I can't use Google passkey

Every time I open the Tor browser I have to login again on all sites and I can perfectly understand this.

However, when I log in to Google I can’t use the passkey stored in my password manager. I try a couple of times and then Google tells me I can’t login and asks me to chose a different method.

Fortunately I can login with the password (as I do on all other sites) but it would be definitely better if I could use the passkey (as it’s faster).

Is this a Tor feature I must live with or there is anything I can do to solve the issue?

Ciao,
Max

Can you provide exact details of how you attempt to login, what security level Tor Browser is set to, what password manager you use and exactly what the error messages are (you can upload screenshots) - so we can try and replicate the issue? Also please specify your OS, what version of Tor Browser you use and your installation method, thanks.

You’re right, I’m sorry.

Operating System you are using

Ubuntu 24.04.3 LTS

Tor Browser version

14.5.6

Tor Browser Security Level

Standard

Step by step of how you got to the issue, so we can reproduce it (e.g. I opened the browser, typed a url, clicked on (i) icon, then my browser crashed)

I got to https://accounts.google.com/, the site asks the mail, I fill in my mail and click “Next”, the site shows “Verifying it’s you… Complete sign-in using your passkey” and a new Tor windows open (it’s from the extension I installed, Bitwarden), with “Choose a passkey to login in with”, I select the only entry proposed, the site (on the Google Tor window) shows “Use your passkey to confirm it’s really you” on the left and “Your device will ask for your fingerprint, face, or screen lock” on the right, I click on “Continue”, a new Tor windows open (it’s from the extension I installed, Bitwarden), with “Choose a passkey to login in with” as before, I choose again the passkey and this time the page shows the error message “Something went wrong” and the button “try another way”, if I click on it I’m proposed to enter my password or my passkey again.

If I do the same from Firefox, when the Bitwarden page opens Iselect the passkey and the login process completes without problems.

The Tor log

This is all the log having today in the time stamp

2025-09-02 08:23:29.220
[NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
2025-09-02 08:23:29.223
[NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
2025-09-02 08:23:29.226
[NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
2025-09-02 08:23:29.232
[NOTICE] Opening Socks listener on 127.0.0.1:9150
2025-09-02 08:23:29.232
[NOTICE] Opened Socks listener connection (ready) on 127.0.0.1:9150
2025-09-02 08:23:29.544
[NOTICE] Application request when we haven't used client functionality lately. Optimistically trying directory fetches again.
2025-09-02 08:23:30.544
[NOTICE] Bootstrapped 5% (conn): Connecting to a relay
2025-09-02 08:23:30.663
[NOTICE] Bootstrapped 10% (conn_done): Connected to a relay
2025-09-02 08:23:30.763
[NOTICE] Bootstrapped 14% (handshake): Handshaking with a relay
2025-09-02 08:23:30.993
[NOTICE] Bootstrapped 15% (handshake_done): Handshake with a relay done
2025-09-02 08:23:30.994
[NOTICE] Bootstrapped 20% (onehop_create): Establishing an encrypted directory connection
2025-09-02 08:23:31.127
[NOTICE] Bootstrapped 25% (requesting_status): Asking for networkstatus consensus
2025-09-02 08:23:31.171
[NOTICE] Bootstrapped 30% (loading_status): Loading networkstatus consensus
2025-09-02 08:23:32.058
[NOTICE] I learned some more directory information, but not enough to build a circuit: We're missing descriptors for 1/3 of our primary entry guards (total microdescriptors: 8123/9030). That's ok. We will try to fetch missing descriptors soon.
2025-09-02 08:23:32.155
[NOTICE] Bootstrapped 50% (loading_descriptors): Loading relay descriptors
2025-09-02 08:23:32.241
[NOTICE] I learned some more directory information, but not enough to build a circuit: We're missing descriptors for 1/3 of our primary entry guards (total microdescriptors: 8123/9030). That's ok. We will try to fetch missing descriptors soon.
2025-09-02 08:23:32.241
[NOTICE] I learned some more directory information, but not enough to build a circuit: We're missing descriptors for 1/3 of our primary entry guards (total microdescriptors: 8123/9030). That's ok. We will try to fetch missing descriptors soon.
2025-09-02 08:23:33.329
[NOTICE] Bootstrapped 75% (enough_dirinfo): Loaded enough directory info to build circuits
2025-09-02 08:23:34.421
[NOTICE] Bootstrapped 90% (ap_handshake_done): Handshake finished with a relay to build circuits
2025-09-02 08:23:34.422
[NOTICE] Bootstrapped 95% (circuit_create): Establishing a Tor circuit
2025-09-02 08:23:34.735
[NOTICE] Bootstrapped 100% (done): Done

I forgot the “how you instelled Tor part”…

I used an Ubuntu tool available in the SW center (“TOR Browser Launcher“) that downloads and installs Tor Browser. I don’t know what method was followed but I don’t think it was flatpak as $ flatpak list returns

Command ‘flatpak’ not found, but can be installed with:
sudo apt install flatpak

Moreover, $ snap list doesn’t return anything containing “Tor”.

I can’t find any information in “Help→About Tor Browser” either.

OK this point in KNOWN ISSUES in the Tor Browser manual covers it I believe:

Web Authentication (WebAuthn) and Universal 2nd Factor (U2F) (i.e. YubiKey) support is disabled in Tor Browser.

I just tried to log in to GitHub through Tor Browser. I have a FIDO2 security device (Yubikey) set up as 2FA there and I got this message:

“Webauthn isn’t supported. Use a different browser or device to use your security key”. It works fine in regular Firefox.

In storing passkeys I believe the Bitwarden browser extension relies on the WebAuthn API - which as the manual says is disabled - so indeed this is a feature you must live with. You can use an authenticator app’s One Time Password (OTP) 2FA with Google in Tor Browser - I have just logged in using this method with my Nitrokey and its associated authenticator app. If you have a Yubikey or similar device that may be the way to go. Good luck.

2 Likes

Thank you.

Ciao,
Max