Autofill Passkeys

Passkeys are a secure alternative to traditional passwords that let you log in to apps and websites without entering a password. Developed with the standards set by the FIDO Alliance, passkeys bypass vulnerabilities that come with standard passwords, like phishing.

Save passkeys in your Bitwarden vault and use the browser extension or mobile apps to autofill them across the apps and websites you use every day. Stored passkeys are protected with Bitwarden's trusted end-to-end encryption.

Passkeys are a replacement for passwords that provide fast, easy, and secure sign-ins to websites and apps. Passkeys are a discoverable FIDO credential that can be synced to allow secure passwordless sign-ins across devices or dedicated to a single piece of hardware as a device-bound passkey.

Apps and services can request that passkeys created with them are verified with a PIN, password, pattern, or biometric factor when you save or access them.

Passkeys are stored and invoked via the Bitwarden browser extension and mobile apps. Discoverable passkeys and non-discoverable FIDO2 credentials can be stored in Bitwarden and used to log in to websites with passkey capabilities.

Storing and using passkeys is available with the Bitwarden browser extension and mobile apps.

Browser extensionsiOSAndroid



note

The browser extension will not offer to save or use a passkey for any domain included in the excluded domains list.

Allow passkeys with the browser extension

First, open the Bitwarden browser extension and go to Settings → Notifications. Verify that the Ask to save and use passkeys option is checked.

If there are specific sites you do not wish to use Bitwarden for passkeys with, set excluded domains.

Create a passkey

When creating a new passkey on a website or app, the browser extension will prompt you to store the passkey:



note

Select Use your device or hardware key if you do not wish to store the passkey in Bitwarden.

Only one passkey can be saved per login item. If a passkey already exists for a service, overwrite the existing passkey or select the  Add icon to create a new login item to store an additional passkey:

Sign in using a passkey stored in Bitwarden

First, confirm that the Ask to save and use passkeys extension setting is turned on. Then start the passkey login on the website. From the window that appears, select your saved passkey:

Alternatively, the inline autofill menu can also be used to authenticate with passkeys.



note

If you previously selected Use your device or hardware key, Bitwarden will not offer to enter or save a passkey. If you clicked this by accident or change your mind, remove the website from blocked domains. The next time you go to that service's login screen, Bitwarden will ask to save your passkey.

You can save and use passkeys from Bitwarden with iOS version 17.0+.

Set up Bitwarden for use with passkeys

To allow Bitwarden to store and use passkeys in iOS:

1. Open the iOS Settings app.

2. Go to Passwords → View AutoFill Settings.

3. Tap AutoFill Passwords and Passkeys. A list of apps where passkeys can be stored will appear.

4. Tap Bitwarden.

Create a passkey

When creating a new passkey on a website or app, the Bitwarden iOS app will prompt you to store the passkey:

Select Continue.



note

If you don't want to store the passkey in Bitwarden, select Other Options.

Only one passkey can be saved per login item. If a passkey already exists for a service, overwrite the existing passkey or select the  Add icon to create a new login item to store an additional passkey:

Sign in using a passkey stored in Bitwarden

To use a passkey stored in Bitwarden, start the passkey login on the website. The mobile app will provide an option to login using the passkey stored in your Bitwarden vault:

Select Continue.



note

If you prefer to sign in with a passkey not stored in Bitwarden, select Other Sign In Options.

You can save and use passkeys from Bitwarden with Android version 14.0+.



note

In Android, Bitwarden-stored passkeys can only be used as a primary login credential. Android does not allow third-party passkey providers like Bitwarden to support passkey-based 2FA, also known as "non-discoverable credentials."

Set up Bitwarden for use with passkeys

To allow Bitwarden to store and use passkeys in Android:

1. Open the Bitwarden app.

2. Go to Settings → Autofill.

3. Tap Passkey management.

4. Tap Continue.

5. This will open your device's Settings app. Configure Bitwarden as your passkey provider.

Create a passkey

When creating a new passkey on a website or app, the Bitwarden Android app will prompt you to store the passkey:

Select Create.



note

If you don't want to store the passkey in Bitwarden, select Save another way.

Only one passkey can be saved per login item. If a passkey already exists for a service, overwrite the existing passkey or select the  Add icon to create a new login item to store an additional passkey:

Sign in using a passkey stored in Bitwarden

To use a passkey stored in Bitwarden, start the passkey login on the website. The mobile app will provide an option to login using the passkey stored in your Bitwarden vault:

Select Sign in to use your passkey.



note

If you prefer to sign in with a passkey not stored in Bitwarden, select More saved sign-ins.

Saved passkeys can be accessed from any Bitwarden app. Within the login item, the Passkey field displays the date and time that the passkey was created:

To delete a passkey from a vault item:

1. Open the item Edit screen from the Password Manager web app, browser extension, or desktop app.

2. Select the  Delete icon for the Passkey field:
   

   

Passkeys are included in JSON exports generated by Bitwarden and, once exported, can be imported to a Bitwarden account.