There’s a HTML attribut called
autocomplete for the
<input> tag, which specifies wether a password field is for logging in (value of
current-password) or to create/change a password (value of
new-password). Also if there’s an attribute
id="new-password", the field should also be treated as a new password.
I think Bitwarden should not automatically put saved passwords into fields meant for new passwords. Also it seems Auto-fill puts the saved password into multiple fields on the page. I think this should be limited to one field (for example the one contained in the which has the focus)
Another thing is when you click a field meant for new passwords, Bitwaren could suggest using the password generator. In this case there’s often a “confirm your password” field, where it would be good to fill in both fields and not just the first one.
Chrome does it like this, which I found really useful:
Or if there’s already a password saved, it will list that along with the username and make the password generator a second option: