Browser Biometric Approval
Goldwarden implements Bitwarden's browser extensions' biometrics login protocol. This means that you can use Goldwarden to unlock your browser extension using Linux biometrics.
In order to set this up, run:
goldwarden setup browserbiometrics
or, if you have the flatpak:
flatpak run --filesystem=home --command=goldwarden com.quexten.Goldwarden setup browserbiometrics
Then, enable biometrics in your browser extension.
This currently only works with browsers that are not running inside of flatpak/snap sandboxes.
Since the browser extension now doesn't show the "enable biometrics" button in the settings anymore on Linux, you need to open the browser extension's console.
- Manage extensions
- Enable Developer mode
- Click inspect background next to Bitwarden
- In the console run:
chrome.permissions.request({ permissions: ["nativeMessaging"] });- Switch back to the main browser window and click the "Allow" in the prompt
Next, the biometric unlock needs to be enabled via the console by running:
bitwardenMain.biometricStateService.setBiometricUnlockEnabled(true);
bitwardenMain.biometricStateService.setFingerprintValidated(true);
- Manage extensions
- Click Bitwarden
- Permissions
- Enable "Exchange messages with programs other than Firefox"
Next, the biometric unlock needs to be enabled via the console by running:
bitwardenMain.biometricStateService.setBiometricUnlockEnabled(true);
bitwardenMain.biometricStateService.setFingerprintValidated(true);
bitwardenMain.biometricStateService.setPromptAutomatically(true);Sometimes, automatic detection of your browser might fail. To fix this, create a "nativemessaginghosts" folder, for mozilla based browsers this is in a directory such as:
~/.mozilla/native-messaging-hosts/, ~/.librewolf/native-messaging-hosts/ and so on.
For chromium based browsers, this is a path such as: .config/chromium/NativeMessagingHosts/.
Then, re-run the setup. If this does not work, please file a bug report.