The whole point of passkeys is that they are discoverable and syncable.
But why sync if passkey from some device won’t work on another device?
And what do you mean discoverable? I am not even sure how I can see how many passkeys and for what services I have on my phone…
They do work on another device.
Check the security tab in your Google account.
Friendly reminder to do a quick Google search before asking questions.
1 Like
One of the pros of passkeys is going passwordless. So, if you use it as 2FA, or password depends on what you try to protect.
Okey, I found passkeys are stored in Google password manager with passwords. So it seems, that there is no place to view all passkeys as a list. Security tab in google Account only shows single passkey, which is used for login to google.
So while passkeys are used for passwordless login you still need passwords too. Maybe services could allow login only with passkey without password creation, but I have not met any yet. Also if one uses google password manager, than we have eggs in one bucket situation.
Sorry for being new to passkeys. I try to figure how they could be used. I like passkeys allow to skip 2fa code. But I really do not like, that if password manager compromised it contains passkeys, which could be used on another device, that sounds very insecure.
Edit: okey, Disroot allows to create passkey for 2fa replacement and another passkey for password replacement. I need both to login to Disroot. I do not store disroot password in manager, so if I try searching Disroot in manager I do not see those 2 passkeys at all, yet they are stored somewhere… That is not simple and easy, lol.
I could not find how to store passkeys in Bitwarden. Even if I choose Bitwarden for auto-fill, google password manager popups when you create a passkey.
1 Like
Bitwarden doesn’t support passkey in android for now.
2 Likes
yes bitwarden has yet to release passkeys for mobile client yet but this is also an Android problem if you are using Android 13 or below.
Third party passkeys app will only be supported from Android 14 upwards.
Note: Starting from Android 14, users can opt to use third-party credential management apps to store their passkeys
5 Likes
Then, don’t store your passkeys into a password manager. People store passkeys in PWM, be it Bitwarden or Google, so that they can be synced across their devices. But if you don’t like that, store it in a device.
In Windows, you can store it via Windows Hello, which is not yet synced. You can use FIDO2 keys, like Yubikey and Google’s Titan, to store the passkeys and they stay on your keys, which can be used to plug in another device and provide passkey credentials also. In this scenario, though, you may want to have multiple FIDO2 keys, and multiple passkeys per site, to provide backups.
1 Like
Thanks for answers, I will read more about passkeys later, I guess using passkeys for most important services and skipping 2fa, is actually not good.
Same for any other PW manager
Did you check the passwords section in the security tab?
You still get fishing protection when you use passkeys
It’s still rare, but some sites allow you to register a passkey when you sign up, so you don’t need a password at all.
Nvidia and porkbun do it.
1 Like