This is NOT about just turning off Enpass for passkey support in the browser.

I would like the option to make Enpass always answer any request for Passkey creation with a negative response. That way I hope to be never asked again whether I want to create a Passkey.

The background here is that Passkeys are an improvement for people who otherwise reuse insecure passwords, but are a net-negative security tradeoff for everyone else. Many jurisdictions (the US, UK, and Germany for example) have exempted "taking biometrics by force" from constitutional protection against self-incrimination. It's perfectly legal for a US law enforcement agent to use force to unlock your Face ID (by putting your head in an headlock) or forcing your finger onto a fingerprint scanner and then to go fishing through all information that unlocks. Passkeys make this significantly worse by putting your cloud-based information behind biometrics.

Hence I will never use Passkeys ever, and would love the option to permanently decline.

Passkeys have nothing to do with biometrics. They are just private/public key pairs. Wether or not they can be unlocked by biometrics depends on your Enpass settings, which apply to passwords and passkeys alike.

Also, permanently declining won't solve your problem as most browsers will just go on trying to create the passkey in their own or the OS keychain next. Instead you would need an extension that makes the browser report it's missing passkey support entirely, but I don't know it that is even possible, especialy with Manifest V3. Browser and OS vendors really, really want to have your passkeys in their clouds.

Edited June 9, 2025Jun 9 by Bachsau