How to go passwordless with Bitwarden biometrics
- Blog
- How to go passwordless with Bitwarden biometrics
Passwordless. It sounds a bit misleading since you might think it's a way to log in to your accounts without having to set a password. Of course, that would be a disaster, since every account you create needs to have a password of some form (preferably one that's strong and unique).
So, what exactly is passwordless login and how do you make it work with the Bitwarden Password Manager? After all, doesn't the use of a password manager imply that passwords are a part of the process? They are. But there's more to it than that. Let's start by stating that Bitwarden is a member of the FIDO Alliance and offers cross platform solutions that are compliant with FIDO2, which sets industry passwordless authentication standards.
As a FIDO2 member, Bitwarden is committed to developing open, secure, and scalable solutions that reduce the reliance on passwords to authenticate users. Which leads us back to the question of: Aren’t passwords essential to how password managers work? Yes, and no.
Imagine, if you will, that you have a password system set up where you never have to type a single password for all of your accounts and services, yet they are still protected by very strong and unique passwords.
How does that work?
Let me explain.
You've installed Bitwarden (a great first step) and you've started using it to create very strong passwords for all of your accounts. As it stands, you go to log into one of your accounts and you must then open Bitwarden (using your Master Password), which gives you access to all of those credentials you've added. You then search for the account in question, copy the password for the account, and then paste the password into the required login field for the account. With the right password, you're granted access to the account.
Congratulations, you've used Bitwarden to help keep that account safe by using a unique and randomly generated password.
As secure and convenient as that is, you still had to type a password to get into your vault, and then you had to copy/paste the password for the account in question.
Going passwordless avoids both of those steps. But how does this work? It's actually much simpler than you might think. Even better, it's a much more secure way of doing things.
Going passwordless all starts with how you unlock your Bitwarden vault. To avoid typing your password, you should enable the likes of Touch ID (such as in macOS). This is enabled in Settings > SECURITY (Figure A), by clicking the checkbox for Unlock with Touch ID.
Figure A: Enabling fingerprint scanner to unlock with macOS Monterey
In the mobile app, this is done in Settings > Security > Unlock with Biometrics.
To go passwordless, this is an absolute must. Why? Because using biometrics to unlock your vault bypasses the need to type your password. This isn't just about simplifying the process, but making it more secure since no one can physically watch you type your password, nor can the fingerprint scan be used against you by hackers. Should a hacker install a keylogger on your system and you type the vault password, they've got the means to access your Bitwarden account.
The next step for going passwordless is to make use of the Bitwarden web browser extension (which is available for Firefox, Chrome, Edge, and more). Once you've installed the extension (and associated it with your Bitwarden account), you'll find each entry has an Auto-fill option (Figure B).
Figure B: The Auto-Fill option for a Bitwarden vault entry.
If you click Auto-fill, it will automatically enter both the username and password for the site in question (so long as the site to be logged into is already open).
In the mobile Bitwarden app, this is even easier, as once Auto-fill is enabled (in Settings > Auto-fill) Bitwarden can auto-fill app credentials (once you've authenticated with either biometrics or your mobile password/PIN).
At some point, you'll find going passwordless is the best way of keeping your accounts secure, and it all begins with using a password manager capable of making that possible. With just a little extra work, you can achieve passwordless authentication with Bitwarden without losing a single layer of security.
Interested in trying Bitwarden? Sign up for a free business trial or a free individual account.
Jack Wallen is an award-winning author and avid supporter of open source technologies. He has covered open source, Linux, security, and more for publications including TechRepublic, CNET, ZDNet, The New Stack, Tech Target and many others since the 1990s in addition to writing over 50 novels.