Biometric authentication without full desktop app

Feature name

  • Biometric authentication without full desktop app

Feature function

  • I want to use the biometric authentication without having to log in to the desktop app first.
  • It seems unnecessary to me that the desktop app has to cache the Vault locally and also be logged in so that it can perform the browsers biometric authentication. From this point of view, two logins are necessary.
  • It may be possible to install only a agent that can be triggered by the browser extension, to handles the biometric authentication.

I think it’s a security feature of the OS so you can’t have it. The same applies to 1-password

Why should it? In terms of authentication, the agent has the same functionality as the desktop app, but without Vault. This means more security :wink:

At the current moment its really about access levels and APIs to Hello/Touch ID - the desktop app is the most reliable way to connect to those APIs vs. browser-based integration. Though, there is a point in having the desktop be the ‘central station’ for convenience :slight_smile: - but that is more of this feature.

We’ll see how the browsers progress with support for Biometrics, though!

Maybe my request was misunderstood. I think I understand the reason why an app is needed so that the browser can access the biometric API through it. That’s ok, the problem is why does the app need to be sign-in to bitwarden first and also include the full vault? The agent I’m describing would still be a Win32 app that accepts the authentication request from the browser and communicates with the Windows API, but it doesn’t require any additional bitwarden login and no vault.

It would be great if users could unlock their vault through the Bitwarden browser extension without having to open the Bitwarden desktop app (or even without having the desktop app installed at all).

Is this something that is even technically possible? I think so but I’m not sure.

Nevertheless, if it’s possible, this should be implemented, as it can only benefit users (if it is not at the expense of security compared to the previous implementation where the desktop app is needed)!

It’s not currently technically possible to have biometric authentication in browsers without a native companion app.

1 Like

Thanks for clarifying!