It would be an amazing security feature to be able to have a default global preference for any new logins as well as be able to set this preference on individual logins.
I understand the convenience of it 100%. But, it would be good in my case to be able to have the password history of all my passwords cleared every 45 days or so.
Why do you need 45 days? Under what conditions might you use a password history on Day 44? And what would happen if the same conditions arose instead on Day 45, just after the histories have been expunged?
I update the passwords of some accounts on a monthly basis. So it would be good to keep the password history of a password I made a month ago once I go to make the new one. I give myself additional days in case I canβt get the stuff done immediately.
Do you always update all of these accounts on the same day (or within a 2-week period)? If not, some of the old passwords could get erased earlier than expected (i.e., after less than a month) if the feature is implemented the way that you have requested it.
It sounds like perhaps a better solution would be an option to restrict the password history list to store only a single password at a time.
It turns out that there is a little-known bug in the password history implementation that can be exploited to achieve just this functionality. For each vault item where you want to limit the size of the password history to only N entries (N = 0β4), edit the item and create a specific number (M) of custom fields of the hidden type, where M = 6βN (e.g., in your case, to keep only one password in the password history, create five such hidden custom fields).
Each of the hidden custom fields created for this purpose should be given the same field name, but a unique field value. For example, in the example below, the field name has been set to pwpurge for all five fields, and the field values are set to 1, 2, 3, 4, and 5, respectively:
Save the edited item after you have added these fields.
Now, each time that you change the password of the item, the password history will contain only the most recent value of the password, as shown below:
The caveats with this method are that it will stop working if Bitwarden fixes the bug, and that the password history (i.e., the one most recently used old password) will be lost if you ever edit and save the vault item without updating the password (e.g., if you are editing some other information stored in the item).
