They can use a master password and improve security by adding a two-factor authentication option to the process.
A private part of it never leaves the device, which means that all standard password attacks don't work against passkeys.
I used the Google Titan Security key, which is a hardware key, for this guide.
You may also use what is provided by the browser / operating system, e.g., WebAuthn, or a different hardware security key.
Passkeys are not yet supported if Require single sign-on authentication policy, SSO with trusted devices, or Key Connector are used.
Bitwarden supports the saving of passkeys already for other services.
This improvement adds support for using passkeys to sign-in to the vault.
Here is a step-by-step guide to creating a passkey on Bitwarden to sign-in using it later on.
Select Security in Account Settings and make sure that Master Password is the active tab.
You should get an overlay prompt to create a passkey.
Depending on your setup, you may use a hardware security key or something provided by the browser / operating system.
Select Security Key, if you use a hardware key, and then next.
Accept the Security key setup prompt with a click on yes.
Enter the Security Key Pin when prompted and select OK. Touch the security key button on the key to complete the process.
Type the security key PIN and select OK. Touch the security key button.
You are then prompted to connect the security key, type the Pin and press the button on the hardware key to verify the process.
Tip: you may add a backup 2-step login provider to Bitwarden.
Using a passkey is a much simpler process once set up.
Instead of having to type a, usually large, master password and maybe also second authentication code, you only have to provide a pin and use the security key to sign-in.
Find out how to use a passkey to protect your Bitwarden password vault and sign-in using the passkey.
This Cyber News was published on www.ghacks.net. Publication date: Thu, 11 Jan 2024 07:43:18 +0000