Everyone, this has already been added as a feature. See here: Unlock with Biometrics | Bitwarden Help Center (click on “browser extension” tab)
Both your desktop app and extension must have allow unlock with biometrics checked. It’s working on my end after enabling on both.
@Kenny_H Not everyone can use Biometrics.
This thread says “We are actively researching client to client authentication.” at the top but is not tagged with the “roadmap:researching” tag. Is this an oversight?
Hey @Yeroc Manifest V3 is currently in development (new browser extension standard) which may allow for additional functionality, rest assured the team is always looking at making enhancements wherever possible and your feedback will be passed along to the team.
The team is also working on the ability to access your vault with a passkey via the browser extension (as well as ability to store, manage and retrieve passkeys).
It’s a little unclear to me how unlocking the vault with a passkey satisfies this request? As far as I can tell, even with Passkey unlocking we’d still need to individually unlock the vault in each browser / desktop app / cli app separately. This is the pain point people are concerned about.
Unlock with Biometrics is not what this thread is asking for. What is being asked for is, if you unlock the PC app then the browser extension should automatically be unlocked. i.e. You shouldn’t have to use biometrics, PIN or password to unlock the browser extension if the PC app is already unlocked.
This would also allow keeping the browser extension unlocked even if the browser is restarted. This is a major frustration of mine - I hate that Bitwarden will lock every time the browser is restarted, even if you have it set to only lock after a certain amount of time or on system lock.
Creating a community account to just pile on to this.
I would honestly be ok with even the pin solution for the extension.
It would beat having to go to my Bitwarden app to get the Bitwarden password to paste into the Bitwarden extension EVERYTIME I open Chrome.
EDIT: JK, I’m dumb. I couldn’t see the option to disable use master password on restart, but apparently I had to REMOVE the pin and re-add it to see that.
This works for me, but I do think it’s a bit goofy you have to log into to different things when you launch your computer.
Hi,
Having used a number of different password managers over the years, most of them have generally used a single ‘host’ app that is installed in the desktop (whether Mac or Windows) that the browser plugins would hook into to access the vaults. So if the ‘host’ app is unlocked, the plugins in the browser can access the data. I may not be explaining this very well, but hopefully you get what I mean.
With Bitwarden however, the ‘host’ app along with the browser plugins are all independent apps that each require their own separate login. Are there any plans to move towards the more centralised approach I mentioned above? And if not, could you tell me what are the benefits / advantages of the current approach that Bitwarden has chosen?
Hi @shaun0024, how are you?
I would like to help answer your question. But I didn’t quite understand what you said, do you have an example of a password manager with this feature that you wrote about here? what does “Single Host App on the Desktop That Plugins Use to Access Vaults” mean?
@shaun0024 Your request seems to be similar to this feature request:
https://community.bitwarden.com/t/login-to-browser-extensions-when-logging-into-desktop-app-and-vice-versa/1635
Hey @MHSwizzlestick, thanks for your reply, looking through that post, yes, it sounds very much like what I am referring to. Seeing that it has been asked about as far back as 2018, I guess I am not the only one looking for this but it doesn’t seem to be a priority or on the roadmap.
Hey @anon31427389 , thanks for your reply. There is a link to a post below yours that pretty much goes into detail and has been asked as far back as 2018.
This is sorely needed. My browser goes through a VPN for everything (browser and extensions), but the risk is that someone else could have my IP address if they subscribe to the same VPN server. I do NOT want my password manager to go through the VPN for this very reason, so I have the desktop app use my ISP IP and would prefer the browser plugin authorize through the desktop app such that I can add IP level security to Bitwarden
Yep. Just created an account to upvote this. Lack of this feature is one of the main reason that Bitwarden’s usability is definitely lacking compared to competitors.
This is incredibly disappointing. I’ve been a longtime 1Password user and had become rather disenchanted so I started looking around for something else. After some research I settled on BitWarden, imported my 1Password passwords, and thought I was good to go. Then I installed the browser extension and encountered this showstopper of an issue. Reluctantly, I reinstalled 1Password and uninstalled BitWarden.
I’m happy to see the “We are actively researching client to client authentication.” status on top! Thanks a lot, dow we have an ETA for this feature? This would a life saver for sure!
it works with vs code aint it? they integrated a sync so i think its possible with electron bitwarden too?
+1 for this feature. My current workaround is to configure the browser extension to be unlocked via a very strong randomly-generated PIN, store the PIN in Bitwarden, and then when I want to unlock the browser extension, just open the desktop app and copy-paste the PIN from the desktop app to the browser extension. It would be much more convenient to just have a global unlock option, or just have the browser extension automatically query the running desktop client for usernames, passwords, etc.
Coming from 1Password - really missing this feature.
Change the behavior of the desktop/browser app integration to allow the desktop app to unlock the browser extension without additional prompt. This would enhance the biometric unlock relationship, but instead of prompting for additional biometric unlock, it would pass a successful auth to the extension if the desktop app is already unlocked. Additionally, if the desktop app is locked, the biometric unlock request for the browser extension will also unlock the desktop app.
There is no added security for one to be locked while the other is accessible. Unlocking one app should unlock all (especially with multiple browsers open). This would actually tighten security; as it is currently, if 3 browsers are used and the desktop app with a 1 hour lockout, they all will have different lockout periods. Integrating the authentication/lock should put all apps on the same lockout schedule.