Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
digital mystik
@digital-mystik:matrix.org
[m]
hello.. great to see the encrypted export feature! just so I understand it, it is tied to an account's encryption key and not the password, so that it can only be decrypted when importing into bitwarden using the encryption key that was used during the export?
Shane Taylor
@GirzzlyAK
According to the help I just read, that is correct. If you change your key, you'll no longer be able to import/decrypt that backup. It warns about that. https://bitwarden.com/help/article/encrypted-export/
I did have a question tho, in that same help on encrypted backups, it says "Warning: Importing data multiple times will create duplicates". That would seem like a pretty easy thing to prevent on import, wouldn't it? I wonder why this is a thing? Why not just check to see if there is already an identical entry and don't duplicate it? Or, alternatively, if there is a NEWER version in the current vault, ask if BW should replace it with the backup or leave the current one?
1 reply
random_guy52
@random_guy52:matrix.org
[m]
why aren't there any client apps or forks of Bitwarden apps?
1 reply
keepass is open source and there are a bunch of client applications available.
JCDuclare
@JCDuclare
Hi, I just found a bug in the latest current release of the bitwarden desktop app. If the user only autoregenerates a password and then switches to another object (e.g. another login) the unsaved changes prompt is not triggered and thus the changes are lost forever
I'm guessing this happens because autoregeneration is not a user trigger directly
JCDuclare
@JCDuclare
just submitted an issue on github guess that is the more right place
digital mystik
@digital-mystik:matrix.org
[m]
hello.. any chance of having bitwarden-cli store credentials similar to how ssh-agent or gpg-agent do? I noticed that there is a third-party project that does this (rbw), but it would be a nice feature for the official release
BlueMew
@That1BlueMew
that would be cool
A
@c3083004_gitlab
Why does creating a free organization require a billing address?
Ninja Tech Consulting
@thelinuxninja:linuxninjalabs.com
[m]
OK, I TRIED to get in touch with a responsible person at Bitwarden, but all I get is silly responses from some support person.
I went through the Terms and have some serious questions. No one seems to be able to be reached to respond.
First of all, when I sent in the support request, I found that the ONLY way to get in touch was by filling out a web form. There is no response from the submission of the form. No ticket number. No way to submit an attachment. No case number. Nothing. I sat for a while waiting to get something back. Now, imagine if I was experiencing a problem with the service and needed immediate support. Nope.
The Terms explicitly state: "We only use email and other electronic means to stay in touch with our users. We do not provide phone support."
And that 'other electronic means' provides no sense of urgency. And businesses can rely on this?

And this section: "Bitwarden has the right to suspend or terminate your access to all or any part of the Website at any time, with or without cause, with or without notice, effective immediately. Bitwarden reserves the right to refuse service to anyone for any reason at any time."

What kind of contract is this? You enter a contract with a company who says that they can take your money and stop providing you service that you depend on without even communicating this with you? No reason is needed? Normally, a business contract has terms that equally protect both parties. This is completely one-sided.

Ninja Tech Consulting
@thelinuxninja:linuxninjalabs.com
[m]
What companies are agreeing to this? Did they read the Terms at all? Can we get someone at Bitwarden to fix this glaring oversight? Why can't I get a support person to put me in touch with SOMEONE who can discuss this?
I was in the process of creating an Organization, but after reading this, I had to stop. Then I purged my vault that I had just imported from LastPass as part of my testing to determine if our company would be moving from LastPass to Bitwarden. Now, I'm being told that there's no way we could agree to such terms and we'd be remaining on LastPass. (And yes, we did a comparison of the Terms for LastPass, too, which has no such issues.)
Ninja Tech Consulting
@thelinuxninja:linuxninjalabs.com
[m]

The other, not-as-significant issue is this:
"A User must be at least 13 years of age."
"If we learn of any User under the age of 13, we will terminate that User's account immediately."

One of my employees is under 13. As a company and as a parent, "I" am responsible for opening such an account. To say you'd terminate an account that "I" established for my under-13-year-old employee is NOT in keeping with United States Law.

Again, LastPass has no such restrictions.
sousapro
@sousapro
For what it's worth we did. No issues so far and our developers are happy
Ninja Tech Consulting
@thelinuxninja:linuxninjalabs.com
[m]
Since the content of a vault is simply what a person puts in it, please explain why this is in the terms.
sousapro
@sousapro
I'm not sure I'd make any quality comparison to Lastpass at this point lol
3 replies
Ninja Tech Consulting
@thelinuxninja:linuxninjalabs.com
[m]

Section 6. Questions
Questions about the Terms of Service? Contact us.

I did. They won't respond.

Ghost
@ghost~5de7877dd73408ce4fd30607
Could always selfhost and then you don't have to worry about the terms of service
18 replies
sousapro
@sousapro
Ugh, did you ask questions or did you attack them to the point that they had to refer it upstream? lol
1 reply
Yeah ++ selfhosting if cloud isn't a good fit for you
Ninja Tech Consulting
@thelinuxninja:linuxninjalabs.com
[m]
Guess it's up to me to start up my own company hosting this with more realistic terms.
K900
@K900:matrix.org
[m]
All right this is going to get very confusing
João Miguel Campos
@mikibakaiki

Hi everyone! First time posting here :)

I created an issue in github and a post in the official forums, and maybe here i'll get a faster answer, since i depend on this issue to proceed.

