Passkeys Bitwarden

Do you think it is safe to use the new passkeys function?

So far, when logging in, e.g. to a Google account, I used a password + U2F key. Currently, I can save both the password and passkeys in Bitwarden and log in to my Google account very conveniently. But how safe is such a solution?
Why doesn’t passkeys have any additional security? If I use a physical U2F key, if someone gains access to my Bitwarden, I still won’t log in to my Google account because they don’t have access to the U2F key. When passkeys are enabled in Bitwarden, when someone gains access to Bitwarden, they automatically have access to all my accounts :frowning:

Why isn’t there an additional password/PIN or other security so that logging in to Bitwardne does not allow access to other accounts :frowning:

Secondly, why CAN’T it be turned off? On every website where I use U2F, I have to click use browser and then I can log in. I would like to be able to disable passkeys from Bitwarden :frowning:

Safe enough that major tech companies consider it to be the primary login method.

Because it already does and it’s builtin. In order to access your BW vault they need to biometrically authenticate.

Your BW login IS that additional password/pin.

It’s been stated many times already that it’s coming soon.

Overall it sounds like you don’t understand what passkeys are. Please read up on this topic. There are many sources online that explain and document it in great detail.

The ability to add a PIN, password, or biometrics to stored passkeys is coming in a future release.

1 Like

Hi, may I ask you where you find this information? :smile:

That would be such a good addition. I’m so happy Passkeys are now starting to be part of password managers. :sparkling_heart:

1 Like

That is good news.

I just saw, that it is written on the passkeys help page: Storing Passkeys | Bitwarden Help Center (“What are passkeys?”)


An option, one can use already:

Nice, exactly what I was searching for :star_struck: