Bitwarden can’t be blamed for this, as the fault lies with browser vendors who are slow to implement the newest FIDO2 standards (PRF extensions, in this case). You can use passkeys for true passwordless login into Bitwarden if (and only if) you use a PRF-capable browser — which as of today includes only Chromium-based browsers (e.g., Chrome, Edge, Brave, Opera, Vivaldi, etc.).
I use my Passkey for passwordless login with Google on Firefox just fine.
That is irrelevant, because your Google passkey does not do any encryption/decryption, and therefore does not require PRF support.
Yes, it is used by Bitwarden, if you enable it when you register the passkey. Which is only possible if you use a PRF-capable browser. Conversely, if you don’t enable encryption for your passkey, or if you use a non-Chromium browser (i.e., a browser that does not support PRF, and therefore is incapable of enabling encryption), then the encryption is instead done using your master password — which is why you are asked to enter your master password when logging in with a passkey that does not have encryption enabled.
The following links may shed further light on how passkeys work in Bitwarden:
1 Like
Do you mean signin to web vault?
If so which browser and OS are you using?
@DoctorB They are using FireFox for passkey login into the Bitwarden Web Vault. I have tried to explain why this can’t be done without entering the master password.
If @packetauditor is using Firefox and he wants to see passkey login in it’s full glory (login with encryption and no master password), then I suggest he tries Chrome or Brave .
However, if they are using Windows 10 then no browser will support encryption on Windows 10 in my experience, even those that work on Win 11.
1 Like
I have a question, I’ve been using BW for some time now and I wanted to try this Passkey option. How ever, after I create the passkey (in Brave on Win11) no mater what I do it shows “Encryption not supported” and I’m required to enter my master password? Am I missing something or am I not understanding how it works.
I tried this on my iPhone 12 Safari browser and the same thing happens
??
@Walter Welcome to the forum!
Where are you storing the passkey? In addition to using a PRF-capable browser to mediate the communication between your passkey and the Bitwarden Web Vault, the platform where your passkey is stored must be compatible with encryption-enabled passkeys. This is not always the case (in fact, even the passkeys stored in a Bitwarden vault are not encryption-capable!).
I think you will need to be using a USB security key for the passkey to get encryption support.
I mention this because you don’t say and it matters for encryption support.
I know from my own experience that both Yubikey 5 and Nitrokey 3 both work OK and anything else I try doesn’t work today (may change in future).
Thanks for the info, maybe in the future we can all use this feature without a costly add on device. Nothing against USB key guys, they have a place where the threat level justifies the cost. But they haven’t meet my “WIFE”..
Thanks again..
Tracking issue for WebAuthn PRF support in Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=1863819
Add yourself to the cc list on that bug if you want to be notified when PRF support is implemented in Firefox.
3 Likes
WebAuthn PRF support has been implemented in Firefox for Windows and Linux. Look for it in the next Firefox release, 134. Firefox releases every 4 weeks and Firefox 133 was released November 26 2024, so I anticipate Firefox 134 will be released in about two weeks. It will be released in Firefox 135, scheduled to release 4 February 2025.
macOS support for WebAuthn PRF is being tracked in a separate issue: 1935280 - MacOS support for WebAuthn PRF extension
3 Likes
Firefox 135 has been released! Registering a passkey to encrypt the vault and logging in with it works, at least on Linux… but only on the web application for now, which makes it not that useful yet. 
Sidenote: I changed the title from “Sign into Bitwarden with a Passkey (Google, Apple, Microsoft)” to “Sign into Bitwarden with a passkey / “Login with passkeys” (for all BW apps)” to reflect the currently used terminology, possibilities etc. better.
macOS support for WebAuthn PRF in Firefox was just implemented, so it will be released in Firefox 139 scheduled for May 27 2025.
1 Like
@uxkjaer A somewhat late “welcome to the forum”!
I merged your post with this existing Feature Request (FR) to the same topic. (as it’s for all apps, it also includes the CLI)
Hi there.
I believe feature should be extended. Namely, be able to save passkeys per device. At least in google mail account seems login device influences passkey (can login from my laptop but cannot login from my phone)
@icegood Welcome to the forum!
Can you explain more what you mean? Because I don’t understand what you mean…
And this Feature Request is not about the ability to store passkeys, but the ability to login with passkeys to all Bitwarden apps (browser extension, desktop app, mobile app, CLI… it’s already possible only to login to the web vault with a passkey)…