Add Extra "Password" when changing your Master Password or Email

TD;LR: Adds an optional security feature (A second password besides the master password) when trying to modify the master password/email, deleting trash/soft deletes or change logs.

I suggest that Bitwarden adds an optional security feature when trying to change the master password or email account.

The optional security feature is that you have to enter a “second” password only used when changing the one of the above things (you should continue to enter the current master password as it is today). The idea is that the second password is not used normally any places, so in case of a breach (your master password gets exposed when trying to login on your vault) then it would be impossible for a harmful entity to lock you out of your account by changing your master password to something you don’t know.

The “second” password/pin code ensures that you can continue to have access to your account and change your master password. (The “second” password should not be used other places).

Likewise, the “second password” could be required simultaneously with the master password when trying to delete “soft deletes / the trash” (when that feature is implemented). If a feature like a “change log/history” is implemented then it could also protect this from being deleted thus keeping the history intact even in situations where a harmful entity have gain access to your vault and is “deleting” or changing your logins and passwords.

Then only you have the opportunity to 1) change the master password (thus stopping the attack), 2) See any changes done by an intruder (in the change log) and the intruder has not way to “remove” his/hers actions. 3) If done in collaboration with this suggested feature “Encrypted Folder within your Vault” then it might not the entire vault that has been breached thus keeping access and stopping intruders for access to the account are crucial .

This could be accomplished simply by requiring a second form of 2FA when editing the master pass, for example one of my suggestions was to add 2 forms of 2FA requirement to login, so when editing the master pass it could say Enter Current Master Pass, enter 2FA code, and then email you a pin to get access to the password editor section.

I was just about to make a suggestion like this. I agree 100%, I have been recommending Bitwarden to people and one major question I get is “what if someone gets my master password?” The greatest fear is beyond the fact that they have access to all of your accounts, but a hacker’s ability to change the master password and officially lose access to everything. I was under the impression that Bitwarden would email you a verification code first, but I tested it out and it turns out that is not actually the case. Now I worry about the people I’ve recommended Bitwarden to, as I imagine a lot of them might actually end up being clumsy enough with their passwords to allow this to ruin them. I like the idea of a second password that’s entire purpose is to change the master password, at the very least it should be an option.