hand off to my colleague Floris, and he's going to get into how we're actually using the Nova Act models within the 1Password product to solve important production use cases. Hi, I'm Floris from the engineering team at 1Password, and I'm going to be showing you how we're using agentic AI at 1Password to improve our own product in a way that just wouldn't be possible in a pre-AI era. The star of the show here is really Amazon's Nova Act, which launched here at re:Invent, and it's their browser-use agentic AI solution. Let's talk about autofill. 1Password comes with a browser extension, as you may know, and this adds a small icon in login form fields. If you click that icon, you can choose a credential that you want to use to log in to the website, and then 1Password does the tedious work of logging in and filling out the form. That's how it works today.

We're working on the next generation of Autofill now, and we're calling it Universal Sign On. With Universal Sign On, we really want to take the experience from "Hey 1Password, fill in this login form for me" to something more holistic: "Hey 1Password, just log me in. Do whatever it takes to log me in." This works regardless of the login method, whether that's a username and password, a TOTP for MFA, Enterprise SSO, a passkey, or a sign in with GitHub or Google—which you probably forgot which one you used for which website anyway.

Thumbnail 640

Thumbnail 650

Thumbnail 660

Here's how it looks in practice. I click on the website and it automatically goes to the login page, signs me in, enters the password, and enters the TOTP. I'm logged in with just a single click, hands off the keyboard. Now, how does this work? Unfortunately, there's not a standard protocol for logging into websites. It's an HTML free-for-all with lots of ambiguity. For classic Autofill, we've more or less solved this ambiguity with a one-size-fits-most algorithm based on heuristics. It's been working great and is being used millions of times per day by many users. However, for Universal Sign On, we're running into the limits of the heuristics we can articulate in our code.

Thumbnail 710

The browser extension now needs to know not just how to fill in the form, but also how to navigate to and through the form, which is much more complex. Ideally, we would have website-specific logic here because every website is different. To make this a success and realize the Universal Sign On vision, this is what we're going to need. The problem is that this doesn't scale if you have to do it by hand. There are millions of websites out there that offer logins, and even if we were to do this, it would be brittle. At the scale we operate on, we would see breaking changes every single day, so that's not really an option.

Thumbnail 750

However, we can finally solve this and scale it up. We've built an AI agent using Amazon Nova Act that goes out on the web and browses these websites for us, gathering the intelligence we need around how different websites offer logins. This intelligence is then validated by a second agent, which also uses Amazon Nova Act to verify whether the information we get about the login experience is correct. It then gets fed into what we call the Site Intelligence Engine, which exposes it to our browser extension. The browser extension uses this intelligence to enhance the existing algorithm for a smooth login experience.

Thumbnail 840

Thumbnail 860

What's nice about this is that it can run out of band, so it can run in our infrastructure and gather the intelligence and pass it to the browser extension. This way, the login experience stays blazingly fast and deterministic. What's also nice is that we can run the validation agent periodically in the background to see if the intelligence is still correct, and if not, it gets invalidated. Let's see how the Amazon Nova Act agent does this. We're going to have it browse to the re:Invent website, and the instructions we give it are: find how this website offers login. This is a pretty simple example because there's a big login button on the top right, so it should be able to find it here. Yes, it clicked it and is able to find the login form.

Thumbnail 880

Thumbnail 890

If we look at a slightly more complex example, here is the website for Duolingo, and this is a bit more difficult because it doesn't have a traditional login button. It just has a button that says "I already have an account." To make it more complicated, it's not a standard button with an href that links to the login page, but rather a JavaScript click handler. This would be much more complicated to build into a heuristic-based algorithm, but for humans it's easy. Humans just click "I already have an account," and because Amazon Nova Act uses the same kind of human reasoning, it's still easily able to get to the login page, which is really great.

Thumbnail 910

Along the way, Amazon Nova Act also logs every step in the evaluation loop that it takes. As you can see, it really thinks like a human and reasons like a human. It says it finds a button that says "I already have an account," which likely links to the login form. Then it knows it needs to click that button and actually performs the click. Lastly, it evaluates again and reasons: "Hey, this is the login form, so I'm done with my task."

Thumbnail 940

To recap, website-specific intelligence can meaningfully improve the 1Password products in a way that just wouldn't be possible in a pre-AI era. We've really only scratched the surface of what agentic AI can do for our product. If you want to try it out and get a glimpse of this new Universal Sign On experience, you can install the beta of the 1Password extension, which already has this new UX and the first data intelligence powered by Amazon Nova Act. Thank you for listening. We can take some questions.

Thumbnail 980

; This article is entirely auto-generated using Amazon Bedrock.

Top comments (0)