I recently migrated from LastPass to Bitwarden. The vault transfer was tedious, and LastPass is partially to blame for its limited CSV export. However, once I set up the vault, I was surprised by how difficult it is to get app autofill working on Android - I did not expect Bitwarden not to find the login credentials for an app when the vault contained the app’s associated URL. Bitwarden clearly recognizes app package names during autofill attempts, yet it requires users to enter them (e.g.,androidapp://com.package.name) manually as URIs to link credentials, which is unnecessarily complex and creates friction for users who are already navigating a sensitive migration (my phone has 221 apps and the vault has 452 logins; it will take a considerable effort to complete the linking!).
From a technical standpoint, Bitwarden has all the information needed to securely infer the correct URI format. A simple toggle—“Auto-link apps using known package names”—would let users opt into a smarter experience without compromising security, dramatically reducing onboarding pain, and improving retention.
Microsoft succeeded in migrating Lotus 1-2-3 users to Excel by supporting familiar functions and command keys. Bitwarden could follow a similar path: respect user expectations, reduce friction, and build trust through usability—not just encryption.
I’m a college professor and systems designer, and I see this as a strategic blind spot. Bitwarden’s growth is limited not by its security model, but by its UX rigidity. Please consider implementing smarter app-linking logic or at least surfacing package name suggestions during autofill failures. It’s a small change with a significant impact.