How to prevent Bitwarden from inappropriately filling-in username and password fields on pages that are not logins

Ask the Community Password Manager
,
1

My company uses ITGlue, which allows us to securely store credentials, that is username and password data.

When I edit a credential record, Bitwarden stomps all over the existing data in the username and password fields with my personal data. This means that the changes I want to make to other fields cannot be saved because the username and password fields have been defaced.

Has anyone experienced this, and found a way to prevent it?

Thanks!

2

Hi @EricMorin and welcome to the community,

I have recently ran into this similar issue with some logins, particularly with financial institutions which insist on having consumer and business logins on the same landing page, which caused my login credentials to fill in both forms. :unamused:

  • I was able to conquer this with the use of custom fields in the Bitwarden login that is matching (in your case most likely your work ITGlue user login credentials). Bitwarden will try to match and auto-fill on a number of fields that may be used for login such as email or username, and password.
    For tricky auto-fill scenarios the use of custom fields as linked above can be used as likely the HTML <input> tag may differ between the login page and the records you are changing.

Aka you can use Copy Custom Field Name to match the field with your current ITGlue login, and simply leave that custom field value blank

  • Another option may be to check your current match detection for URIs for the login stored. If the landing page and the subsequent pages where you access user records differ, then you may be able to change the URI stored in the Bitwarden login or better adjust the match detection for that URI so it will only fill on the page you want.
  • Lastly, given this statement it appears to me that you may be using a default of auto-fill on page load, in which case you can either change the global default for your browser extension client, or also adjust the Auto-fill on page load (if set up in Options) setting for the individual ITGlue login stored so it does not automatically attempt to fill these fields when editing a records in ITGlue.
    As seen below
    2023-04-25_12h51_04
    2023-04-25_12h51_04361×138 6.71 KB

If you do ultimately disable Auto-fill on page load either globally or for the login, you should still be able to auto-fill your login for ITGlue stored in Bitwarden on-demand. Either with the use of keyboard shortcuts, manual auto-fill, or the use of the context-menu as detailed in the above linked auto-fill Bitwarden Help article.

I hope this information helps and assists you with your issue :slightly_smiling_face:

3

I agree with @cksapp.

Your first recourse should be to ensure that the URI that is stored for your ITGlue login credentials only matches the actual login page (using a URI match detection setting set to Exact or Starts With), and that Bitwarden does not match this vault item to any of the interior pages of the ITGlue site (i.e., you should not see a badge counter on the Bitwarden extension icon)…

If that is not possible, the second recourse should be to define custom fields that are matched to the login form input fields, and leave the standard username/password fields empty in your vault item for ITGlue.