Right now UI changes and the move native apps is causing a lot of user frustration. Normally, I would be confident that after a few releases/patches to address user concerns, usability and functionality would improve.
My biggest worry is that the big three; MS, Google Apple and possibly Mozilla are being indifferent (maybe antagonistic) to 3rd party password managers. Apart from the current UI issues there seems to be a constant stream of new issues as result of an OS/browser updates. The big three have a long term strategy of locking the users into one ecosystem. Making 3rd party password apps ineffective helps achieve that strategy.
Till now I have thought there would be attempts to make auto filling of username and password harder, but 3rd party apps would always find a a workaround. The down side would be that apps like Bitwarden would be blamed for poor a user experience that is beyond the developers control, but most users would understand this.
Hey there! Regarding UI/Native apps, let us know if you have any specific feedback! The browser extension allows you to choose your preferred copy and autofill suggestion behavior in the settings menu and we’re still collecting feedback on the new design.
On the passkey side, standards are still in development, re: Fido Alliance, which when finalized will help ensure data portability, and promote consistency.
Passkeys are the wild west. Bitwarden does its part nearly 100% flawlessly all the time, in my experience.
The problems occur with the individual websites and the degree to which they have implemented passkeys correctly. Some are 100% meaning the user can see them, delete them, create multiples and name them, etc. The lousy ones (and I’ve experienced a number of them) only do enough to be able to say “We support passkeys!” when in reality they don’t fully support them. One in particular which annoys the crap out of me (I won’t name it) lets you create a single passkey. If you lose the device or delete the passkey on the user end, the website end has no idea and doesn’t give you the option to delete it on their end to sync up.
So passkeys are great when they work, but Bitwarden’s implementation is nearly perfect, in my experience.
I think you’ve overreacted. First of all, they are working on standards that allow people to transfer passkeys from one password manager to another.
Secondly, I already use multiple password managers not necessarily tied to an OS, without any problems, so I don’t see doing so with passkeys will be any worse in the long run.
Regarding iOS and Windows, I like the way that iOS handles passkeys from multiple password managers in a more centralised manner compared to Windows. On iOS, you can choose up to three password managers to use. When a site wants a passkey, you see a number of eligible passkeys from the various password managers in the one place. You choose one and follow the prompts from there on. Similary for paswords. In Windows, if you have three password managers you’ll see up to three prompts asking you to autofill a password one on top of the other, and possibly on top of the login button. For passkeys, you have to choose a passkey from the extension, or continue on to a browser supported passkey (e.g. in Google chrome), or continue onto a Windows Hello password, or continue to a 3rd party device. This doesn’t always work, e.g. if you have a Google Password Manager and Windows Hello passkey for a particular site, the Google one may not be available to choose.
Microsoft are working to integrate passkeys from 3rd party password mangers into Windows Hello, so hopefully managing and using passkeys on multiple password managers on Windows becomes much easier. Not sure if this will also apply for passwords. They’re also working on storing passkeys in the cloud like iOS and Bitwarden.
Also, Google just enabled using Google Password Manager stored passkeys on iOS.
Regarding people not being aware that they are using passkeys, you’re right about that one. For example, when you login to Microsoft, it says something like “Use face, fingerprint or PIN to log in”. However I read an article where Microsoft said that people are more likely to set up passkeys if they see this rather than something like “Lgin with passkey”.