I have 2 entries. One and SSO with 11 URI for the same password as they are all SSO sign ons. Now I have one other entry for an email login that uses same SSO just email to login. So why can’t I get rid of the At Risk warning? With only 2 entries using same password this should not be flagged is there a way to stop this flag as I ONLY want to see this message if my password has actually been compromised.
That is not possible at the moment. There are three reasons for those “at-risk warnings” to appear: 1. “weak password”, 2. reused password (i.e. used in more than one login item) and 3. exposed/breached.
There are two relevant feature requests here:
Yeah needs fixing we want the message if a real breach but just because we have SSO sign ins at work.. 11 I was able to put under a single one.. but one specific one requires email so I had to make an entirely different sign on for that one I got this irritating message.
One (hopefully temporary) work-around would be to add the 12th URI to the main login item, and keep the special login item but clear its stored password. You would then autofill twice — first with the main login item to get the password, and then with the special login item to replace the previously filled username with the email address that you need.
Not ideal, I know, but it would get rid of the warning banner.
You might also consider voting for this feature request, which would allow the password to be stored only once. Beyond eliminating the warning, it also would allow you to update the password in just one location when you need to change it, eliminating a source-of-error.
1 Like
I just remembered another approach that sometimes works for these types of cases (and if it works, it will be easier to use than the work-around method I had suggested above).
Use the right-click context menu Bitwarden > Copy custom field name (followed by paste) — or preferrably, Inspect — to see if the email input field has an id, name, aria-label, or placeholder value that is sufficiently unique that it can be used as a label for a custom field (“sufficiently unique” = the custom field will not autofill the username input field on any of the other 11 SSO login forms).
If so, edit the main SSO login item to add the 12th URI, then create a custom text field using the unique label found above, and enter the email address in that custom field.