Why is there no option to be able to delete an old password that you do not use for any reason? I think it should be featured in the next update or so as it might prove useful in some cases.
Can you please implement a delete old saved password history? There is no need to keep them. And for security reason it’s better to delete old manually generated password.
2 Likes
I agree, the password history in general is very very helpful and sometimes even life saving.
Anyway it’s a security and privacy risk for shared entries / values, as this history stores everything, even private information from hidden additional fields like personal questions for account recoveries.
I would really really appreciate a function which deletes the complete password history of an entry.
1 Like
usecase: (mine) when you decide not to store all login info in Bitwarden to specific accounts. I.E. to another Bitwarden accounts - WORK, clients’, etc. Also to the main email accounts that are entry points (via password reset) to other key services. So you don’t want when someone hacks a device where your Bitwarden vault is open, to have blast damage far more than “just” your Bitwarden/private life. So you store only partial login info in Bitwarden, the rest is in other place (in phonebook notes etc.? only you know how to put pieces together to create the password)
current workaround: Bitwarden remembers only 5 last passwords. So you rotate the entry 5 times, until nothing juicy stays in password history
Here’s another work-around:
- Edit a login item.
- Create 6 custom fields of the Hidden type; if you have existing custom fields that are of the Hidden type, make sure that the 6 new fields are last in the list of custom fields.
- Give these 6 custom fields identical names.
- Give the 6 custom fields values that are unique (e.g.,
1,2,3,4,5, and6). - Save the item.
- Open the login item for editing again, but make no changes.
- Save the item again.
Now, the password history will be effectively disabled, because it will always display the values given to the last 5 of the 6 hidden fields (e.g., 2, 3, 4, 5, and 6). Thus, the previous passwords will not be captured in the history anymore.