@wuffa
@discuss.tchncs.dehttps://hackerone.com/reports/1874155
Bitwarden Desktop on Windows allows the user to enable vault unlock through Windows Hello (under File > Settings > Unlock with Windows Hello). When this is done, a "Biometric master key" is generated and stored locally inside the Windows' user credential set. This is done through the "wincred" API, in particular through the functions...