Adjustable erase time in the Trash

bitwarden is the best password manager. :grinning: But I have one small requirement.

I would like to be able to set the erase time in the Trash individually. For me 30 days is too short. I would like to set 365 days to be really sure that I no longer need the access data.

Hello @genesis and welcome to the community,

This is actually something that can be adjusted and specified currently, though only with a self-hosted instance.

This can be changed with the environment variable adminSettings__deleteTrashDaysAgo=365

We use the Bitwarden-hosted version.

I’d argue that 30 days is too short, to begin with. A login being accidentally deleted might mean that you permanently lose access to that account (if you delete a login that has the password, 2FA secret, and 2FA recovery keys) which might be a business-critical issue.

So, perhaps allow a higher (configurable) retention period, at least for paid plans? So, e.g. for paid users, you offer 90 days, which would be much better, even if there’s no further configuration. I don’t really see a downside with this from a user’s perspective (since if you need to delete something for good earlier for compliance reasons or anything, you can still permanently delete items individually). I understand this would increase the operation cost of BW, but since we’re talking about database entries with like 100 characters of text (and sometimes attachments), the impact should be minuscule.

Mistakes happen, and the export feature of BW is incomplete with attachments missing, so even with an external backup you can lose data. A configurable retention policy that covers more than 30 days is quite usual for services storing such important data, but a longer retention period would be good enough as well.

I can see that this would affect Bitwarden’s Azure hosting costs. Perhaps offer it as a Premium feature (as they do TOTP).