diff --git a/_articles/account/biometrics.md b/_articles/account/biometrics.md index 395d8a12..83fef4f2 100644 --- a/_articles/account/biometrics.md +++ b/_articles/account/biometrics.md @@ -62,13 +62,17 @@ Once Biometric Unlock is enabled, a new button will be presented on the Unlock s ## Browser Extensions +{% callout warning %} +Upon release of Biometric Unlock for Browser Extensions, you may notice that the Browser Extension is flagged by your browser for requiring a new permission. In some cases, browsers will disable the Browser Extension and users will be required to re-enable them. + +The required permission to `nativeMessaging` is used to facilitate the integration between Browser Extension and Desktop Application that enabled Biometric Unlock, as described in this section. +{% endcallout%} + Biometric Unlock is supported for **Firefox** and **Chromium-based** (i.e. Chrome, Edge) Bitwarden Browser Extensions by integration with a native Bitwarden Desktop App. Through the Desktop App's access to Biometric APIs, Browser Extensions support Biometric Unlock: - For **Windows**, via [Windows Hello](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello){:target="\_blank"} using PIN, Facial Recognition, or [other hardware that meets Windows Hello biometric requirements](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello-biometric-requirements){:target="\_blank"}. - For **macOS**, via [Touch ID](https://support.apple.com/en-us/HT207054){:target="\_blank"}. -{% callout info %} The Bitwarden Desktop Application must be installed, logged in, and running in order to use Biometric Unlock in a Browser Extension. Additionally, you will need to [enable Biometric Unlock in the desktop app](#enable-biometric-unlock-in-desktop) before proceeding. -{% endcallout %} ### Enable Biometric Unlock for Browser Extensions diff --git a/_articles/faqs/security-faqs.md b/_articles/faqs/security-faqs.md index f4c038f0..fff28985 100644 --- a/_articles/faqs/security-faqs.md +++ b/_articles/faqs/security-faqs.md @@ -99,6 +99,12 @@ Extensions are safe to use if they are developed correctly. Due to the nature of When this **optional feature** is enabled, clipboard clear will clear any Bitwarden entries made by or filled on a configurable interval. Access to the clipboard allows Bitwarden to do this *without* removing a clipboard item not associated from the Bitwarden application by checking the last-copied item again the last-copied item from your Vault. Please note, this feature is **off by default**. +#### Q: Why does the Browser Extension need `nativeMessaging` permission? + +**A:** Upon the release of [Biometric Unlock for Browser Extensions](https://bitwarden.com/help/article/biometrics/#browser-extensions), you may notice that the Bitwarden Browser Extension is flagged by your browser for requiring a new permission. In some cases, browsers will disable the Browser Extension and users will be required to re-enable them. + +Bitwarden uses `nativeMessaging` permission to facilitate the integration between Browser Extension and Desktop Application that enables Biometric Unlock. + #### Q: Is Bitwarden FIPS Compliant? **A:** Bitwarden uses [FIPS compliant libraries and cryptography](https://bitwarden.com/help/article/what-encryption-is-used/#invoked-crypto-libraries), however the Bitwarden platform has not performed any FIPs certifications. Most FIPS installations of Bitwarden leverage the self-hosting option to make evaluations (i.e. Cybersecurity Maturity Model Certification) easier.