Help in changing existing passwords for migrating (LP) new users

Feature name

  • Change or update existing password

Feature function

  • currently updating passwords is a tedious manual task
  • Bitwarden is getting a ton of fleeing LP customers, but with now tools helping in changing existing passwords. Many new customers can have +1000 existing items, changing them with the current process is beyond viable.
  • The new functionally doesn’t need to be an autopilot, simply cutting down the steps top a few clicks max.
1 Like

Some PW managers including LP have a “change password” button that supposedly does this all automatically upon the user pressing that button. I never tried it and can’t imagine it works without errors.

But, it’s pretty simple to change passwords in Bitwarden. Just a suggestion, copy the existing password for a site into the Notes field. That way, if something goes haywire during the password change, you still have the old one available (avoiding the “Forgot password” gyrations).

I do that, then go to the generator and create a new password, then paste it into the Bitwarden form (overwriting the password field, but remember leave the existing password alone in the Notes field). Then paste the new password into the site’s New Password field(s), save, and remember to then save in Bitwarden. Takes a little time but safer IMHO.

Thanks, I’ve watched some videos, but this is a hard one to scale. I have myself as an IT professional tons of passwords. The process seems very slow. The other aspect is scaling this out to our LP using employees. It would need to be simple and fast, even as a less secure “special feature” for this exact scenario, people and organisations migrating from LP. We have some ~30000 employees, and we’re seriously looking at BW as a replacement,

If the existing password was stored in Bitwarden, you can easily retrieve it from the password history.

Ah. Even better, did not know that.

What process are you using?

The easiest is to navigate to the password change form, then open the corresponding vault item in the browser extension (open the extension, and click the “view” icon for the item at the top of the page) and perform the following tasks:

  1. Click the “copy” icon to copy your current password.
  2. Click “Edit” in the top right corner.
  3. Click the “Generate password” icon ( :arrows_counterclockwise:) in the password field, and click “OK” on the warning about overwriting your current password.
  4. Click “Select” in the upper right corner.
  5. Click “Save” in the upper right corner.
  6. Click the “Autofill” button.
  7. On the password change form, delete the value that was autofilled into the “Old Password” field, and use Ctrl+V to paste the old password that you copied in Step #1.
  8. Submit the password change form, and you’re done!

Sure, it’s doable, but did I count here 10 steps? What would it take to update let’s say 400 passwords this way? I would assume this could be cut down to 2-3 steps, like log in to site, go to password change form, click “update password”, and save.

It could possibly be made shorter, but I think a single-click “update password” button wouldn’t work, because web forms don’t use standard identifiers for the “old” and “new” password fields. Then there is the issue of how to customize the password settings — should that be a separate button? Where should the “update pw” and “customize pw” buttons be placed in the UI without creating clutter or pushing other important information off-screen?

Anyway, I’m not trying to be argumentative — the above questions/comments are for the purpose of encouraging you to flesh out your proposal. The more detailed and thought-out a feature request is, the more likely that some action may be taken.

1 Like

No problem, I probably should have spent some time thinking about this.

Spontaneously I see two ways to go about this:
a) create a special “update passwords mode”, for example under the generate passwords functionality. This would attempt to cut out as many steps as possible with first defining your pw preferences.

b) the other option is rethink the logic of the necessity to modify or customize each and every generated new password. There could be a path to do it, but the default should be to generate a replacing password based on previously set preferences. This would allow to simply generate and then save/replace.

In both models we could either display the new password or then not - even this could be an optional additional step. As such I find no need to know it as long as I can trust BW follows my preferences.

1 Like

Just curious, are all of those employees using a password manager for internal, individual company logins? Or external?

If internal, I’d look into a SSO solution and get it in-house.

1 Like

External, legacy and private. I think we have about 1200 apps in Azure AD with SSO. We block saving passwords in browsers, so a pw manager is an optional benefit for all, and naturally a necessary tool for many. As such we try to get rid of all username:password logins, but that’s a long journey…