ProductsDownloadPricingHelpBlogContact
Get Started
Log In
HomeProductsDownloadPricingHelpBlogContactTalk to SalesGet StartedLog In

Unlock with Biometrics

Bitwarden can be configured to accept biometrics as a method to unlock your Vault.

Biometrics can only be used to unlock your Vault, you will still be required to use your Master Password and any enabled Two-step Login method when you log in. If you're not sure of the difference, scroll down to Understanding Unlock vs. Log In.

tip

Biometric features are part of the built-in security in your device and/or operating system. Bitwarden leverages native APIs to perform this validation, and therefore Bitwarden does not receive any biometrics information from the device.

Enable Unlock with Biometrics

Unlock with Biometrics can be enabled for Bitwarden on Mobile, Desktop, and Browser Extensions:

Understanding Unlock vs. Log In

In order to understand why unlocking and logging in aren't the same, it's important to remember that Bitwarden never stores unencrypted data on its servers. When your Vault is neither unlocked nor logged in, your Vault data only exists on the server in its encrypted form.

Logging in to Bitwarden decrypts your Vault data to your device. In practice, that means two things:

  1. Logging in will always require your Master Password, because your Master Password is the source of the key needed to decrypt your Vault data. Additionally, because decryption is an operation that needs to be protected, this stage is where any enabled Two-step Login methods would be required.

  2. Logging in will always require you to be connected to the internet (or, if you're self-hosting, connected to the server), because you need access to the encrypted Vault in order to decrypt it.

Unlocking can only be done when you're already logged in. In other words, only when your Vault data is already stored (encrypted) on your device. Because your Vault is already downloaded and your decryption key stored in memory:

  1. You don't need the decryption key derived from your Master Password, so you're free to use other access methods, like PIN codes and biometrics.

  2. You don't need to be connected to the internet (or, if you're self-hosting, connected to the server).


Products

Resources

  • Resource Center
  • Community Forums
  • Security Compliance
  • Success Stories
  • User Reviews
  • Newsfeed
  • Subscribe to Updates

©2022 Bitwarden, Inc.

Terms Privacy Sitemap