It seems that on Windows, it is absolutely necessary to enable Windows Hello to use the biometric login features, especially fingerprint login. This is a problem for my particular case, because our AD forbids biometric and pin login, which completely disables Windows Hello. However, using the fingerprint sensor built into my laptop would still be a good idea, while using a long master password. Currently, the only workaround here is using a pin for login, which is less secure or I could try to setup Windows Hello login with a physical security key (not sure if this will work then or if Bitwarden will be able to use it).
Is it possible to remove this reliance on Windows Hello or use a plugin or similar to “bridge” it?
Bitwarden does not (currently) an ability to “login with biometrics” (even when using Hello), although they can unlock with biometrics. The difference and the various options for each are spelled out at Understand Log In vs. Unlock | Bitwarden . Perhaps “login with approved device” would meet your needs.
Inability to use Hello at all sounds like an issue with your AD, not with Bitwarden. Microsoft is pushing hard for “passwordless authentication”, and Hello is a huge part of that. But, that is a conversation for you and your IT department that is out-of-scope for this forum.
As much as this is true for the very function that is called “Unlock with biometrics” – it indeed should already be possible to log in with biometrics: e.g. with a PRF-capable passkey stored on a security key using “fingerprint” (like the YubiKey BIO).
