Ask for TouchID when copying passwords

Ask for TouchID when copying passwords

  • I recently moved from Dashlane to Bitwarden, and for one major reason: TouchID. The shortcomings of this is TouchID can only be used to login to ones account, and the functionality stops there. I am requesting that TouchID could also be used in order to copy a password, once already logged into the vault.

Feature function

  • What will this feature do differently?
    Add an extra layer of security and convenience.
  • What benefits will this feature bring?
    Added security if one chooses to do so.

What layer of security and convenience would this add? I already need to use Touch ID (or Face ID) to open the vault every time. An extra Touch ID challenge would not add to extra security, imho. And it is less convenient also since I usually directly swipe back and forth between apps which would no longer be possible.

When leaving the vault unlocked and then leaving the computer/phone unattended is perfect for someone to copy a password without needing to know the vault password or unlock TouchID. This would be an optional feature geared towards people that would want an added check when leaving the vault unlocked. You’re use of Bitwarden may differ from others, and some may find this feature useful.

I would simply re-prompt for the master password every time the user asks to copy (or view) passwords in clear.

You’re trying to perform a risky activity, but now you’re not protected after you unlock the vault. I would prefer to have a double-check (opt-in) to unlock risky operations like this one.

It is just a matter of risks reduction, we must be realistic and concrete. Think you forget the laptop open 2 mins after the vault is unlocked, everyone can see you passwords with no extra-challanges and no development skills. I know, i can put the auto-lock immediately (and I do), but it is a workaround to cover this scenario.

This is a missing feature in a real-world scenario, I agree.

1 Like