Activity log connections password changed or removed

I’m a premium subscriber. I have a password that has suddenly disappeared. i don’t remember deleting it i never would delete it. Where can i find a log of connections changes made to my password such as them being deleted or changed?

@BradK Hi!

Do you miss “only” the (right) password in a vault item? Or is the whole vault item gone?

Do you have an organization/collections or only a personal vault?

If you still have the vault item, you can open it (e.g. in the browser extension) and at the bottom of the entry you can see “password history”. If you click on it, you can see password changes / previous passwords.

@BradK Welcome to the forum!

If the login item was deleted within the past 30 days, then it should be in your Trash folder.

If the login item is not deleted, but the password field was cleared, then the deleted password should be available in the Password History (click on the numerical value after Password history:, shown below the last update/creation timestamps at the bottom of the item details:

image

 

And to answer your specific questions, event logs are only available in the business plans (Teams, or Enterprise).

1 Like

Just one specific entry missing, that I’ve noticed at least, I looked for the trash folder however none is present. I am using a personal paid account. Looks like from another response I may be SOL as it seems these logs are business only. Though I would argue this is a basic feature that should be included in all versions.

Well that is a shame, as now i need find another solution that meets my requirements.

One could argue I would imagine quite successfully that even the free version should have this basic and essential security feature available if you cannot audit access to your vault in any way you cannot investigate anything that might happen. what if someone were to log into my account from another location there would be no log of the IP address of the attempted logins to try and trace back the source. Without logs one cannot even know if someone is being targeted or if someone maybe perhaps accidentally deleted something and wanted to know when it was or if there’s a password that was updated that should be logged as well this is very basic audit log information that should be available to all users.

@BradK Well, I can see the reasonable feature request here. And I’m not sure if the “user session management” on the roadmap contains that already?

In fact, there is no complete log - but you get a “new device logged in”-email. (Emails from Bitwarden | Bitwarden Help Center)

BTW: If you didn’t get such an email (that were not you yourself who logged in), then no one logged in… and if it wasn’t someone on an unlocked device of yours (and the entry is not in your trash), I would guess, that your entry may still be there but you don’t find it.

Every time your account is logged into from an unrecognized device, you will get an email notification with the IP address, timestamp, and device type.

Good luck finding a cloud-based password manager that offers activity logging for less than $4/month.

Whichever product you end up with, you should be regularly making backups of your vault contents (which would allow you to recover accidentally deleted data).

1 Like