Bitwarden users who need it can store their Passkeys in the digital vault next summer. This feature is intended for people who want to eliminate traditional username and password security. The company applies end-to-end encryption to protect the Passkeys and has a zero-knowledge policy.
Bitwarden reports the news via his weblog.
Here’s what you need to know about Passkeys
Bitwarden is a password manager to manage your passwords for online services and applications. Changing, removing, adding or having a password entered on a site is child’s play. Password managers are helpful tools for those who need to remember dozens of passwords. Because they use advanced encryption, they are also a lot more secure than a text file or piece of paper on which you write down your passwords.
Passkeys are a relatively new phenomenon. They were introduced a year ago by the FIDO Alliance and had the potential to replace the system of usernames and passwords.
Passkeys are based on the Web Authentication (WebAuthn) security standard, where web service and app providers build strong authentication into their services by using authentication methods from users’ registered devices. Consider, for example, a fingerprint scanner, Face ID or physical security key such as a Yubikey. Furthermore, Passkeys work with asymmetric cryptography, meaning there is both a public and private key.
This security method is a lot more secure than traditional variants because passwords are a thing of the past. A hacker can therefore do nothing with leaked or stolen login details. To access an online account or app, you need a private key. This can only be found on a physical device like your smartphone.
Add passkeys to digital vault.
Major platforms such as Apple, Microsoft, Facebook and Instagram support Passkeys. Google and Dashlane announced that they can work with Passkeys earlier this month. Bitwarden will join this group this summer, the company announced today.
Bitwarden has announced via its weblog that users can soon manage their Passkeys via the company’s password manager. Just like usernames, passwords and credit card details, storing and managing Passkeys from online services and apps in the digital vault is possible.
Customers can also create a Passkey to open Bitwarden’s vault. Instead of a master password, you then need a private key to open your personal vault with passwords. Users can also choose to continue using their password and two-step verification even if they have Passkeys enabled.
End-to-end encryption and zero-knowledge policy
Bitwarden’s Passkey approach works with end-to-end encryption and is based on a zero-knowledge policy. That means that Bitwarden cannot access your personal vault of passwords. If an investigation agency knocks on the company’s door with a request to open a suspect’s digital safe, the company must say ‘no’.