I activated the biometric connection on the Bitwarden extension of Firefox but I admit that I do not understand the logic: for the fingerprint to work in the extension (via Windows Hello), it is imperative that the Bitwarden application is launched (and unlocked) in Windows…
This doesn’t make a lot of sense: If the application is open and accessible on my workstation, then all my passwords are in free access and anyone can access them freely. I can copy/paste them from the app to a web site as well.
Am I missing something in the biometric setting of the Firefox extension…?
There is a simple solution for this:
When you leave your computer then lock it.
Are you sure about this? In the documentation, it says that the “Bitwarden desktop app must be logged in and running”, but it doesn’t say that the desktop vault must also be unlocked.
If the desktop app must be unlocked, then you would have to do the biometric unlock twice (first on the desktop app, then on the browser extension), and (as @Peter_H suggested) ensure that both vaults are locked if you leave your computer unattended.
Sorry to correct you here, but I meant that the computer (or to be more specific: the OS) should be locked, not single apps.
Perhaps it works differently on Windows than in MacOS, but I use the BW browser extension in Firefox, and I can unlock the extension with biometrics while the desktop app is locked. You should only need to have both unlocked to setup the browser-desktop integration.
Thanks for confirming that the documentation I had quoted above is in fact accurate.
And (according to the documentation, again), it does work differently on macOS: if using the Safari browser extension, the desktop app does not need to be running in order to use biometric unlock in the browser.
I wasn’t talking about Safari, though - I was conveying my experience with the Firefox extension, which is what the OP mentions.
You are right ! I don’t have to unlock the desktop app. Just open it.
Thank you !