Well, I would say:
-
don’t deactivate 2FA for your Bitwarden account/vault → the “login-with-passkeys”-passkeys are additional at this moment in time, and you can still log in with your master password (and if your account had no 2FA, it wouldn’t be protected by that)
-
for 2FA in general: write down your 2FA recovery code on your emergency sheet(s)!
-
I saw in your screenshot for the “Two-step login”, that you have activated email-2FA, TOTP/authenticator app and “passkey-2FA” (with your security keys now) → the most secure is “passkey-2FA” and you could think of deactivating email-2FA and/or TOTP – but I don’t know your usecases etc. (and only reduce it to “passkey-2FA” - if at all - when you have at least one backup security key with a 2FA-passkey, and, as written before, when you have your 2FA recovery code safely stored…
-
-
there is a corresponding feature request: Ditch the master password in favor of passkeys
-
at the moment, you also still can’t use BW’s login-passkeys for confirming some account or administrative actions → corresponding feature request for that: Options to allow PRF Passkeys to authorize actions and account/security changes protected by Master Password
-
and the feature request for “login with passkeys” for all BW apps: Sign into Bitwarden with a passkey / "Login with passkeys" (for all BW apps)
No, unfortunately not…
PS: Ah, and when you now have login-passkeys for your Bitwarden account/vault on your hardware security keys, don’t forget to set a strong FIDO2-PIN on/for your hardware security keys - see here: YubiKey Login PSA: Set a strong PIN!
And if you are now interested in having more than 5 login-passkeys…: Support more than 5 "login-with-passkey"-passkeys for the Bitwarden account/vault (FIDO2 passwordless login)
At last, here the feature request for unlocking with passkeys/FIDO2: Unlock with FIDO2/“passkeys”