In a significant move towards enhancing online security, Bitwarden has initiated the integration of passkey support into its password manager. The latest browser extension update is poised to offer a more secure and user-friendly alternative to traditional password methods, utilizing device-specific features such as PINs, facial recognition, or fingerprints for authentication.
The release, dubbed 2023.10, is currently in a transitional phase. This development places Bitwarden in league with the likes of Apple, Google, and rival password managers, including 1Password, which have previously embraced passkey support.
“Passkeys can be stored and used with the Bitwarden password manager vault,” Bitwarden wrote in its Help Center. “Using the Bitwarden browser extension, users can log in to their favorite apps and websites that have passkey login capability.”
When a user attempts to set up a passkey on a compatible website, Bitwarden’s extension will prompt to save the passkey, streamlining future logins on that site. According to the company, the stored passkeys are “protected with Bitwarden’s trusted end-to-end encryption.”
The implementation of passkeys comes at a time when their acceptance as a security measure is on the rise, although it’s not as pervasive as traditional passwords. Websites are gradually incorporating passkey options and leading technology and e-commerce companies, including Amazon, Google, and Nintendo, have been actively adopting and advocating for passkey use, indicating a shift in the cybersecurity landscape.
Currently, the capability to store passkeys is limited to Bitwarden’s browser extensions. The password manager’s mobile app has yet to offer this feature, but plans are underway for its future inclusion.
Bitwarden’s foray into passkey technology aligns with the initiatives set forth by the FIDO Alliance, which announced passkeys last year. These passkeys are developed to comply with FIDO’s rigorous standards and offer a solution to the inherent security flaws of traditional password authentication, notably susceptibility to phishing schemes.