Define Emergency Access on a “per entry” level - or at least “per folder”.
Feature function
I think it would be very helpful to be able to define which entries of my vault an emergency contact should be able to gain access to.
This feature would help my family and friends to handle important stuff if I am no longer able to do so. As it is now, they would have to dig through 250+ accounts and decide whether they need to do something with them or not.
With this feature implemented, a user could hand pick only the important accounts and decide which emergency contact should receive them. For example this would allow me to hand over my financial accounts to my parents, my social media profiles to my sister and the key to my super secret mario world kingdom to my weird best friend…
Feature requests are not about telling Bitwarden how to do their job. BW took liberties with the overall request in order to make it work with their current system. Their recovery system works quite different than anyone expected, but it is functional and better than what we had.
With their current system, you can’t even share items at the granularity that you want. Their work around to making a feasible timeline that didn’t require throwing out their existing system was to do it at the account level.
But I do agree that you feature sounds like a good idea.
@SamuelBlickle - getting an MVP out there for practical purposes was super important to us. We’re happy to have specific feedback like this to help us understand the need/demand for this function (and any others related to Emergency access for that matter).
We will try to put requirements for large features out like we did here: Emergency access - #118 by cscharf - and let everyone know where our phase 1/2/3 goals are.
I’m currently using Keeper Security, and considering switching to Bitwarden. I’ve used Dashlane in the past but switched due to some significant bugs. In addition, their support - though responsive - never actually did anything.
However, the one feature that I keep looking for that Dashlane did have was the ability to provide emergency access to a subset of vault records. I see that the Emergency Access feature was only added recently, after hundreds of users requested it for 2 years+. If I die or become incapacitated, I would want my family to have access to important financial and legal information - but I don’t necessarily want them accessing personal logins.
The inability to do this makes the emergency feature of limited value.
The lack of this feature makes me feel I might as well stick with Keeper security.
I want this feature as well and I have been thinking about it for a long time and trying to come up with a way to make it work and I finally came up with a solution. I was able to accomplish what I wanted by purchasing a family account which includes up to 6 users and unlimited collections within the family organization. I will describe how I did it but first you need to understand that when you set up a family organization you are creating a unique vault that is separate from your individual vault. It took me a while to figure this out because Bitwarden uses the word “share” to describe the process of transferring ownership of a record from your private vault to the organization vault, and the word “share” to me implies that I continue to own the record, but once I realized that ownership of the record is actually transferred to a separate and distinct organization vault and I no longer owned it, then things started to fall into place and I was able to figure a solution, here is how I did it…
I set up a family organization with myself as the owner of the organization and I invited the person who I wanted as my emergency contact to be a part of my family organization.
For the records that I want to share with my emergency contact in the event of an emergency (I call those legacy records), I keep them in my personal vault, they are not “shared” with the organization vault. I then designate the other person as an emergency contact with “view only” access which allows them to view only the records that I directly own in my personal vault, they cannot also view records that are owned by the organizational vault that are shared with me.
For the records I want to keep private and never share with anyone, not even in the case of an emergency and not even after I am dead, I “share” those with the organization vault (i.e. transfer ownership to the organization vault) so that I no longer own those records directly, they are now owned by the organization of which I am the owner. Then I save those records in a collection called “private” and I do not share that collection with anyone except myself. Also make sure that there is on one else in the family organization that has any level of access within the organization to access that collection or to access all collections.
The net result is that I can designate which records my emergency contact can view…my emergency contact will be able to view the records in my personal vault, but not the records in the organizational vault that are shared with me, including those records in the private collection.
Yes being able to define what is visible to emergency contact(s) is an important feature. Not only my emergency contact would not have to dig to find what matters, but there may well be items that I don’t want to share with anyone else, or items I only want to share with a specific emergency contact but not another…
Upvoted!
edit: RandomGuy’s solution above does work but not anymore when two people in an organization want to be the emergency contact of the other - since the admins / owners always have access to all collections.
For a more gradual access and a lower price (5.), I would make that workaround the other way around:
family_admin is your main account with access to everything. It doesn’t grant emergency access to anyone.
Then you use the family share function (collections in the family organization) to share the things you want to share with family_emergency_access and maybe others like friend_emergency_access (and up to 3 more).
family_emergency_access now gives full takeover emergency access to a free account or several ones that are owned by your family or whoever is supposed to have emergency access. You can do the same with friend_emergency_access and up to 3 more.
You can use it to share on a more gradual level, to only share certain things/collections with family_emergency_access and others with friend_emergency_access (and up to 3 more).
If you don’t need 5 collections for 5 other users but only 1 for 1 other user, you could do it with normal premium accounts and don’t even need a family account. In that case you’d just use the Free Organizations feature for sharing. If you really want to push it and don’t need premium features on your main account, you could even do it with only one premium account for your use case.
You don’t have to worry about the accounts getting “full takeover” access, because the access giving account(s) doesn’t have access to any critical data.
It could also be used to solve the problem that @daviddem mentioned (4.).
You even have more security with this solution, in case the behaviour of “view only” access gets changed.