Post-quantum TLS for credentials: what IAM teams need to know

TL;DR: Hybrid post-quantum key exchange has been deployed on a web application, using X25519MLKEM768 for compatible browsers to protect credential traffic against harvest-now, decrypt-later risk without user action or performance penalties, according to 1Password. The real shift is that long-term confidentiality now has to be treated as an identity and transport design requirement, not a future migration task.

NHIMG editorial — what this means for NHI practitioners

By the numbers:

• At the time of writing this post, I personally have 291 items in my vault, so the long-term confidentiality of this data is critical to myself and every 1Password user.

Questions worth separating out

Q: How should security teams plan for post-quantum protection in identity systems?

A: Security teams should start with identity data that must stay confidential for the longest period, including authentication channels, recovery flows, and privileged sessions.

Q: Why does harvest-now, decrypt-later matter for IAM and NHI programmes?

A: It matters because identity traffic often contains material that remains valuable long after the session ends, including credentials, tokens, and recovery information.

Q: How do you know if post-quantum rollout is actually working?

A: You know it is working when compatible clients consistently negotiate the intended hybrid key exchange and fallback rates are visible and understood.

Practitioner guidance

• Inventory identity traffic with long confidentiality requirements Map which authentication, vault, recovery, and administrative channels carry data that must remain confidential for years, then rank them by exposure and retention value.
• Verify negotiated cryptography in client populations Check which browsers, endpoints, and automated clients can negotiate hybrid post-quantum key exchange, and measure where fallback still occurs in production.
• Update change management for cryptographic migration Treat PQC rollout as a distributed control change across clients, servers, and policy boundaries, with validation steps for every identity-critical pathway.

What's in the full announcement

1Password's full article covers the operational detail this post intentionally leaves for the source:

• Browser-side verification steps for confirming X25519MLKEM768 in Chrome or Firefox
• The specific TLS negotiation behaviour used by compatible clients
• The staged roadmap for expanding PQC beyond the web application
• Practical troubleshooting guidance for clients that do not negotiate PQC

👉 Read 1Password’s update on post-quantum protection for web app credentials →

Post-quantum TLS for credentials: what IAM teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →