Security News > 2024 > January > Bitwarden adds passkey support to log into web password vaults

Bitwarden adds passkey support to log into web password vaults
2024-01-11 19:21

The open-source Bitwarden password manager has announced that all users can now log into their web vaults using a passkey instead of the standard username and password pairs.

"This technology sources an encryption key from a passkey in relation to a particular site, which can then be used to reliably encrypt and decrypt data" - Bitwarden.

When a user registers a passkey using a hardware security key, they enable Bitwarden to encrypt that user's vault data using the associated encryption key.

"Using a passkey to log into Bitwarden accounts combines the passkey security with the zero knowledge, end-to-end encryption protection that Bitwarden delivers for users' sensitive information and credentials." - Bitwarden.

During the beta phase, Bitwarden will allow users of all plans to set up a maximum of five passkeys for the web app.

For passkeys not supporting the PRF WebAuthn extension, users can still authenticate without an email or 2FA, using the Bitwarden password for decryption.


News URL

https://www.bleepingcomputer.com/news/security/bitwarden-adds-passkey-support-to-log-into-web-password-vaults/