Adding Biometric/PIN authentication with Master password re-prompt

Feature description

To add Biometric authentication as an option to use when asked for Master password re-prompt.
Right now when we’re asked for Master password re-prompt there is only an option to input Master Password. It would be easy if there was an option to use Biometric instead of Master password.

3 Likes

I 2nd that! Would be very useful especially if master passwd re-prompt is used often.

6 Likes

Voted! :+1: My master pw is rather long :roll_eyes: as it should be, so yes the retyping is getting to my arthritic fingers… at least my fingerprint hasn’t gotten too wrinkly yet!

4 Likes

Yes exactly, my master pw is also long and I find it very hard to type that every time. I moved to Bitwarden from Lastpass about 5 months ago and that’s the only feature I’m really missing.

5 Likes

Rather than “Master password reprompt”, perhaps it should be called “Reauthenticate”?

Lastpass absolutely nailed this functionality. It can reauthenticate biometrically and also keeps a separate timeout on the reauthentication.

4 Likes

I signed up to make this suggestion, but its already on the board.
Thanks

4 Likes

Revisiting this topic as a new user. I recently moved over from LastPass and, so far, THIS is the one thing that I’m really missing.

It was super easy to reauthenticate using biometrics via LastPass and, as the other user mentioned, still secure because it had a time-out feature as well.

Please, please add this feature to Bitwarden (both mobile and browser-based).

Thank you.

4 Likes

I also made an account just to comment on this thread - Totally second the need for biometric re-authentication!

I have master password re-prompt enabled for all my sensitive passwords, and while re-typing them in a computer isn’t so bad, typing a 15+ long password each time I’m trying to fill-in a sensitive password in my phone can get pretty annoying.

As someone who came over from lastpass, this is the single most feature that I find lacking - using fingerprint to re-authenticate when using bitwarden from a device.

4 Likes

OK so It looks like (upon removing and re-installing my browser BW extension (Opera, using the Chrome version)) that biometric reauthentication may now be an option?


I believe that “unlock with biometrics” can only unlock the extension. The master password re-prompt is a 2nd layer and at the moment, I’m seeing it still only can be unlocked using the master password (as of BW Extension 1.54.0 on Microsoft Edge 96.0.1054.43).

Unlock the extension (1st layer):

  1. Master password
  2. Biometrics
  3. PIN

Unlock re-prompt items (2nd layer, optional):

  1. Master password

We’d like to add biometrics to the 2nd layer:

2021-12-06_19-56-05

//

I agree with @Caign: the feature’s name probably needs to be changed. Not “master password re-prompt”: I also like “authentication re-prompt”.

Now, “authentication” also implies PIN unlock, so perhaps that is something Bitwarden also wants to explore.

1 Like

I also made an account just to comment and vote on this thread. I think this would be a real quality of life improvement and a useful feature as my master password is quite long. One should be able to re-prompt with biometrics or a pin.

3 Likes

Feature name

PIN Lock for Indivual Logins and Notes

  • What will this feature do differently? It aids additional security in the event that a bad actor or so-called ‘friend’ uses or gains access to your unlocked vault. The option to PIN protect credit card info, secure notes and other very personal items would be a welcome additional layer of security.
  • What benefits will this feature bring? It is a lot easier/quicker than having to use master password re-prompts with the additional benefit of not having to expose your master password as often (less chance of onlookers and keyloggers stealing your master password.)
  • Remember to add a tag for each client application that will be affected. This likely is more useful for desktop and web/browser apps, but certainly could be useful for mobile too.

Related topics + references

  • Are there any related topics that may help explain the need and function of this feature? It’s quite a difficult term to search for specifically.
  • Are there any references to this feature or function on other platforms that may be helpful? This feature is available on Lastpass - the previous password manager I used before I knew about Bitwarden. It’s the only fairly major thing I can think of that is missing.

Thank you!

2 Likes

Thanks to the OP for this. I posted a new feature request but was specifically referring to 2nd layer PIN unlock. This would be a great addition I think.

4 Likes

Yes! I don’t need fingerprint for first-time logging into the vault (I like the security of the password), but I would love it for re-prompting - would speed up my life a lot!!

3 Likes

Great explanation. I agree that we’d like biometrics to the 2nd layer. I would hope that, if we wanted, we could opt for having the fingerprint ONLY for 2nd layer (not for first).

3 Likes

I’m coming to upvote this request, is it in the roadmap yet please? It would be convenient to have a pin or fingerprint as a 2nd layer reprompt instead of master password.

2 Likes

Hey everyone! We are currently investigating how we can improve the password reprompt functionality.

7 Likes

Thank you for the update, @bw-admin. Is there something users / customers can help with this investigation?

From my specific perspective, I have a few troubles with Master Password Re-Prompt:

  1. Current thread - biometrics / PIN can authenticate the re-prompt
  2. Feature request / thread 34300 - re-prompt’d secure note content should not be visible [duplicate feature request]
  3. Feature Request / thread 18842 (wrongly closed) - autofill keyboard shortcut triggers the re-prompt
  4. Feature Request / thread 32894 - add a timeout so users don’t re-authenticate every 10 seconds

//

I believe 34300 has a confirmed fix, so that is great to hear:

Hey @ikjadoon, the upcoming enhancement to the master password re-prompt will apply to the whole vault item, not just the password field, and biometrics will be an option :+1:

4 Likes

This would definitely be useful on Mobile. Having to enter a long Master Password on Mobile to view/copy credentials on mobile is quite tiresome. Would it be possible to check? IE if the user is on mobile, then use biometric login instead (if enabled) to use open/view a credential

2 Likes