Bitwarden

Let's talk about "On app restart" vault timeout on mobile

iOS and Android can't tell the difference between you closing the app and the OS killing it in the background, so both can trigger a lock, which can be confusing.

Do you use this setting? What did you expect it to do? Ever been locked out unexpectedly?

We want your input before we make any changes.

Yes, it's my preferred timeout setting
9.6%
No, I use a time-based timeout instead
47.8%
No, I've never changed the default
31.6%
I'm not sure what it does
11%
Poll ended at .
May 28 at 1:33pmWeb
Show threadAlex WilsonMay 28
@bitwarden I tried using it recently and ended up in a poor UX loop where every passkey interaction required 2 fingerprint checks (one to unlock the vault and a second to verify the passkey). I switched back to "never", which is the poorest security but the best user experience.
Show threadBitwardenMay 28
@alex Thanks for the feedback Alex, did you test out using a longer time-based duration?
Show threadAlex WilsonMay 28
@bitwarden Yes, it works as intended but at the rate I unlock the vault I end up in the same situation where every single time I want to do anything I have to unlock first. I really like the concept of app restart, I use browser restart on desktop and it works very well for me.

Would some kind of persistent notification work on Android to allow the vault to stay unlocked?
Show threadpropapanda May 28

@bitwarden i use biometrics to unlock, so i dont mind unlocking more often.

it would be neat if the app asked to enable biometrics when adding a new account and did not hide this feature somewhere in the settings.

one thing i wonder is: why is host-based matching not the default on every platform? when i have a ton of subdomains, it shows all secrets for that tld which is quite overwhelming and i have to change that setting every time i install the browser extension or mobile e.g.

Show threadBitwardenMay 28
@panda Thanks for the feedback! The team is looking into syncing user settings, stay tuned!
Show threadpropapanda May 28
@bitwarden hell yeah !!! amazing!
Show threadMattMay 29
@panda @bitwarden I'm the same, use face ID and never noticed it
Show threadGareth šŸ“󠁧󠁢󠁷󠁬󠁳ó æMay 28
@bitwarden I use FaceID and donā€™t change the defaults. Seems fine for my usage.
Show threadHenkka LaukkaMay 28

@bitwarden Can we also talk about the need to click ā€Unlock with TouchIDā€ twice before actually using TouchID to unlock the vault on MacOS?

Why have it done twice? First click takes you to an absolutely unnecessary page with the button that calls the function for TouchID. Why not just enable the functionality on the main unlock page and save the extra step?

Show threadBitwardenMay 28

@henkka Hi there, are you referring to the desktop app or the browser extension?

For the browser extenson:
Settings > Account Security > Ask for biometrics on launch

Show threadHenkka LaukkaMay 28
@bitwarden desktop app.
Show threadBitwardenMay 28
@henkka Thanks for clarification, I'll pass that info along to the team!
Show threadKellic Tiger May 28
@bitwarden I honestly don't care. The bigger issue is who the hell is your ux/ui design team? Because the update on the Linux client is some kind of horrible horse****.
If it was just one bad UI design choice. I can live with that but this is a case of death by a dozen cuts. Nobody took the time to actually think this UI through. Or if they did they didn't take into consideration the fact that their actual PC users out there who don't need a fat UI because they aren't using their finger to navigate the user interface.
Show threadBitwardenMay 28

@KellicTiger Hey there, the team is reviewing bugs/enhancements related to the updated UI.

Let me know if there is anything specific you want passed along outside of density/compact mode/hit boxes.

Show threadBen StokmanMay 28
@bitwarden I would just prefer a feature that reopens the last item no matter what. Sometimes I need to copy a password *and* a TOTP code.
Show threadBerkerMay 28
@bitwarden We would love to see a arm linux version with a working mobile UI.
Show threadMark LevisonMay 28

@bitwarden I donā€™t use Bitwarden and recent changes mean I no recommend it.

Free forever, except when it isnā€™t.

Show threadBitwardenMay 28

@mlevison Hey Mark, let me know if you have any questions about the latest blog: https://bitwarden.com/blog/my-first-100-days-at-bitwarden/

"Bitwarden will always have a free version. Not a restricted trial. Not a bait-and-switch. A genuinely useful, functional free tier, because every individual has a right to basic password management, and a world where more people use strong credential security is safer for all of us. That commitment is permanent."

My first 100 days at Bitwarden | Bitwarden

My first 100 days at Bitwarden from the CEO

Bitwarden
Show threadFabian EgliMay 28
@bitwarden @mlevison Meta said they'd never link WhatsApp data with Facebook, yet they did. Google's "Do no evil." disappeared - not without reason. And you must know, there are plenty more examples of companies disregarding pledges they made. The question is not about what's written in the blog, but why is it a blog post - and not something that legally binds the company.
Show threadtrekkie1701cMay 29

@bitwarden Admittedly, I wasn't aware this was a changeable thing.

On phones with more aggressive memory management, it definitely was super annoying since by the time I could log into the vault it'd kill the app I was trying to get a password for. This made it more annoying than it needed to be in order to log in sometimes.

Show threadCormacMay 29

@bitwarden My older tablet no longer has security validation that Bitwarden recognises.

From time to time I'll have to manually enter my password to retrieve the username, and the enter the password again to retrieve the password.

It's annoying but I guess its the price I pay for using a 6 year old tablet,

Show threadMrMcBrideJun 2
@bitwarden There is no such setting in the app on my ios device.
Show threadMrMcBrideJun 2
@bitwarden Nevermind, I found it.