+1 to this, but a similar idea would be to have the browser extension require a pin from the open vault on a mobile phone. I have biometrics on my phone, and can open the vault easily with that. I then keep the master password inside my vault, which is probably not best practice, but I need it for the bitwarden browser extension. If I could receive a otp, or a yes/no challenge on my phone, perhaps inside my bitwarden app, then this would save me having to enter the master password, which is a long one, of course.
+1 to this, the entire reason I have a Yubikey is to make good security easier, but i’m still forced to type in my password or a PIN to unlock my vault? I don’t understand how this makes any sense. And I agree that Tiago described how i’d like to be using Bitwarden perfectly. I’m also thinking about switching if this feature isn’t implemented as well, because I want to switch everything over to Yubikey based auth.
Thanks for the feedback everyone! I’ve passed this info on to the team 
1 Like
as a citizen of a country where devices are often seized or compromised by corrupt law enforcement, the ability to unlock with a hardware key would be a godsend in terms of convenience. being able to unlock my vault quickly with a key would make life so much easier than having to type a hellishly long password every minute, while still giving me peace of mind.
I’ve been following this thread for a while and also +1
I’ve just moved from LastPass to Bitwarden and I’m certain this issue will cause me pain to the point that in 12 months I’ll move to another service again.
Wish I’d known prior to moving that when the vault locks you MUST re-enter your master password. Really annoying when I have a highly secure 2FA hardware device sitting right here that I can’t use…
1 Like
Thanks for the feedback @Majoof, the team is making progress in this space including adding passwordless login options to the 2022 roadmap.
1 Like
No, you are not forced to re-enter your master password to unlock your vault. You can also use a PIN instead or biometrics if your device supports it. And if your security device happens to be a Yubikey 5, you can store a really long PIN as a static password for a very secure unlock method.
I guess my issue is a PIN is almost always less secure than a password, and to get biometrics on a desktop is another level of painful.
Using a static password with a yubikey might be a good approach until this feature is implemented, thanks for the suggestion!
1 Like
+1 I would really love to be able to use a Yubikey Bio to unlock my vault, instead of using a weak PIN code (because it needs to be easy to unlock).
Dude, chill. You seem to have some serious misunderstanding about what Bitwarden’s two-step login is for. Perhaps try reading the link you posted, or politely ask questions here and maybe someone will help you to understand.
@dh024 As yraen’s post seems to be unrelated to the above feature request, perhaps you can break it out as a separate topic posted on the “Ask the Bitwarden Community” forum. I would suggest titling the new topic “New user frustrated by Yubikey issues” or some such.
1 Like
@yraen69 your post has been temporarily removed, please review the community guidelines regarding civilized discussion. You are free to reword and repost.
Please keep in mind this is a community supported forum and you can contact the official support team any time at bitwarden.com/contact
You hid my previous post, despite it being nothing but factual. Anyway your latest blog and tweets:
You’ve got hundreds of people here wanting this feature. Agree FIDO2/WebAuth is the only secure passwordless login, PIN is not acceptable.
Can we get this feature soon please with our Yubikeys? Expected behavior once enable din settings is every time you open the BitWarden app on your mobile device you are prompted for your yubikey (no username/master password required, or at least only as optional extra setting you could enable). The key is what unlocks the password store every time.
When I became a user, I expected a feature that will allow me to unlock the vault from a browser extension using another factor - say DUO 2FA or Yubikey. I have a long master password and don’t like having to enter it every time I have to unlock the vault from a browser extension. I see logging into the web vault is now passwordless. Can we do the same when unlocking the vault from a broswer extension?
1 Like
Feature name
-
Disable re-authentication once biometrics is verified
-
What will this feature do differently?
improve seamlessness and eases the user’s life -
What benefits will this feature bring?
improve seamlessness and eases the user’s life
Its tiring having to re-authenticate the master password on each iOS restart. Once verified by biotmetrics there is no need to.
I previously used 1password and currently Enpass and they do not do this. I just use touchID.
Hey @Abandon1Password it sounds like your vault timeout action might be set to log out instead of lock.
its on lock. hmmm…I am confused. I restarted my device and launched Bitwarden and it authenticated with TouchID.
I swear there were times it asked me to re-input the password. Maybe a bug of some sort?!
Works great for me on iOS and iPadOS. I doubt it is a bug, but something in your process.
Any chance you have set a master password reprompt for an item that you are trying to access? That’s another instance where Bitwarden will prompt for your password before it will allow you access.