This is extremely annoying and for me, it’s an accident waiting to happen where I might accidently hit yes and then my long Bitwarden password will be gone and overridden by the latest password I have entered in Bitwarden.
I also don’t want to stop Chrome from remembering changes to my master Bitwarden password so selecting “never remember” isn’t an option.
Why would you want to do that ?
It’s definitely recommended to disable your browser’s password function when using any other password management utilities, if possible.
Making a non-digital, safely secured backup of your Master Password is often recommended, too.
By asking Chrome to remember your master password, you have essentially defeated the security for the password manager. The encryption uses the windows encryption, which means if they can hack your windows account, they can decrypt the password. Once they have your master password, they can hack your password manager, though 2FA would slow them down.depending on which method you use for 2FA.
You should do 2 things:
- Type out your master password to a text file and save the text file to a USB key.
- Export your vault as a csv file and save it to the same usb key unencrypted.
Store the usb key something physically secure. A good place is your safety deposit box, but it could be hiding place, but don’t forget where you put it. The reason to store it unencrypted is in case you forget the key.
If you forget the master password, you can look it up. If you mess up and update your password to something unknown, you can use the vault backup to restore.
Thanks for the suggestion. In hindsight, it appears I wasn’t clear.
I think this might be a bug in how Chrome or even Bitwarden reads website details. Both “services” don’t seem to be intelligent enough to know that I’m not actually changing the master website password.
Furthermore, while Google has an experimental feature called “Username first flow” where the user has to type username first on one page and then another password on another page, Bitwarden does not. However, this feature doesn’t work for me as I tried on different financial institution websites.
Just to clarify. When I’m using bitwarden to autofill a site and it populates the form it also asks me if I want to change bitwarden’s masterpassword. It shouldn’t be doing that. I tested it out recently and the issue still exists.
So you are still using both Bitwarden and the Chrome password manager in parallel. Sorry, but I would like to compare this to a plane on which both the captain and the co-pilot are operating steering, navigation and acceleration at the same time. I am pretty sure that this would not end well.
After having used Bitwarden for at least a year have you not build up enough trust into this product to stop using the Chrome password manager ?