Add a feature that allows you to choose biometric unlock options individually. So you can choose just fingerprint, or just face ID (facial recognition), or both. As of right now on the android app, I can choose biometrics as a whole to be enabled or disabled.
Facial recognition is known to have a much higher False acceptance rate.
While I want the convenience of facial recognition unlock for my phone, I don’t want this option to unlock my bitwarden vault.
This is already a feature available in the Bitwarden app for Android. When prompted to provide your biometrics, you can click on the Thumbprint or Face icons to choose which one you want (assuming both are enabled on your device).
Here is a photo of the screen on my Android 11 phone so you can see what I mean:
I second this request. I don’t trust facial recognition all the data I have in Bitwarden. But I do trust the fingerprint sensor. Most banking apps I use allow only fingerprint login (they don’t have a switch to facial) and I want to set Bitwarden to that level of security as well.
Add the ability to disable the much less secure Android Face unlock from vault login
Samsung clearly states that face unlock is less secure than fingerprint and PIN. It can misidentify people that look like you or even, in some cases, unlock when shown a picture of you (this is all displayed in warnings on Samsung phones, likely other single-camera face unlock phones are the same).
It can be turned off but it’s not in Bitwarden. Many banks only allow fingerprint. Secure face unlock requires multiple cameras and special equipment. Otherwise, using face unlock to protect all your passwords is not recommended.
I searched and there was another topic requesting face unlock. It has since been activated in Bitwarden. If you are using face unlock to unlock your phone, you will be given the option to use face unlock your vault. You can avoid this by not setting up face unlock on your phone. Unfortunately, it takes away other opportunities to safely use it.
I want to use face unlock for my phone but NOT for Bitwarden. However, if face unlock is active on the phone and you want to use fingerprint login for Bitwarden then Face Unlock is available. Can we have a way to have Face Unlock available used on the phone but have Bitwarden ignore that biometric so we can only use fingerprint login for BW?
I have been also annoyed by BitWarden allowing me to unlock via face and I’ve gone down the rabbit hole to find out how to disable it.
From the looks of it BitWarden uses a plugin called Xamarin-Fingerprint to perform the authentication on both iOS and Android, and for Android there’s no support to select which authenticator to use.
I’ve created a pull request for that plugin adding some functionality for Android (although it’s a bit rough), hopefully that feature will be accepted and then BitWarden can start requesting only STRONG authentication instead of allowing both STRONG and WEAK.