KeePassXC adds support for Passkeys, improves database import from Bitwarden and 1Password

Ashwin
Mar 11, 2024
Security
|
4

KeePassXC has been updated to 2.7.7. The latest version of the open source password manager adds support for Passkeys, and has gained the ability to import your vault data from Bitwarden.

Passkeys in KeePassXC

Several password managers have added support for Passkeys over the past year, including Bitwarden, 1Password, Dashlane, Google Password Manager, Apple iCloud Keychain, even Windows 11 supports it. KeePassXC is the latest to join the party to support the phishing-resistant protocol created by FIDO.

An important thing to note here is that this is not a standalone feature, it requires you to install the KeePassXC browser extension, which works in tandem with the desktop program. Download the KeePassXC browser extension for Firefox, Chrome or Edge.

How to enable Passkeys in KeepassXC password manager

In order to use it, you will also need to "Enable Passkeys" in the extension's settings. To access the Passkeys stored in the application, head to the Database > Passkeys. Go to a website that supports Passkeys, for example, Google. Choose the "create a passkey" option, and select "Use another device". You should see a pop-up from the KeePassXC browser extension that asks you to save the passkey, click on "Register".

How to save Passkeys in KeepassXC password manager

This will save the digital security key to your vault, you can find it saved as a new entry in your database, it has the word "Passkey" in the name. In the test scenario, it was saved as KeePassXC-Browser Passwords / Google (Passkey).

How to use Passkeys in KeepassXC password manager

The password manager app also allows you to import existing Passkeys stored on your computer (.Passkey files).  Once you have saved a Passkey in KeePassXC, you will be able to log in to websites without using a password.

Passkeys in KeepassXC password manager 2

 

This works across browsers, so if you created a Passkey using the KeePassXC add-on for Firefox, it will be available in Chrome or Edge, as long as you have the extension for the browsers and have connected them to the vault. Refer to the official documentation for more details about the feature.

Passkeys in KeepassXC password manager

 

Import passwords from Bitwarden

KeePassXC now allows you to import your database from Bitwarden. The option to add the JSON format is available under a new Import Wizard that you can access from the Database > Import menu.

How to Import passwords from Bitwarden in KeepassXC password manager

KeePassXC has allowed users to migrate from 1Password for a long time, but the older versions of the password manager used the OPVault format to import the data. The latest version of KeePassXC adds support for 1Password's export format, 1PUX. You may choose to import the data to an existing database, or create a new one. Other options that are available in the import wizard include support for CSV and KDB formats.

Easier database unlock for hardware keys

The announcement for KeePassXC 2.7.7 says that the program has improved the database unlock experience for hardware security keys such as YubiKey, OnlyKey. You no longer need to choose the hardware key or key file after entering your master password, in fact, the fields for both options have been removed from the login pop-up. The program now detects the devices automatically, all you need to do is plug in your hardware key into your computer. The feature also supports NFC readers and key files, though you will need to use the "select file" option to unlock the vault.

Download KeePassXC 2.7.7 for Windows, macOS and Linux from GitHub. You can also get it from the Microsoft Store.

Do you use a password manager for Passkeys?

Summary
KeePassXC adds support for Passkeys, improves database import from Bitwarden and 1Password
Article Name
KeePassXC adds support for Passkeys, improves database import from Bitwarden and 1Password
Description
We show you how to use Passkeys in KeePassXC.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «

Comments

  1. Anonymous said on March 13, 2024 at 9:13 am
    Reply

    Why would you trust an open source program with your passwords? Anyone interested can go look at the code and find vulnerabilities, it’s much more secure to obscure things and make people who are interested in breaking through software like this actually work for it instead of getting everything they need on a platter.

    1. Roquefort O'Brie said on March 14, 2024 at 6:55 pm
      Reply

      1. The same can be said for all password managers, open or closed source. If it’s closed source you don’t know what’s going on, you just have to trust the company’s intentions.

      2. That’s not how Keepass works. Only a user with the master password can access the vault of passwords. And you know this is true because the code is public.

  2. ECJ said on March 11, 2024 at 5:31 pm
    Reply

    Historically, FIDO private keys were stored on secure hardware (such as TPM or Yubikey) that were not assessable to the user or software running on the device.

    Where are the private keys stored with KeePassXC and how are they protected?

    1. Ashwin said on March 12, 2024 at 6:46 am
      Reply

      The Passkeys are saved directly in the password database. You can export the key as a .Passkey file, but the documentation says that the extracted data is unencrypted. https://keepassxc.org/docs/KeePassXC_UserGuide#_advanced_usage_2

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.