Bitwarden-Blog

Passwordless Authentication - Access Your Bitwarden Web Vault Without a Password

verfasst von:
Ryan Luibrand
veröffentlicht am:
5. Dezember 2022

Bitwarden launches a new passwordless authentication feature making it easier and faster to log into your web vault. The Log in with device option lets you use a second device to authenticate your web vault login instead of using your Bitwarden password. Read on to learn how this works, maintains security, and what the future of passwordless looks like for you and Bitwarden.

How to log in with your device

Before we get started, if you do not have it, install the Bitwarden mobile app on your phone and login there. In the Settings, turn on the Approve login requests option in the Security section (off by default).

Now that you’re ready, head to the Bitwarden web vault, and enter your account’s email address. On the next screen you will see a new option to Log in with device. Selecting this will send a push notification to your Bitwarden mobile app for approval.

The new Log in with device option in the web vault |
The new Log in with device option in the web vault

After selecting Log in with device  |
After selecting Log in with device

The notification in the Android mobile app |
The notification in the Android mobile app

Open your Bitwarden mobile app, confirm the login request within the notification, and the web vault in your browser will automatically log in. Fast and easy!

To extend the passwordless experience to your mobile app you should set up Unlock with Biometrics or Unlock with PIN Code, and be sure that the Vault timeout action is set to Lock. Now you can quickly unlock your mobile app using your fingerprint, Face ID, or a short PIN number, and by extension, access the web vault without entering your password.

The Log in with device process |
The Log in with device process

How it stays secure

Several technology safeguards keep this process locked down:

End-to-end, zero knowledge encryption - the communication between the web vault client and the mobile app are completely encrypted with a public and private key pair, with data encrypted before it even leaves the device.

Client fingerprint phrase - the web vault login will show a Fingerprint Phrase that identifies the login attempt. It might look something like juniper-sandbar-footnote-improve-evolution. This phrase will also appear in the login request on the mobile app. You should make sure that they match before approving the request.

Two-step Login - if you have two-step login turned on (and you should!) you will still need to complete the second step after approving the login.

Note: If you’re a member of an organization that has enabled Single Sign-On policies, you will be required to go through the Enterprise single sign-on process instead of Log in with device.

Recognized devices only - the option to log in with a device will only be available to a browser that has logged into your Bitwarden account before.

If you’re interested in the more technical aspects of how it works and the flow of encrypted data, more information is available here: Help Center: Passwordless Login - How it works.

Expanding passwordless

The passwordless experience

Bitwarden offers multiple ways to access your vault without a password: biometrics (facial recognition or fingerprint) and PIN, on the mobile app, desktop app, and browser extension. Now logging in with a device adds a passwordless method to access your web vault as well.

By virtue of using Bitwarden as your password manager, you can live the passwordless life with all your accounts and websites by skipping typing in passwords. Bitwarden generates, stores, and autofills passwords so they can be the furthest from your mind during your day-to-day internet activities.

The future of passwordless

 |

Passwordless authentication will be adopted by individuals and businesses as the preferred method of logging into accounts. A member of the FIDO Alliance, which is developing passwordless technologies and standards like passkeys, Bitwarden is committed to the future of passwordless and a safer internet for everyone.

The ability to log in with a device was a part of the November update, which includes additional new features and improvements!

Visit bitwarden.com today to learn more about other features, plans, pricing, and how Bitwarden can help you keep your passwords, logins, and other data secure!

Note: Logging in with a device is currently only available on the Bitwarden cloud server (https://vault.bitwarden.com).

Auf dieser Seite

Zurück zum Blog

Noch heute mit Bitwarden loslegen

Kostenloses Konto einrichten
Sprache
© 2023 Bitwarden, Inc.
NutzungsbedingungenDatenschutzerklärungSitemap