We really need this option, this is an ever increasing frustration that could very soon make the “Special Characters” checkbox within the app obsolete leading to people choosing less secure passwords and defeating the whole purpose of having the password generator to begin with.
With so many more websites, organizations and applications adopting password complexity as a requirement and with there being NO STANDARDIZED MODEL for such an ambiguous topic such as which special characters to allow or disallow this is in desperate need of an implementation change.
I propose 3 changes specifically:
A simple editable text box hidden behind an expansion arrow below the “Special Characters” tickbox that will pre-populate with the default special character set in comma deliminated format that will accept only special characters (excluding specialized ASCII characters that would require alt+xxxx functions under windows) along with a button or tickbox that allows you to automatically apply the persistence to the proposed “Domain Rules” Functionality (See Below).
A function for Domain based persistence of a selected special character set and the associated added functionality to the Password manager>Preferences>domain rules.
Here you can edit the special character set based on domain added as a new pane under the dropdown section when choosing to edit an individual domains preference that will simply show a pane with the same editable textbox from the password generators expansion arrow.
Add a section under Admin Console>Settings>Policies>Password Generator.
Add Functions:
A Tickbox allowing the admin to completely disable functionality for changing the special character set in the password generator.
And a editable text field called “Managed Domains” that allows an admin to disallow editing the special character set for certain domains the administrator chooses, also in comma deliminated format.
Currently, one can just enable special charaters, which include $ % and ^ as well. Those characters might cause issues on some (especially older) systems, so one has to remove/adapt them by hand, if not wanted.
How has this not been implemented in 6 years? More and more websites have a special set of special characters allowed. The default list in bitwarden has special characters frequently not allowed on sites. To fix this in the password generator allow the special characters to be edited on the left when clicked on
Most banks and other financial institutions does not allow certain special characters when changing password.
Here’s an example of a password policy: 8-32 alpha numeric + special characters; excluding any of the following characters:
~ ; < > " & { } ( ) space and the word script or userid
Please add a feature that will support selecting which special characters to exclude when generating password. This would prevent manually replacing special characters from generated passwords.
Hi, I am a newbie here, having used BW for only a couple of weeks. However, this issue is causing me some problems with a few websites so I must put my two cents worth in.
There are so many good ideas presented on this thread I am not sure my idea is even relevant. But I think the simpler solution would be to allow the user to define his own custom set of special characters, or, alternatively, accept a default set. As another alternative, then give him the option change it for a particular login set. I think it should be kept as simple as possible.
I wanted to add my 2¢ to this discussion. I would like to see some means of controlling which symbols are used in generating a random password using punctuation marks. This seems like such a common occurrence when I sign up for a site. The use of checkboxes would be helpful. Even better would be a way to copy the list from the site (there’s usually a list of accepted characters) and drop it into an input box. Then, have that list parsed and applied to the above-mentioned checkboxes. Furthermore, if a symbol is allowed on a site but is not in the list of symbols used by BW, simply ignore it. The symbol being allowed doesn’t mean it has to be used, just that it could be used. I would expect that this feature could best be handled as a popup window that a user could open to refine the symbols. Then there is the issue of storing this list on a login-by-login basis.
Do you know if it’s possible to add this feature to the roadmap? It does not seem like a very complicated one and can be implemented by changing a span element with special characters to input (and read from that field). Would look something like this (I didn’t allign it perfectly, but it’s good enough to show the concept):
