Damn, that is bad? Why would such critical system functionality depend on additional proprietary services?
...
The system opens a dialog prompting to open an app. Only OpenKeyChain may be supported, but maybe not even that if it requires play services on the system
missing-root Surprise! I'm right there with you, I was very disappointed to discover this dependency. My first impulse was rage because these keys were supposed to solve all my problems! NO MORE PASSWORDS!!! I heard that and bought two keys without even thinking about it. I should have searched this forum first.
But I'm hesitant to judge since I don't know what's involving in implementing fido compatibility without google services, let alone maintaining it. I just hope one day this terrible affliction will be behind us, and we can move forward with security without reliance on centralized power actors.
fid02 Would I need to have play services installed to authenticate the passkey using Proton Pass?
DeletedUser88 Would I need to have play services installed to authenticate the passkey using Proton Pass?
Yes.
does this rely on internet connectivity? Especially when there is a permission for IPC (inter process communication), installing play services may be "fine" for the reward
missing-root does this rely on internet connectivity?
Do you mean if passkeys work without Play Services having the network permission? I tried this just now, and I could use Proton Pass to both register and sign in with a passkey when the network permission for Play Services was revoked.
Thats at least good to hear, thanks!
DeletedUser115
That is what I did for my test.
Updated guide: https://gist.github.com/FID02/dab9c9785b684c8178c01b5909b5df21
This thread has attracted more attention than I first thought it would, and I decided it would be beneficial to try to keep it up to date. So while binging on coffee for three hours, I retested and rewrote the guide – which I have now published as a gist so that people can find an updated version without having to scroll this thread.
I'm pretty pleased to observe that the steps I outline in the guide now appear – at least to me – to be more reliable than earlier. If you are using a browser extension for your password manager on a desktop computer, registration is also a lot smoother.
Appreciate any feedback.
Changelog
– Noted the difference between passkey and non-passkey FIDO credentials, in an attempt to reduce confusion around what this guide is about
– Changed the title accordingly
– Added a note that only Proton Pass and Bitwarden have been tested
– Added a section about registration using browser extensions on desktop
– Added a section about passkeys
– Rewrote all sections in an attempt to clarify all setup steps and prerequisites
– Added a screenshot of a dialog that caused some confusion
fid02 Nice. Thank you for this.
fid02 Updated guide: https://gist.github.com/FID02/dab9c9785b684c8178c01b5909b5df21
I just realized that I tested this using the Bitwarden Android Beta app, not their current Stable version. The Beta is a complete rewrite of the Bitwarden app, so it's expected to behave differently. If you experience issues with the current Stable version, the good news is that the upcoming rewritten app seems to behave reliably in regards to the steps in the guide.
