Is there is an option to share passwords with another user without seeing the actual password? (Secure password sharing)

Is there is an option to share passwords with another user without seeing the actual password?

I hope bitwarden has a Secure password sharing option without sharing the actual password, and that I can revoke the access anytime without the password being revealed and compromised with someone I do not know to check something.

Since the regular way, If someone has the password and to revoke the password I have to change the password, which is harder.

I’m not sure how this could be implemented. Once you have the password in your vault, you can enter it on a web form. It would be trivial to then retrieve that password. For example, you could let Bitwarden enter your password but let your browser save it. You could then retrieve the password from the web password storage.

3 Likes

I know many password managers have this feature.

I’m not saying others don’t have the feature, I just don’t understand how you could possibly keep the password a secret once someone else has the ability to enter it into a web form.

1 Like

I’ve never seen any password manager have this feature? The user could save the password, press the view button if the webpage has it, or go in the source code to reveal the password. Once it leaves Bitwarden it’s out of Bitwardens control.

6 Likes

There is Lastpass which has this feature but it’s not free anymore it’s for the family plans, and I did try it, no you can’t do what you mention with this.
for other password managers, it’s available on NordPass and StickyPassword and DashLane even a free plan can use this feature to securely share the password without even revealing it.

This feature should be added to the roadmap!

For those people who have used a password manager that offers this feature, how does it work? I’ve thought about this a lot and just can’t understand how any password manager could prevent someone from seeing a password after it has been shared with them. As I mentioned in an earlier post, what is there to stop me from allowing my browser to save the password after the password manager enters it into a web form?

2 Likes

DashLane explicitly say the password is visible when shared: Can other people see the password I shared with them? – Dashlane

NordPass sounds similar (but not quite as explicit): https://nordpass.com/features/secure-password-sharing

LastPass also make it clear the recipient can view it (Use the Sharing Center - LastPass Support):

When you share an item, regardless of whether you enable the “Allow Recipient to View Password” option, you should be aware of the following:

  • Savvy end users could potentially access the password if they capture it using advanced techniques, but LastPass will never be able to access this data because it has been encrypted using the account’s public key.
  • It is also possible to obtain shared passwords using another password manager.

So I’m afraid I agree with @danmullen I can’t see a technical way a password could be shared and then input to a website login without the capability for the end-user it has been shared with to view it?

5 Likes

Other players than Bitwarden launch and market features that sound cool and secure, but are actually not, it is pure marketing. Tech-savvy people will see through this, others are unfortunately fooled.
I believe this here is just one more example of that, sharing a string (password) without revealing it is not possible. There are several other threads here talking about other “security features”.

3 Likes

As an example reading from Lastpass Support: “Savvy end users could potentially access the password if they capture it using advanced techniques…”

I know kids who will figure this out faster that you can even read the article from Lastpass - and I would not refer to this as advanced techniques :smiley:
Here you go, this is how easy it is to reveal a “secure shared password”.

3 Likes