Bitwarden Roadmap

Any plans to support storing FIDO2 passworless credentials, but being a FIDO2 authenticaor? I don’t want to be locked into a platform solution for FIDO2 passwordless. I would prefer to use Bitwarden and have access to these across multiple operating systems?

1 Like

See here: Store WebAuthn/FIDO2 Credentials in Bitwarden - #4 by go12

Sorry, I’m going to ask again, but what about a real backup, meaning a encrypted export with a key independent from account encryption ?

I’m still frustrated and also worried not being able to do a real simple and secure backup of a vault with all the password I own.

Last time, a crew member said that not everything is on the road map and, if I remember well, a blog or someone found something into the code about a feature like this, but no news since.

Is there still hope for this ?

2 Likes

Hey @TiTwo102, this is currently possible with the Bitwarden CLI using the export command :+1:

  • --password <password> to specify a password to use to encrypt encrypted_json exports instead of your account encryption key

I’ll pass on feedback to the team regarding being able to do this with other clients.

Thank for the reply.

I get it’s still better than nothing, but it’s a workaround that is not really user friendly (I bet > 90% of people reading about CLI won’t understand a single line), plus it seems like it doesn’t work on phone or tablet, which are the most used tools to access internet.

Really hope it will come in the near future.

2 Likes

Thanks @TiTwo102, rest assured I’ve passed the feedback along to the team.

Hey @TiTwo102 - in the meantime, I highly recommend storing unencrypted JSON backups to an encrypted volume on your PC, such as a VeraCrypt volume (works on Windows, Linux, or MacOS).

On mobile, both iOS and Android have either built-in and/or third-party functionality to create password-protected, encrypted folders, so you can already store unencrypted JSON exports from Bitwarden securely.

1 Like

Sorry, but just clarify (@TiTwo102 or @dwbit):

The current feature in the Chrome Addon is insufficient as the encryption key is not independent of the account key?

Hey @ZamboniDriver both options are valid :+1: In both cases, you are still responsible for maintaining credentials needed to access the encrypted vault.

Vault data can be exported in an encrypted JSON file. In most Bitwarden apps, these exports are encrypted using your account’s encryption key, which are generated on account creation and unique to each Bitwarden user account. The CLI has a unique option to encrypt the file with a specified password.

Rotating your account’s encryption key will render an encrypted export impossible to decrypt. If you rotate your account encryption key, replace any old files with new one that use the new encryption key.

Account encryption keys are unique to each Bitwarden user account, so you won’t be able to import an encrypted export into a different account.

What do you mean by enhanced localization?
Is that referring to folders?

Are we finally getting this thing sorted out?

The team is aiming to amalgamate localization projects, as right now, separate translations are required for 4 different projects. Can you provide more context on folders and getting it sorted out?

There is more of this, but those two feel like the most important.

I have been a premium user for over a year, and not much changed in relation to folders.
It is weird to me that when I think of sorting folders and passwords, it seems way easier to export password to KeePass, then fix all folders/passwords location etc, and then import back to Bitwarden. Because in KeePass you can easily drag and drop folders and passwords.

4 Likes

Thanks for clarification, yes, vault item labels will improve ability to tag/organize vault items.

4 Likes

As a user I would like to see features as more compatibility with others web vaults, like locker for example, to be able to import from there to bitwarden, also be able to import notes of passwords when I import them into bitwarden. Thank you so much !

1 Like

Hey @Paloma thanks for the feedback! Are you trying to export from locker(.)io? Even though we don’t have a specific importer for that one yet, you can export your data and condition the CSV to import into Bitwarden.

Regarding notes, they will be imported if they are not larger than 10,000 characters, which can be edited down if needed in the csv file.

If not already created, you can also create specific feature request posts for voting and community discussion.

1 Like

SAML claims would ease deployment across organizations who have already manage RBAC through SAML claims from their IdP.

I’m very skeptical of FIDO2 / Passkey since local vectors are not addressed, nor are the fundamental insecurity of biometrics addressed. If it is implemented in some capacity within Bitwarden it should disclaim that device theft or Government orders are much higher risk with passkey - especially when used with Biometrics

Hey @ninjaquick feel free to provide any supporting resources/articles for the community to review.

2 Likes

Did you guys drop Windows 7 support? The new version doesn’t run.

Hey @Essadon,

Unfortunately, the Bitwarden Desktop Application no longer supports Windows 7. Microsoft ended support for Windows 7 in January of 2020. The Bitwarden Desktop Application remained compatible with Windows 7 until August of 2022.

Bitwarden is still accessible on Windows 7 via the Bitwarden Web Vault (https://vault.bitwarden.com/) and browser extensions (Get Started with Browser Extensions | Bitwarden Help Center).

If you’d still like to use the Bitwarden Desktop Application, you may consider downloading the portable version of the last Windows 7 compatible release (version 2022.6.2). The portable version will not attempt to automatically update. It can be downloaded from Bitwarden’s Github page (it is named Bitwarden-Portable-2022.6.2.exe): Release Desktop v2022.6.2 · bitwarden/clients · GitHub

Please note, that as Bitwarden continues to develop, the portable version of the Desktop Application may become incompatible with the core Bitwarden service. Additionally, it is possible that important security updates will be included in future updates and this portable version of the Bitwarden Desktop Application would not receive such updates. I encourage you to use the Bitwarden browser extensions or the Web Vault, or consider moving to a different operating system (such as a newer version of Windows or a version of Linux).

1 Like