I‘d love to see Bitwarden implementing a similar feature to that what 1Password announced two days ago: The ability to completely ditch the master password in favor using passkeys. (Technically speaking, all FIDO2 capable usb keys and smart cards should be able to comply with that, but more on that later.)
Technical details:
It‘s actually very simple, straightforward and fast to implement. The current account encryption key will be encrypted with the public key of the passkey. This process must be repeated if you want to add some backup Yubikeys for example. After authentification, the encrypted payload (aka the account encryption key) will be decrypted by the private key of the respective passkey.
Please note that this feature should be optional.
If you have any questions or comments, feel free to ask. I‘m open to other opinions and thoughts.
Have a great day!
(Message to the mods: This feature request is NOT the same as the „unlock database with yubikey…“ request, so please don‘t merge them.)
Bitwarden recently acquired passwordless.dev so they appear committed to this area. I hope passwordless sign in is introduced by Bitwarden this year as they have passkey support on their development map. I have added a vote to the other feature request as they appear very similar.
What would the future of a bitwarden vault look like if mankind transitions to these passkeys/passwordless system? Would each sites’ key still be able to be saved in each vault item?
It‘s actually very simple, straightforward and fast to implement. The current account encryption key will be encrypted with the public key of the passkey. This process must be repeated if you want to add some backup Yubikeys for example. After authentification, the encrypted payload (aka the account encryption key) will be decrypted by the private key of the respective passkey.
As @DoctorB suggested, the passkey (Fido2/WebauthN) api doesn’t really allow this. It allows for signing challenges, but you can’t encrypt/decrypt data directly. So while it could be used in the pre-auth, to replace the master-password-hash being sent over the network, you would still have to enter your password to decrypt the encrypted vault.
There are some other extensions, some of which are not developed / merged yet, which would make something similar to this possible. For example: https://github.com/w3c/webauthn/pull/1424
Did 1P support say which protocol they are using?
WebAuthn is not a general purpose encryption API.
I couldn’t be sure but I was expecting you to say your design was to use the hmac_secret extension in the CTAP2 protocol which does allow for a symmetric secret to be scoped to a credential, and seems to be supported in the latest versions of the main browsers.
Just a question as to why you would thing the other request should be closed, or this one not merged into the other.
As I understand standards are in the works but still nothing solid as of yet, Bitwarden being a member of the FIDO Alliance is highly committed to working with industry partners and closing watching any upcoming changes and stadardizations that may come to Passkeys.
Would you be so kind as to point out what I’m the previous posting has been implemented, or what is outdated comparatively from this post?
Maybe I‘m getting something wrong, but I think the other threads wants to use Apple‘s passkey for 2fa. And AFAIK, it doesn‘t make a difference from BW‘s side to implement it because it‘s already included in the Webauthn standard.
I like the idea. However, as you say it should be optional, therefore I think the title is a bit too strong (“Ditch the master password”). You might get more acceptance with a more moderately worded title.