Bitwarden, a provider of password, passkey, and secrets management solutions, has extended its passkey login capabilities to its browser extensions for Chromium-based browsers, allowing users to access their vaults without a master password. This update introduces a secure, phishing-resistant authentication method designed to protect against credential theft, leveraging the WebAuthn PRF (Pseudo-Random Function) extension.

The integration enables users to verify their identity and log in to their Bitwarden vault in a single step. By utilizing the same passkey technology that facilitates phishing-resistant, cryptographically bound authentication across devices, the update offers faster access with fewer steps while maintaining security built on FIDO and WebAuthn standards.

Browser extensions are commonly used tools for managing and autofilling credentials across various web applications and websites. Expanding passkey login to this environment integrates passwordless authentication into daily workflows, combining convenience with robust phishing resistance. This move aims to support wider passkey adoption by aligning with existing user behaviors for credential access and management, thereby reducing friction and ensuring consistent protection across browsers and devices.

The WebAuthn PRF technology facilitates passkeys in generating a consistent encryption key for both authentication and vault decryption, merging convenience with end-to-end encryption. Bitwarden’s web vault previously implemented passkey login using this framework, ensuring interoperability with FIDO Alliance specifications. Support now extends to Chromium-based browsers, including Chrome, Edge, and Brave, for passkeys that incorporate the PRF extension. Passkeys without PRF support can still authenticate users, with the master password then used for vault decryption. Future plans include enabling vault unlocking with a passkey after a timeout.

Bitwarden states its commitment to advancing passwordless authentication through standards-based implementations that aim to simplify secure access across various devices and environments. The recent browser extension update enhances the Bitwarden Password Manager by extending passkey login from the web vault, contributing to a consistent user experience across platforms. This development is part of ongoing collaborations, including contributions to FIDO Credential Exchange standards, which are designed to enable passkey portability and secure credential transfer, and a partnership with Microsoft, where Bitwarden was an early implementation partner for native passkey management in Windows 11. These efforts are presented as a means to accelerate frictionless passkey adoption and support the broader industry shift toward secure, passwordless authentication, aligning with FIDO Passkeys Week.

Founded in 2016, Bitwarden provides open-source security solutions for managing and sharing information online. The company offers a password manager, Bitwarden Secrets Manager, and Passwordless.dev for developer secrets security and passkey development. Headquartered in Santa Barbara, California, Bitwarden serves over 50,000 businesses and more than 10 million users across 180 countries in over 50 languages.