I can't setup the DB in docker and having the web extension, the server API and server Identity running locally.

Always get an invalid password when doing any action in the extension, saying that the password is wrong.

bitwarden/server#1210

Thanks for the help :)

Thomas Rittson
@eliykat
I've had trouble with this before, here are some notes:
3 replies
SA_PASSWORD has certain complexity requirements. The Docker Hub page says that it must "include at least 8 characters of at least three of these four categories: uppercase letters, lowercase letters, numbers and non-alphanumeric symbols" - but your mileage may vary. If these requirements are not met, the password will not be set (without any warning) and your login attempts will be rejected for having an incorrect password. If this is happening and you're sure you're using the right password, try increasing the complexity of SA_PASSWORD.
If you change SA_PASSWORD in docker-compose.yml, you may need to delete the Docker container and volume for it to take effect. (This will obviously delete all of your container files/setup.) Stop and delete the running container, then delete the volume with docker volume ls and docker volume rm <volume name>. Then update docker-compose.yml and run docker compose -d up again.
(Sorry, some of the formatting on the commands got lost in the copy/paste... hopefully that makes sense)
Thomas Rittson
@eliykat
Also - Those instructions in contributing.md are no longer the recommended method, happy to update them in about 12 hours' time if that helps
João Miguel Campos
@mikibakaiki
That might help :) i can try and help out, if you want to test the steps with me?
Also i though that there could be a file or a section dedicated to launching in localhost for development. The information seems to be scaterred throughout many files and can be hard to find what's wrong - my case.
João Miguel Campos
@mikibakaiki
Also, a bit unrelated: what's the best platform to get answers? github issues, official forum, or here? :) just predicting that i might need some information on future work i'm trying :)
4 replies
maximedr
@maximedr:matrix.org
[m]
Hi! I like the new "Send" feature very much. Do you plan on implementing sharing directly username/password pairs ?
1 reply
Ori Newman
@someone235

Hey @someone235

  • if the password was for a specific login: open the extension > click My Vault > find and click the login > you should be on the "View Item" page. If there are any previous passwords, there will be small text down the bottom of the page that says "Password history: 2" (or however many previous passwords there are). You can click the number to get a list of previous passwords.
  • if the password was generated in the password generator: open the extension > click Generator > click Password History

@eliykat Hi, I saw it only now. Thanks a lot!

João Miguel Campos
@mikibakaiki
Hey guys! for research purposes, is it possible to link bitwarden with another type of DB, say sqlite? so, instead of running a SQLServer one, i'd use sqlite. I don't see it in the documentation, and I think I saw in bitwarden/server#453 talking about postgres, but not sure if it was just for Postgres
4 replies
Javier Domingo Cansino
@txomon
o/ anyone knows whether there is any documentation on the bitwarden client side?
or the protocol used between server and client
I'm trying to hook bitwarden as a secret store to my terraform configs, and would appreciate if there was any docs/pointers on how to go about it
Thomas Rittson
@eliykat
We have a documented public API, but it's more to do with managing users in organizations, so I'm not sure it'll expose the functionality you need: https://bitwarden.com/help/article/public-api/
I'm not sure exactly what you need to do, but you could consider just calling the CLI client from your program, that would allow you to access all functionality via scripting without having to reverse engineer the API. https://bitwarden.com/help/article/cli/
Javier Domingo Cansino
@txomon
yeah, that was my option #2 if there was no public API, the idea would be to link my personal infra with bitwarden through a provider with no external binary dependencies. for now I will just set the passwords manually though given there is no straightforward way
João Miguel Campos
@mikibakaiki
Hey guys! So, I'm trying to understand how the autofill works with the browser extension. I don't see any connections being made to the backend, so I assume that chrome has like a storage just for the extension, and here there is some kind of DB that stores all the vault's entries? Any guidance on how i can check this and maybe tweak it ? :)
9 replies
Andrea
@andreaz98
Hi guys, I'm a CE student who wants to get some experience on contributing to open source projects and I decided to start with BitWarden because it is a tool that I use a lot and I'd like to give my contribute. So, do you have any advice for a open-source-newbie? :) I'm having some troubles because I don't really know where I should start.
3 replies
mikibakaiki
@mikibakaiki:matrix.org
[m]
Yeah I think so! Go to the extension page, click on the background,html that’s there, opens the console and network tabs for the extension
Javier Domingo Cansino
@txomon
to me it appears under extension storage
not sure where exactly what you are looking for, but I can see the last generated passwords etc.
mikibakaiki
@mikibakaiki:matrix.org
[m]
Do I need to load the extension everytme I run the npm run build:watch ??
12 replies