On the change at risk warning message for passwords, how does it know what the password is to give it that message? I mean is something actually seeing what the password is? Well, guess something has to see it to give that message. Is it some type of program, algorithm? Is this something that would be possible for a human to see?
Yes, the Bitwarden app (or extension) “sees” all of your passwords while your vault is unlocked, and uses this information to check for duplicate (i.e., re-used) passwords, or passwords that it deems to be “weak” (using the zxcvbn algorithm). To check for breached passwords, it uses a service provided by haveibeenpwned.com, in which your password data are protected using “k anonymity” during the database lookup.