Autofill Passkeys

Passkeys can be stored and used by Bitwarden Password Manager. Using browser extensions and mobile apps, users can log in to their favorite apps and websites that have passkey login capability. Passkeys are a safe, passwordless alternative for users to log into services across their devices.

Developed with the standards set by the FIDO Alliance, passkeys allow a user to secure their accounts and bypass the vulnerabilities that come with standard password authentication, such as phishing. Stored passkeys are protected with Bitwarden's trusted end-to-end encryption.

Passkeys are a replacement for passwords that provide fast, easy, and secure sign-ins to websites and apps. Passkeys are a discoverable FIDO credential that can be synced to allow secure passwordless sign-ins across devices, or dedicated to a single piece of hardware as a device-bound passkey.

Apps and services can request that passkeys created with them are verified with a PIN, password, pattern, or biometric factor when you save or access them.

Passkeys are stored and invoked via the Bitwarden browser extension and mobile apps. Discoverable passkeys and non-discoverable FIDO2 credentials can be stored in Bitwarden and used to log in to websites with passkey capabilities.

Storing and using passkeys is available with the Bitwarden browser extension and mobile apps.

Browser extensionsiOSAndroid



note

The browser extension will not offer to save or use a passkey for any domain included in the excluded domains list.

Allow passkeys with the browser extension

First, open the Bitwarden browser extension and go to Settings → Notifications. Verify that the Ask to save and use passkeys option is checked.

If there are specific sites you do not wish to use Bitwarden for passkeys with, set excluded domains.

Create a passkey

When creating a new passkey on a website or app, the browser extension will prompt you to store the passkey:



note

Select Use your device or hardware key if you do not wish to store the passkey in Bitwarden.

Only one passkey can be saved per login item. If a passkey already exists for a service, overwrite the existing passkey or select the  Add icon to create a new login item to store an additional passkey:

Sign in using a passkey stored in Bitwarden

First, confirm that the Ask to save and use passkeys extension setting is turned on. Then start the passkey login on the website. From the window that appears, select your saved passkey:

If you prefer to use an existing passkey stored outside of Bitwarden, select Use your device or hardware key. This will close the pop-up window and not enter any passkey from Bitwarden.



tip

The inline autofill menu can also be used to easily authenticate with passkeys.

You can save and use passkeys from Bitwarden with iOS version 17.0+.

Set up Bitwarden for use with passkeys

To allow Bitwarden to store and use passkeys in iOS:

1. Open the iOS Settings app.

2. Go to Passwords → View AutoFill Settings.

3. Tap AutoFill Passwords and Passkeys. A list of apps where passkeys can be stored will appear.

4. Tap Bitwarden.

Create a passkey

When creating a new passkey on a website or app, the Bitwarden iOS app will prompt you to store the passkey:

Select Continue.



note

If you don't want to store the passkey in Bitwarden, select Other Options.

Only one passkey can be saved per login item. If a passkey already exists for a service, overwrite the existing passkey or select the  Add icon to create a new login item to store an additional passkey:

Sign in using a passkey stored in Bitwarden

To use a passkey stored in Bitwarden, start the passkey login on the website. The mobile app will provide an option to login using the passkey stored in your Bitwarden vault:

Select Continue.



note

If you prefer to sign in with a passkey not stored in Bitwarden, select Other Sign In Options.

You can save and use passkeys from Bitwarden with Android version 14.0+.



note

In Android, Bitwarden-stored passkeys can only be used as a primary login credential. Android does not allow third-party passkey providers like Bitwarden to support passkey-based 2FA, also known as "non-discoverable credentials."

Set up Bitwarden for use with passkeys

To allow Bitwarden to store and use passkeys in Android:

1. Open the Bitwarden app.

2. Go to Settings → Autofill.

3. Tap Passkey management.

4. Tap Continue.

5. This will open your device's Settings app. Configure Bitwarden as your passkey provider.

Create a passkey

When creating a new passkey on a website or app, the Bitwarden Android app will prompt you to store the passkey:

Select Create.



note

If you don't want to store the passkey in Bitwarden, select Save another way.

Only one passkey can be saved per login item. If a passkey already exists for a service, overwrite the existing passkey or select the  Add icon to create a new login item to store an additional passkey:

Sign in using a passkey stored in Bitwarden

To use a passkey stored in Bitwarden, start the passkey login on the website. The mobile app will provide an option to login using the passkey stored in your Bitwarden vault:

Select Sign in to use your passkey.



note

If you prefer to sign in with a passkey not stored in Bitwarden, select More saved sign-ins.

Saved passkeys can be accessed from any Bitwarden app. Within the login item, the Passkey field displays the date and time that the passkey was created:

To delete a passkey from a vault item:

1. Open the item Edit screen from the Password Manager web app, browser extension, or desktop app.

2. Select the  Delete icon for the Passkey field:
   

   

Passkeys are included in JSON exports generated by Bitwarden and, once exported, can be imported to a Bitwarden account.