diff --git a/apps/browser/src/_locales/en/messages.json b/apps/browser/src/_locales/en/messages.json
index f5a37443b72..e58283c2162 100644
--- a/apps/browser/src/_locales/en/messages.json
+++ b/apps/browser/src/_locales/en/messages.json
@@ -4757,6 +4757,9 @@
   "demoSettings": {
     "message": "Demo settings"
   },
+  "credentialsWillBeSentToTunnel": {
+    "message": "For demo use only. Credentials will be sent over secure tunnel."
+  },
   "demoRetrieve": {
     "message": "Fetch"
   },
diff --git a/apps/browser/src/tools/popup/settings/tunnel-demo.component.ts b/apps/browser/src/tools/popup/settings/tunnel-demo.component.ts
index e1f3202a10a..700cdaa9472 100644
--- a/apps/browser/src/tools/popup/settings/tunnel-demo.component.ts
+++ b/apps/browser/src/tools/popup/settings/tunnel-demo.component.ts
@@ -4,6 +4,7 @@ import { FormBuilder, ReactiveFormsModule, Validators } from "@angular/forms";
 import { firstValueFrom } from "rxjs";
 
 import { JslibModule } from "@bitwarden/angular/jslib.module";
+import { UserVerificationDialogComponent } from "@bitwarden/auth/angular";
 import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { getUserId } from "@bitwarden/common/auth/services/account.service";
 import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
@@ -99,6 +100,29 @@ export class TunnelDemoComponent {
     const username = tunnelDemoCipher.login.username || "(none)";
     const password = tunnelDemoCipher.login.password || "(none)";
 
+    // Verify user identity before sending credentials
+    const verificationResult = await UserVerificationDialogComponent.open(this.dialogService, {
+      verificationType: "client",
+      title: "verificationRequired",
+      bodyText: "verifyIdentityToSendCredentials",
+      calloutOptions: {
+        text: "credentialsWillBeSentToTunnel",
+        type: "warning",
+      },
+    });
+
+    // Check if user cancelled or verification failed
+    if (verificationResult.userAction === "cancel" || !verificationResult.verificationSuccess) {
+      await this.dialogService.openSimpleDialog({
+        title: "Tunnel Demo - Cancelled",
+        content: "User verification was cancelled or failed.",
+        type: "info",
+        acceptButtonText: { key: "ok" },
+        cancelButtonText: null,
+      });
+      return;
+    }
+
     // Send credentials to the localhost tunnel server
     try {
       await this.tunnelService.sendCredentials({ username, password });