Bitwarden, a renowned open-source password management service, has recently introduced support for logging in using Passkey instead of the traditional username and password. This new feature utilizes the PRF extension of the WebAuthn standard, which essentially allows the creation of a cryptographic key specifically for Bitwarden (or other websites) through the authentication of an identity-confirming key. Once generated, this key is used by Bitwarden to encrypt and decrypt user data in their vault. In simpler terms, the PRF enables Passkey to be used for both user login and data encryption, eliminating the need for users to enter their email, password, and go through the 2FA process. Previously, Bitwarden relied on the user’s master password for data encryption and decryption (i.e., the passwords stored in the system).
However, it is important to note that users must use both an identity-confirming key and a PRF-supported browser. Currently, this includes Chromium-based browsers such as Chrome and Edge. If the identity-confirming key or the browser used does not support PRF, users can still log in to Bitwarden using Passkey without entering an email and going through the 2FA process. However, they will still need to enter their master password to access data in their vault.
In summary, Bitwarden now offers the convenience of Passkey-based login and data encryption, allowing users to streamline their authentication process without compromising security. With the inclusion of the PRF extension and support from compatible browsers, Bitwarden continues to innovate in the field of password management.
TLDR: Bitwarden has introduced the ability to log in using Passkey, a feature that combines both user authentication and data encryption. Through the use of the PRF extension and compatible browsers, Bitwarden enhances the convenience and security of its password management service.
Leave a Comment