vaultwarden
/
goldwarden-vaultwarden-bitwarden-client
mirror of https://github.com/quexten/goldwarden.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Page: Browser Biometric Approval
Pages
Approve Passwordless Login Request Browser Biometric Approval Configuring the Daemon Environment Variables for Other CLI Tools Flatpak Configuration Getting Started Home SSH Login & Git Commit Signing Security Setting up the Development Environment System‐wide Autotype
7 Browser Biometric Approval
Bernd Schoolmann edited this page 2024-04-30 13:20:24 +02:00
Table of Contents

Goldwarden implements Bitwarden's browser extensions' biometrics login protocol. This means that you can use Goldwarden to unlock your browser extension using Linux biometrics.

In order to set this up, run: goldwarden setup browserbiometrics or, if you have the flatpak: flatpak run --filesystem=home --command=goldwarden com.quexten.Goldwarden setup browserbiometrics

Then, enable biometrics in your browser extension. This currently only works with browsers that are not running inside of flatpak/snap sandboxes.

Browser extension 2024.04.01 and newer

Since the browser extension now doesn't show the "enable biometrics" button in the settings anymore on Linux, you need to open the browser extension's console.

Chromium based browsers

  1. Manage extensions
  2. Enable Developer mode
  3. Click inspect background next to Bitwarden
  4. In the console run:
chrome.permissions.request({ permissions: ["nativeMessaging"] });
  1. Switch back to the main browser window and click the "Allow" in the prompt

Next, the biometric unlock needs to be enabled via the console by running:

bitwardenMain.biometricStateService.setBiometricUnlockEnabled(true);
bitwardenMain.biometricStateService.setFingerprintValidated(true);


Firefox based browsers

  1. Manage extensions
  2. Click Bitwarden
  3. Permissions
  4. Enable "Exchange messages with programs other than Firefox"

Next, the biometric unlock needs to be enabled via the console by running:

bitwardenMain.biometricStateService.setBiometricUnlockEnabled(true);
bitwardenMain.biometricStateService.setFingerprintValidated(true);


Ask for biometrics on launch (Optional)

bitwardenMain.biometricStateService.setPromptAutomatically(true);

Native messaging host, manual setup

Sometimes, automatic detection of your browser might fail. To fix this, create a "nativemessaginghosts" folder, for mozilla based browsers this is in a directory such as: ~/.mozilla/native-messaging-hosts/, ~/.librewolf/native-messaging-hosts/ and so on.

For chromium based browsers, this is a path such as: .config/chromium/NativeMessagingHosts/.

Then, re-run the setup. If this does not work, please file a bug report.