Extension WebAuthn QR Code

I have set up WebAuthn on my account. When I try logging into the extension, the QR code is cropped and my camera won’t scan it. I have attempted it in both Brave and Chrome. It works fine for the web vault and desktop app.

Does anyone know how to fix this?

You not using WebAuthn, or you are not using Bitwarden. What you are describing definitely has nothing to do with using WebAuthn in Bitwarden.

Maybe I should turn it off, because it is set up in the WebAuthn section. And it’s allowing me to use my iPhone as a passkey. I wonder if it’s a bug?

Can you please make a series of screenshots that depict exactly what you are looking at (because your written descriptions of what you are seeing/doing are not making sense)? Redact any sensitive/private information before posting. Please show examples of as much as possible of the following:

  • Your “WebAuthn section” set-up.
  • How you are using your “iPhone as a passkey”.
  • The login screens that are requiring a QR code (please show examples of this in the web vault, in the desktop app, and in the browser extension).

Also, please let us know what devices you are using, what the operating system is, and what version(s) of the Biwarden apps you have installed.

Here are some screenshots of the setup.

I am using a Windows 10 pc, iPhone, and the extension is version 2022.10.1

This is the option I am given logging into the web vault. I pick the second option.

This is the resulting QR code I scan with my phone. This works.

This is the 2FA options listed. I only have WebAuthn set up.

This is the WebAuthn setup screen. I don’t think it will show you much.

Here is the passkey info in my iPhone settings.

This is the QR code display in the extension. The code is cropped and won’t scan.

Hi @burney - you can force the extension to open in a browser tab so it displays full screen at login. All you have to do is press Control-Shift-L at a login dialog when Bitwarden is locked, and it should open the extension in a new tab. From there, you can bookmark the URI for that page in your browser so that you can quickly access it.

Thanks for providing the screenshots. This is an undocumented feature (which is why I was confused by your question), but apparently it is supported for some phones. David’s suggestion will hopefully solve your problem. I also suggest filing a bug report on Github.

This is a method to use the FIDO2 passkeys with the browser and your device though I have seen some that will show the device (if capable with BTLE) or present a QR code if not available or on another PC.

Can be set up currently with Bitwarden, Microsoft, a few others that currently support WebAuthn, either in place of or in tandem with a security key.

David, your instructions worked! Thank you so much!

2 Likes