Bitwarden Moves into Passwordless Security
Passwords are so passe. People who are serious about security are moving to Zero Trust Security or other passwordless Identity and Access Management (IAM) systems. Now, Bitwarden, the curator of the prominent open source password management program of the same name, has officially launched Bitwarden Passwordless. dev. This is a comprehensive developer toolkit for integrating FIDO2 WebAuthn-based passkeys into consumer websites and enterprise applications
The time is right for Bitwarden to expand beyond its top-rated password manager
Passwordless technology is gaining significant traction. A Bitwarden survey found 56% of individuals are enthusiastic about passwordless technology.
But forget about what users want. The sad, simple truth is that password breaches are becoming as common as people running stop signs. Don’t believe me? Check your own e-mail account to see if it’s been swiped in one security breach or another at HaveIBeenPwned. I’ll wait. Unless you’re one in a million, one or more of your accounts, have already been exposed.
A Better Way
There has got to be a better way. Passwordless designs are one. That’s easier said than done. Most organizations have yet to adopt this technology. About half of the IT decision-makers cite the lack of passwordless design in the applications they use as the primary reason.
That’s where Bitwarden comes in. Its latest offering aims to bridge this gap.
Passkeys not only eliminate the need for passwords, usernames, and two-factor authentication (2FA), but they also enhance user security by mitigating the risk of phishing attacks.
Bitwarden Passwordless.dev uses an easy-to-use application programming interface (API) to provide a simplified approach to implementing passkey-based authentication with your existing code. This enables developers to create seamless authentication experiences swiftly and efficiently. For example, you can use it to integrate with FIDO2 WebAuthn applications such as Face ID, fingerprint, and Windows Hello.
Enterprises also face challenges in integrating passkey-based authentication into their existing applications. Another way Bitwarden Passwordless.dev addresses this issue is by including an admin console. This enables programmers to configure applications, manage user attributes, monitor passkey usage, deploy code, and get started instantly.
“Passwordless authentication is rapidly gaining popularity due to its enhanced security and streamlined user login experience,” said Michael Crandell, CEO of Bitwarden. “Bitwarden equips developers with the necessary tools and flexibility to implement passkey-based authentication swiftly and effortlessly, thereby improving user experiences while maintaining optimal security levels.”
Lundatech AB, a Bitwarden customer, and a business cloud integrator, is already using Bitwarden Passwordlessdev to enhance its employee and customer sign-up and login. They’re happy with it.
“Our clientele includes software vendors, large private corporations, and government agencies, all of whom have stringent security and reliability requirements,” said Henrik Doverhill, Lundatech’s CTO and founder. “We aimed to provide them with superior security and a modern, streamlined authentication experience. Bitwarden Passwordless.dev significantly reduced our development process – we had passwordless authentication operational within an hour.”
Looking ahead, Bitwarden also recently unveiled the open beta of Bitwarden Secrets Manager. This is designed to securely manage sensitive authentication credentials within the privileged developer and DevOps environments.
Given Bitwarden’s sterling open source and security track record, if you want to replace passwords for better, more secure user IAM, I’d give Bitwarden Passwordless.dev a long hard look.