Sometimes it is not desirable for a particular login to be automatically autofilled with the “Autofill on page load” feature. Allow an override option per-login.
GitHub issue ref: add "Forced password input" · Issue #501 · bitwarden/clients · GitHub and disable bitwarden by url · Issue #258 · bitwarden/clients · GitHub
Not asking to copy this feature from LastPass, but adding an option on the settings to do not autofill fields that are already filled with custom data or whatsoever is also a good point for this.
In the Github issue, this feature is more than just disabling an auto-fill – we need the “Never URLs” feature (a blacklist, basically) of locations which never prompt to save logins, nor auto-fill. My specific comment there was:
“In LastPass these are called “Never URLs” just for reference - I as well need these for my work internally at my company. Besides websites that might cause performance issues, we have endpoints which are accessed without using Bitwarden (think RSA tokens) so wish to avoid “do you want to add this website?” every login to select domains and IP wildcards (https://10.12.*/, etc.)”
I have many work intranet sites that are RSA token logins and get annoyed when I’m prompted to save credentials for them, I can’t blacklist the sites and domains.
I agree with this. Most of the time this is fantastic and as an ex LP user, something that is a great productivity booster.
However, I have to have it disabled at the moment due to the fact that it automatically overwrites settings in my 3CX cloud PBX’s when I load a details page.
It would be great if we could disable it on certain domains.
I would really like to disable auto-fill on some sites that are sensitive - like banking.
Also will be good to disable autofill on page load if password field has attribute autocomplete=“off” or autocomplete=“new-password”.
Some business applications have forms with password fields and autocomplete attribute prevents from automatic filling passwords by browsers.
But unfortunately it not work in case of bitwarden.
I like autofill on page load feature, but disabled it because it put my password everywhere in type=“password” inputs, high risk to post if accidentally. No way from user or site developer side to prevent it.
I am having the same kind off issue, username and password fields (for webhosting accountts) are filled with my BW credentials for that specific site. We are using WHMCS.
These are credential fields for specific client users in my system. Once autofill is enabled these will be overwritten once i save the page.
Because of this issue i disabled autofill overall, that is really a bummer.
Specific use case; many banking sites use 2 separate pages for authentication where the second may be 'select first and third number`. If the page tags these fields as password, each one if filled with the whole password.
Any updates on this?
I’d like to flag this issue too. I’ve tried setting these ‘select’ inputs to a blank as a custom field but that doesn’t work. Autofill actually slows down logging with these fields and it would be good if they could be identified and left blank.
+1 for this, my business allows me to change passwords for my customers, so when I visit a customer’s page in my account manager, my login details are filled in. It would be great to be able to disable this by URL.
This is a HUGE PITA with my home router. It has lots of login fields for my Dynamic DNS provider and other settings in the router. I would like to store my passwords for the router in Bitwarden, but for the router’s site, I’d like it to never fill in any username and password fields.
Yes, this screwed me up huge, and wasted hours of my time because I saved a page in woocommerce > authorize.net gateway, and It autofilled the transaction id, and disabled checkout of a client site for a weekend. Had no idea this happened. Cost us both a lot of time and money.
uggggg… NEED to be able to disable auto-fill per url.
I am surprised it still is not added also.
Yes. Auto-fill of credentials wreaks havoc when administering systems that use system accounts for things like LDAP or active directory binding. Change a setting on the same config page and all of a sudden, nobody can log in.
This is a problem for me with rundeck. We have a lot of rundeck jobs that have an unmasked password field and these were being filled in with my password. This is problematic enough if someone is standing over my shoulder. Worse yet, it would be really easy to submit the job with that password and then everyone can see it. I had to disable autofill globally to prevent this.
Hi all,
This is still a hot TO DO, even though the autofill-feature is in beta, this should be an important feature. Maybe this can use the same list as ‘Never save’, which will be one less list to maintain?
This would be a nice addition to Bitwarden for a small user experience boost. I’ve been removing URLs for now, but that’s less than ideal.
Yes. I’ve had to turn off autocomplete completely because it is so over zealous, overwriting entire profile Details on certain sites.
Now when navigating to a website I have to select it 2x from the extension. Once to go to the website, then again to fill it. On Safari with Pinned Tab autofill still broken, I have to then copy and paste user name and then PW individually. Would love a more simplified workflow/experience.
Hi, I would like to add to add my 2 cents in as far a being able to prevent specific websites from being auto filled. I know it a beta feature so I have high hopes that something to this effect will be added on in the near future. For now I perioidically search my password vault to make sure it hasnt saved any sign in info on the sites I consider too risky to have them autofill.