Add passkey articleHEADmaster

1 files changed, 33 insertions, 0 deletions

diff --git a/_posts/2026-03-01-using-passkeys-under-grapheneos-with-keepassdx.md b/_posts/2026-03-01-using-passkeys-under-grapheneos-with-keepassdx.md
new file mode 100644
index 0000000..c399538
--- /dev/null
+++ b/_posts/2026-03-01-using-passkeys-under-grapheneos-with-keepassdx.md
@@ -0,0 +1,33 @@
+---
+layout: post
+title: Using Passkeys under GrapheneOS with KeePassDX
+date: 2026-03-01 12:07 +0100
+lang: en
+categories: tech
+description: "How to properly enable Passkey usage under GrapheneOS with KeePassDX"
+---
+
+I'm a (relatively) long-time user of GrapheneOS. As password manager, I've been using
+[KeePassDX](https://f-droid.org/en/packages/com.kunzisoft.keepass.libre/) for quite
+a while. I've been happy to hear when they introduced
+[passkey support](https://github.com/Kunzisoft/KeePassDX/blob/4.3.2/CHANGELOG#L52),
+but for some reason, it never worked for me, and I always shrugged it off.
+
+Today, I encountered a service that uses passkeys again, and I wondered,
+"wtf, this can't be". The browser (Firefox, Vanadium) always showed an error
+and did nothing.
+
+So, I checked
+`Settings > Passwords, Passkeys and accounts > Preferred service`,
+and indeed it said "KeePassDX". So I checked KeePassDX settings - nothing
+said "enable passkey support" in particular. So… I set the preferred service
+to `None`, reset it to `KeePassDX`, and… suddenly, passkeys worked.
+
+Yeah. Whatever. Introducing new features to software can break things, I know
+this from my own job. No idea if the bug lies in KeePassDX, or GrapheneOS
+(passkeys were a new feature there as well?). But now, apparently, I could use
+passkeys.
+
+Aside, personally, I find storing passkeys in a password database no different to
+storing secure randomly generated ~20 character passwords. But I am no security expert,
+so don't count on my opinion.