|
|
|
|
|
|
by jwally
963 days ago
|
|
|
I've experienced this on my phone IIRC...if I register a webauthn key on chrome on iphone, it shows up on safari; but the reverse is not true. Im assuming this is because apple uses a software based TPM that isn't tied to the device. This lets those private keys sync between devices. Is the future state for bitwarden to be able to perform the same trick somehow? Have you create keys in it and not your devices tpm? |
|
|
Apple has only recently introduced the necessary APIs to allow for third-party passkey providers (i.e. other apps acting as a passkey storage) and users (i.e. other apps using passkeys stored in iCloud and in other third-party provider apps).
But it's not easy as passkeys being supported on the latest versions; at least Google used to support a non-synchronizing platform authenticator implementation of WebAuthN using the system keychain and Touch ID (or the login password as a fallback) as well. So there is also a chance you were using that, at least on macOS.
> Is the future state for bitwarden to be able to perform the same trick somehow?
For web browsers, I believe the current approach of 1Password and presumably also Bitwarden is to inject a custom implementation of WebAuthN into every page's context. This doesn't require any WebAuthN/passkey support on the browser's side.
On macOS, they could also act as a system-level passkey provider though; this should then allow all passkey consumers (such as Safari and other browsers) to use these passkeys natively, i.e. without a JavaScript shim. And on iOS, given how web extensions are notoriously tricky there and all browsers are kind of Safari under the hood anyway, that might even be the only option.