1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
---
layout: post
title: Using Passkeys under GrapheneOS with KeePassDX
date: 2026-03-01 12:07 +0100
lang: en
categories: tech
description: "How to properly enable Passkey usage under GrapheneOS with KeePassDX"
---
I'm a (relatively) long-time user of GrapheneOS. As password manager, I've been using
[KeePassDX](https://f-droid.org/en/packages/com.kunzisoft.keepass.libre/) for quite
a while. I've been happy to hear when they introduced
[passkey support](https://github.com/Kunzisoft/KeePassDX/blob/4.3.2/CHANGELOG#L52),
but for some reason, it never worked for me, and I always shrugged it off.
Today, I encountered a service that uses passkeys again, and I wondered,
"wtf, this can't be". The browser (Firefox, Vanadium) always showed an error
and did nothing.
So, I checked
`Settings > Passwords, Passkeys and accounts > Preferred service`,
and indeed it said "KeePassDX". So I checked KeePassDX settings - nothing
said "enable passkey support" in particular. So… I set the preferred service
to `None`, reset it to `KeePassDX`, and… suddenly, passkeys worked.
Yeah. Whatever. Introducing new features to software can break things, I know
this from my own job. No idea if the bug lies in KeePassDX, or GrapheneOS
(passkeys were a new feature there as well?). But now, apparently, I could use
passkeys.
Aside, personally, I find storing passkeys in a password database no different to
storing secure randomly generated ~20 character passwords. But I am no security expert,
so don't count on my opinion.
|
