Skip to content

Bitwarden Adds a New Passwordless Method to Access Your Web Vault

Bitwarden gets better every day, making things more convenient.

bitwarden new passwordless method illustration

Bitwarden is easily the most popular open-source password manager right now.

It is simple to use, cost-effective, conveniently available on mobile/desktop, and secure enough for most common use cases.

While it already supported passwordless authentication techniques like fingerprint sign-in, Face ID, PIN, on mobile/desktop, it now has a new addition.

Top 5 Best Password Managers for Linux [2021]
A password manager is essential tool so that you don’t have to remember complicated passwords. Check out the best password managers available for Linux desktop.

Authenticate Login Using Prompts

bitwarden web vault login options

Probably the most prominent example of this type of login authentication is Google. You get a prompt on your signed-in devices to authenticate the login activity.

That's precisely what Bitwarden is adding to its arsenal of features.

When you log in to your web vault from your web browser, you can opt to send a push notification to your mobile where you need to approve the request.

bitwarden login notification sent

You need to have the Bitwarden mobile app installed. So, you can expect the notification to look like this:

This feature is only available on Bitwarden's cloud server. If you self-host it, you cannot access this feature for now.

Is this a secure method?

Bitwarden shares a flow chart that describes the process of this authentication method:

password less login process

So, the authentication request is encrypted, which makes it a safe, and convenient way.

They also mention:

The web vault login will show a Fingerprint Phrase that identifies the login attempt. It might look something like juniper-sandbar-footnote-improve-evolution. This phrase will also appear in the login request on the mobile app. You should make sure that they match before approving the request.

So, on top of end-to-end encryption, you have additional means to verify that the request you received is genuine.

To explore technical details, refer to Bitwarden's documentation on passwordless logins.

Notion – One workspace. Every team.
We’re more than a doc. Or a table. Customize Notion to work the way you do.

More from It's FOSS...