Passkey ?

[deleted]

So someone is really going to have to explain it to me as if I were 5 years old...
to carry out this test I created a new Google account, I installed the bitwarden extension for brave (since the passkeys work on Bitwarden only on the extension...), when I connected to this fictitious Google account , I created a passkey in bitwarden then I connected to this fictitious Google account on my smartphone. My account is connected as if I had not added a passkey. What's the point?
I specify that on my smartphone I had of course installed bitwarden with the registered passkey.
I also specify that the sandbox play service is installed on my smartphone.

DeletedUser24

Bitwarden hasn't yet implemented passkey on mobile.
This applies not only to creation, but also to use.
You'll need to wait somes weeks before use it on android.

[deleted]

DeletedUser24 I know but as the fictitious Google account had a passkey registered on bitwarden from my computer, Google should have asked me to authenticate, a bit as if it were 2fa

[deleted]

it's really weird because the last time I used the passkey was on stock Android and to connect I had to validate the connection with my fingerprint

p338k

[deleted]

I believe passkeys are implemented with the Google password manager on stock. They are not implemented by Bitwarden even on stock.

DeletedUser24

[deleted]

In android settings, you must choose your password manager, including passkey.
As bitwarden doesn't support them yet, it's perhaps normal that it doesn't offer anything on the login page.
I believe dashlane has passkey support for android, you could try with it, if it works.

[deleted]

This is just my thought but if GrapheneOS is not certified by Google I doubt that the passkey will work on GOS. Otherwise we could already add them to our Google accounts.

[deleted]

And what do you care? Why do you need a passkey anyway? For a lot of us a lifetime goes by without needing one.

DeletedUser24

[deleted]

And people have no right to wish to use a secure connection method?

[deleted]

DeletedUser24 If bitwarden was in charge, he should have asked me for my fingerprint. Since he didn't, he should have blocked the connection.

[deleted]

DeletedUser24 question your reasons before finding a solution, it might not be what what you're looking for.

Good bye everyone, I wish you all the best. I am staying with Graphene, because this is the way to go, you will just not hear my BS anymore...

DeletedUser24

I've just tested on nvidia, logging in with passkey, and it automatically opens the google prompt (even though bitwarden is the designated password manager).

I think it's just a temporary compatibility problem which will be corrected when bitwarden has android support for passkey.

[deleted]

DeletedUser24 Normally the connection should be blocked

Eirikr70

For what it's worth, I have tested passkeys with Bitwarden's extension to Brave on Windows and Linux and it works fine. The Android extension not being ready, it seems useless to me to try on my phone. The concern of GrapheneOS being able to support it is a real question, but I would leave them some time for that, also because very few sites or services already offer that possibility.

[deleted]

Eirikr70 I totally agree with you. The problem isn't bitwarden support on Android. The problem is that I set up a passkey on a Google account with bitwarden on windows. On Android, when I connect to a Google account "protected" by a passkey, the account only opens with the email address and password, whereas this shouldn't be the case since a passkey is present.

p338k

[deleted] On Android, when I connect to a Google account "protected" by a passkey, the account only opens with the email address and password, whereas this shouldn't be the case since a passkey is present.

That seems like a Google thing rather than anything GrapjeneOS or even Android related. Google seems to allow logging in with email address and password as a fallback.

[deleted]

I'd leave it at that, I don't think I'd get any answers from security researchers. I find it odd that this situation isn't better known...

DeletedUser24

What security researchers ? People here are normal users.
The developers work a lot, so obviously they don't have the time to come and answer everyone here, on discord, element, etc, they're very busy. And they're not supposed to know everything either.
This is a forum, not a customer service department.

Passwordless login is often an alternative method of logging in, not a requirement. Most sites don't offer the option of deactivating the password. This problem (which is real) has nothing to do with GrapheneOS.

[deleted]

Passkey work fine on grapheneos with 1password

Relaks

[deleted] Except in Vanadium, which they prohibit.

Titan_M2

Relaks which they don’t whitelist.