Passkeys can be stored and used with the Bitwarden password manager vault. Using the Bitwarden browser extension, users can log in to their favorite apps and websites that have passkey login capability. Passkeys are a safe, passwordless alternative for users to log into services across their devices.
Developed with the standards set by the FIDO Alliance, passkeys allow a user to secure their accounts and bypass the vulnerabilities that come with standard password authentication, such as phishing. The stored passkeys are protected with Bitwarden's trusted end to end encryption.
Passkeys are a replacement for passwords that provide fast, easy, and secure sign-ins to websites and apps across a user's devices. More precisely, "passkey" is a consumer-friendly term for a discoverable FIDO credential that can be synced to allow secure passwordless sign-ins across devices, or dedicated to a single piece of hardware as a device-bound passkey.
Apps and services can request that passkeys created with them are verified with a PIN, password, pattern, or biometric factor when you save or access them. The Bitwarden Password Manager will add support for PIN, password, and biometric verification in a future release. For more general information about passkeys, see Passkey FAQs.
Passkeys are stored and invoked via the Bitwarden browser extension. This means that both discoverable and non-discoverable passkeys can be stored in Bitwarden and used to log in to websites with passkey capabilities.
Saving and using passkeys are a feature of the Bitwarden browser extension. Other Bitwarden clients can be used to view the saved passkey.
In the Bitwarden vault, a new field will now display a stored passkey. Once a new passkey has been saved, the item can be viewed from any Bitwarden vault and is located in the Passkey field.
The passkey field is not editable and will contain the creation date of the passkey.
When creating a new passkey on a website or app, Bitwarden will prompt you to store the passkey in the Bitwarden browser extension.
Select Use browser if you do not wish to store the passkey in the Bitwarden vault.
If a passkey already exists for this service, the browser extension will notify you and allow you to save a new passkey by selecting the icon, or overwrite an existing passkey.
Only one passkey can be saved per login item. If a credential is saved in multiple places, for instance as two separate login items in the individual vault and organization vault respectively, a different passkey can be be stored with each login item.
To overwrite an existing passkey:
Initiate the creation of a new passkey from your chosen website or service.
Choose the existing login item where you wish to store the new passkey and select Save passkey.
Test it out here https://demo.yubico.com/playground.
The passkey field cannot be edited in the vault item view. If an additional passkey with the same website is needed, save a new login item with the new passkey associated.
To use a passkey stored in Bitwarden, initiate the passkey login on the website.
After selecting the passkey login option on a website, your system will prompt for passkey login. While Bitwarden is enabled, the Bitwarden browser extension will provide an option to login using the passkey stored in your Bitwarden vault.
Related passkeys will be displayed in the Bitwarden dialogue box. Select the passkey you would like to use and press confirm.
If master password re-prompt has been enabled on the login item, you will be required to re-enter your master password in order to access the passkey.
If you don't want to use the Bitwarden browser extension to prompt you to save and use passkeys for specific sites, you can set excluded domains. You can also turn off the prompt entirely by:
Navigating to the Settings tab.
Un-checking the Ask to save and use passkeys option.
The following FAQ items are in reference to Bitwarden passkey storage. For general passkey information, see Passkey FAQs.
Q: Will passkeys be included if you clone a vault item?
A: Bitwarden will not copy a passkey when completing a clone action.
Q: Are stored passkeys included in Bitwarden imports and exports?
A: Passkeys imports and exports will be included in a future release.
Q: Can I store passkeys in the mobile app?
A: Passkeys support for mobile applications is planned for a future release.