• SirEDCaLot@lemmy.today
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    No, TPM isn’t involved here. There’s a few kinds of passkeys.

    Hardware bound keys are locked up in a physical device like a TPM or a YubiKey. That physical device has its own security to unlock it- TPMs often work with fingerprints, or a YubiKey usually has a PIN (aka password).

    A passkey can also be done in software, and that’s what’s happening here. BitWarden stores the encryption key within the BitWarden vault, so it can (eventually) be accessed by any device signed into your BitWarden account. Thus the same passkey works on your computer, laptop, phone, tablet, etc.

    It’s worth noting that Google and Apple both do it this way- the passkey is stored in their password manager, and you use Face ID or fingerprint ID to unlock that.