When running bulk audits such as 'Unsecure Website Report.
Changing HTTP to HTTPS is a very long and tedious process at the moment. A user needs to open a single item at a time, click edit, change to HTTPS and save.
Having a ‘search and replace’ or an automatic option by Bitwarden to update or add those URLs will make this function quick and useable.
FYI, this screenshot is after I change tens of entries already.
In the meantime, it is pretty easy to export your vault as an unencrypted JSON then use a global search and replace to look for http:// and replace with https://.
Thanks.
That is a solution for novice/ tech people not for the general public.
The ‘reused password’ tool is also a bit odd. It will show a list of resued passwords but not which items are using those same passwords. so a user needs to run a memory challenge to open and close items to find the ones that are the same. I assume the list bundles the items together (one after the other) but that is not that intuitive.
Thanks.
That’s a good idea.
In the process of implementing, I would suggest a small improvement though:
For every automatic replace, it first checks if the HTTPS page exists
Furthermore, it could be a nice feature if adding an HTTP page to your vault, it checks if the HTTPS page is the same and asks you if you would not rather save the HTTPS instead. (but maybe I’m treading into feature creep now)
I agree. However we need to remember that these features are mostly used once during or after initial setup and mostly for users who migrate from another app.
I would recommend a complete ‘on boarding’ feature during import process.
I am not sure how many people actually know or use these extra features. I assume they only know and want to use these extras when comparing between the paid and free versions.
I, too, would like to voice my support for such a feature. My vault report says that I have 59 “unsecure” sites in my vault. This is just how they were formatted when I imported them from LastPass.
If you only recently switched to Bitwarden, it may be worth your while to purge your vault and start over with a new import, after conditioning the LastPass CSV file to add https:// prefixes to the URLs. This can be done fairly easily in Excel — let me know if you would like further instructions.
Maybe the easiest solution is to use the settings of your browser. This way the good isn’t restricted to links accessed through BW, but also links in mails, etc…