How to save the bitwarden passkey in bitwarden?

I have a Family account on bitwarden.eu (note this is .eu and not .com).

I set up several MFA accesses for my account: email, Duo and TOTP. This works fine.

When connecting with an Incognito window to bitwarden.com, I get the following screen

image1270×691 37.4 KB

It invites me to use a passkey stored in Bitwarden to connect to the site. This is great, I do not apparently have any passkey stored, but wait! I went to bitwarden.com instead of bitwarden.eu

OK, so on bitwarden.eu I have

image558×685 15.1 KB

This means two things:

• I have somehow stored a passkey for bitwarden.eu, but do not remember how and where (EDIT: see EDIT at the bottom)
• and, most importantly, it is stored in Windows Hello and not Bitwarden.

Now, I vaguely remember writing this passkey (after having given the opportunity) but the only place to do so was Windows Hello.

My question: can I change this Windows Hello passkey to have it written to Bitwarden?

Note: I have many other passkeys registered in Bitwarden, for various applications

EDIT: Ah! found it:

image926×302 29.4 KB

When trying to add a new key Bitwarden as a storage medium is not suggested.

@WpQ Just a few first things…

There are two “passkeys” for logging in to Bitwarden:

• “full-login-passkeys” (–> Log In With Passkeys | Bitwarden)
• and 2FA-passkeys (–> Passkey Two-Step Login | Bitwarden)

And I’m not entirely sure about which of the two you are talking, so please clarify.

(and: they are not interchangeable… with a login-passkey, you can’t perform 2FA in the login process… and with a 2FA-passkey, it’s not possible to use it as a “log in with passkeys”-passkey)

No. At least not in the sense of “transferring” that passkey. You have to set up a new one, and when everything works afterwards, delete the old one. (and that is true for both login-passkeys and 2FA-passkeys for the Bitwarden account)

Yeah, that shows the login-passkey section of the web vault.

At least at the moment, this is not possible for login-passkeys:

2026-04-09--14-52-19-vivaldi_tpbyZineA3854×249 24.7 KB

(–> https://bitwarden.com/help/login-with-passkeys/#passkey-restrictions)

(EDIT: And as described there, at least for your own BW account: it is probably not a good idea, to lock the keys to your car in your car…)

PS: A “tip” I just learned regarding Windows Hello: be aware, that Windows Hello can only store one Bitwarden-passkey at a time (either a login-passkey or a 2FA-passkey) – and if you try to store the other passkey-type, Windows Hello will happily overwrite your existing passkey without any warning or confirmation.

First of all - thank you for the comprehensive answer.

Both, but especially the “full-login-passkey”, to log into Bitwarden passwordless.

Well, it depends. My account could then be accessed either with a password + MFA, or with a passkey. This passkey, if stored in the Bitwarden vault, would be available in the browser extension when I want to connect to the Bitwarden web site.

The other thing is that the full login passkey, even in Windows Hello, is quite useless because I need to input my password anyway as the vault is locked. It is not possible, for the web vault, to set it to “never lock” (which is possible in the Android app or the extension).

Thanks for clarifying that!

Hm, no. At least not yet. Because even if you could store that passkey in Bitwarden, it would be a login-passkey without encryption, since the Bitwarden vault isn’t capable of storing PRF-passkeys yet. (see this corresponding feature request: Support for Storing PRF-Capable Passkeys in Bitwarden Vault)

So, it would be like with Windows Hello at the moment for you: you’d still have to enter the master password when using that login-passkey.