By adding an option for location-based vault locking, passwords will only be required when outside of a specific location. I would imagine the main use-case would be for work-from-home rather than office-based work. When users are working from home (where security is less of a concern vs working in an office), they’re not having to type their password in regularly. When the device is removed from that main location, the vault locks itself. At the moment, I have to decide whether I want the inconvenience but security of constantly locking the vault, or after 1 hour (which has some risk to it, but still quite a lot of password entering across a day/week) or 4 hours (which is very risky in case it were to be stolen or I’m working away from home).
I think this would be a great addition for all platforms, but particularly for laptops using both the desktop app and the browser extension.
How would the phone determine the location? Being connected to a particular WiFi network, GPS location?
Personally I have a PIN on my phone and a different PIN to unlock Bitwarden, both with timeouts. As I’m not that likely to be attacked by a well-resourced opponent that is probably enough to keep casual thieves at bay, at least until I use the remote wipe facility in my security software.
I have not tried it, but this has the ability to remotely locate, lock, wipe or send a message to my phone.
I would imagine it could be either - GPS or when connected to a specific wifi point? In the same way that when a website asks for permission to know your location and you click yes or no, BitWarden would ask for similar permissions to enable the feature and then you’ve got location info triggering the locking and unlocking of the vault - I’m not sure if this is usually done via IP address or GPS, or a combination of the two.
I wasn’t thinking of it as a GEO block though, only that it would be automatically unlocked when in a specific location (at home, for example). Similar, but not the same? When out and about, I’d probably still use the existing locking features (15 mins, say), but once I’m home at my desk it is automatically unlocked after an initial sign-in, unless I manually lock it, shut down my computer or close my browser.