TalksAWS re:Invent 2025 - Using Amazon Nova Act to simplify login workflows (AIM271)

AWS re:Invent 2025 - Using Amazon Nova Act to simplify login workflows (AIM271)

Using Amazon Nova Act to Simplify Login Workflows

Overview of One Password's Approach to Agentic AI

  • One Password has a strict "zero knowledge" security model where their systems cannot decrypt user credentials

  • Key principles include:

    • Secrets must stay secret
    • Authorization should be deterministic, not probabilistic
    • Raw credentials should never enter an AI model's context
    • Transparency and auditability are critical

  • One Password classifies Agentic AI into two categories:

    1. Browser-based Agentic AI that interacts with applications by mimicking user actions
    2. Programmatic Agentic AI that uses APIs and other programmatic means

Securing Browser-based Agentic AI

Agentic AI Deployed in the Cloud

  • One Password provides a browser extension that runs inside the headless browser in the cloud
  • When the Agentic AI needs to access a website, it requests the browser extension to fill the credentials
  • The browser extension prompts the user for approval and securely transmits the encrypted credentials
  • Enables asynchronous workflows and policy-based credential approvals

Agentic AI Deployed on the User's Device

  • One Password partners with Perplexity and OpenAI's Atlas browser to integrate their browser extension
  • Allows the Agentic AI to securely fill credentials from the user's One Password vault
  • Enables further automation and workflow improvements in the future

Using Amazon Nova Act to Enhance One Password's Autofill Capabilities

  • One Password is developing "Universal Sign-On" to automatically log users into websites, regardless of the login method
  • Existing autofill algorithms have limitations in handling the complexity and variability of website login flows
  • One Password is using Amazon Nova Act to build an AI agent that:
    • Browses websites to gather intelligence on how different login flows work
    • Validates the gathered intelligence using a second Nova Act agent
    • Feeds the validated intelligence into One Password's "Site Intelligence Engine"
    • Allows the browser extension to provide a seamless, deterministic login experience

Example Usage of Nova Act

  • The Nova Act agent was able to navigate the complex login flow on the Duolingo website, including clicking on a JavaScript-based "I already have an account" button
  • The agent logs each step of its reasoning process, demonstrating human-like problem-solving abilities

Business Impact and Key Takeaways

  • Website-specific intelligence powered by Agentic AI can significantly improve the One Password product in ways that would not be possible with traditional, heuristic-based approaches
  • One Password is just scratching the surface of what Agentic AI can do to enhance their product and user experience
  • The beta version of the One Password extension already includes the new Universal Sign-On experience powered by Amazon Nova Act

Your Digital Journey deserves a great story.

Build one with us.

Talk to us
Cookies Icon

This website stores cookies on your computer.

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.