Bitwarden Roadmap

Sure there are more fundamental things to work on.
But it is the number one voted request on the forum.
I hope the team takes that into consideration.

The overlay pop-up was one of the things that caused me to switch to Bitwarden from 1Password. I found it incredibly intrusive and the final straw was the Safari iOS extension allowing the same feature on iPhone and iPad.

1 Like

Your comment worries me a lot. Starting with:

  • If votes are not the mechanism used by the community to prospect for new features, then why does this system exist?
  • Those 700+ are users who bothered enough to enter the forum and put their vote, surpassing the rest of the features listed.

Please, don’t get me wrong… even for me this functionality becomes secondary when there are so many basic things that are not in the product like:

  • More item categories
  • Offline support
  • OTP QR scan in all clients, including desktop
  • Store documents on mobile devices
  • More field types
  • Tags… I mean tags…
3 Likes

Think of the feature requests as a suggestion box - the more votes that are cast for the same suggestion, the more attention it gets by the Bitwarden developers or community members that want to make a contribution. Bitwarden is the youngest major player in the password manager industry, so it has a lot of room (and support) to grow, at least within the constraints of their modest development team.

What the Feature Requests category is not is a democracy, which I think some people seem confused about. Also note that there is no way to “downvote” a suggestion, no matter how insensible a feature request might be - that means that there is no way for those who have a dissenting opinion to cast a vote, so clearly it cannot be a democratic system, only suggestions.

One last observation - the most highly voted features seem to be requests to make Bitwarden behave more like a user’s previous password manager. For one, I am glad that the Bitwarden team is choosing other priorities over some of these requests because Bitwarden is a strong product that outperforms other password managers I have used, and I personally feel it would be a mistake to try to turn it into an inexpensive ‘clone’ of competitor’s projects.

5 Likes

Hi @Juanra,

Please bear in mind, I’m just a fellow Bitwarden user. I don’t work for Bitwarden and I have no influence in deciding what gets worked on. It was just my opinion as a user of the product.

Bitwarden have stated several times that they are evaluating how this should be implemented, so it sounds like those who want a popup overlay will get it at some point.

Cheers,
Dan

1 Like

I think it is about sharing items with a single user https://community.bitwarden.com/t/item-sharing/238

1 Like

As I mentioned in the chat at todays presentation, I would like to see Bitwarden take some sort of tact like Google with it’s Advanced Protection, and similarly Microsoft’s offering, to eliminate Master passwords altogether. For my Google, Microsoft, and when I log into work in the morning, I use a FIDO2 key (Yubikey) that is PIN protected. I have multiple keys to prevent being locked out, and it gives me the protection of MFA (something I know PIN and something I have, Yubikey). There is no risk of getting my master password compromised if I don’t have one at all.

I forgot to add, here’s a link to Google’s offering: Advanced Protection, and Microsoft’s offering https://www.microsoft.com/security/blog/2021/09/15/the-passwordless-future-is-here-for-your-microsoft-account/

Thanks for the feedback David! Bitwarden is part of the FIDO alliance and keeping a close eye on emerging security trends and passwordless solutions, stay tuned for future updates :+1:

Hey everyone, the Bitwarden Roadmap 2022 graphic above has been updated, you can watch the product team walk through the roadmap in the most recent Vault Hours session.

1 Like

Any plans to support storing FIDO2 passworless credentials, but being a FIDO2 authenticaor? I don’t want to be locked into a platform solution for FIDO2 passwordless. I would prefer to use Bitwarden and have access to these across multiple operating systems?

1 Like

See here: Store WebAuthn/FIDO2 Credentials in Bitwarden - #4 by go12

Sorry, I’m going to ask again, but what about a real backup, meaning a encrypted export with a key independent from account encryption ?

I’m still frustrated and also worried not being able to do a real simple and secure backup of a vault with all the password I own.

Last time, a crew member said that not everything is on the road map and, if I remember well, a blog or someone found something into the code about a feature like this, but no news since.

Is there still hope for this ?

2 Likes

Hey @TiTwo102, this is currently possible with the Bitwarden CLI using the export command :+1:

  • --password <password> to specify a password to use to encrypt encrypted_json exports instead of your account encryption key

I’ll pass on feedback to the team regarding being able to do this with other clients.

Thank for the reply.

I get it’s still better than nothing, but it’s a workaround that is not really user friendly (I bet > 90% of people reading about CLI won’t understand a single line), plus it seems like it doesn’t work on phone or tablet, which are the most used tools to access internet.

Really hope it will come in the near future.

2 Likes

Thanks @TiTwo102, rest assured I’ve passed the feedback along to the team.

Hey @TiTwo102 - in the meantime, I highly recommend storing unencrypted JSON backups to an encrypted volume on your PC, such as a VeraCrypt volume (works on Windows, Linux, or MacOS).

On mobile, both iOS and Android have either built-in and/or third-party functionality to create password-protected, encrypted folders, so you can already store unencrypted JSON exports from Bitwarden securely.

1 Like

Sorry, but just clarify (@TiTwo102 or @dwbit):

The current feature in the Chrome Addon is insufficient as the encryption key is not independent of the account key?

Hey @ZamboniDriver both options are valid :+1: In both cases, you are still responsible for maintaining credentials needed to access the encrypted vault.

Vault data can be exported in an encrypted JSON file. In most Bitwarden apps, these exports are encrypted using your account’s encryption key, which are generated on account creation and unique to each Bitwarden user account. The CLI has a unique option to encrypt the file with a specified password.

Rotating your account’s encryption key will render an encrypted export impossible to decrypt. If you rotate your account encryption key, replace any old files with new one that use the new encryption key.

Account encryption keys are unique to each Bitwarden user account, so you won’t be able to import an encrypted export into a different account.

What do you mean by enhanced localization?
Is that referring to folders?

Are we finally getting this thing sorted out?