Log in with multiple Bitwarden user accounts

Second the simple account quick switcher option. It would at least allow you to retain the settings for each of the servers you need to connect to. I don’t mind having to re-auth for each but I don’t want to mix personal and business and also don’t want to have to re-enter all the settings each time :confused:

2 Likes

+1 for multiple account support in the applications.
Works OK in Chrome where I am using two different profiles for work and private and thus two separate extension configurations.

Sadly the desktop client and mobile phone app does not allow to switch easily between two self-hosted bitwarden servers with two different accounts. Only way currently is is by changing server settings manually each time.

1 Like

I think people generally want to use and remember one password. I already have multiple organizations where I have password managers in use - ok I can reuse the same password for all those password manager accounts. However it’s damn annoying to re-login or even use the browser profiles. Those who would want to use the browser profiles should be allowed but that should not be a reason for not supporting quicker switching for those who don’t follow such tight organizational policies to separate the personal and organizational accounts with browser profiles. But I see it also as a risk if organizations make it too difficult to use for a normal user they probably going to store the organizational credentials on their personal account anyway because the users just gets bored to switching. And there is currently no setting to limit the email domains the user who is invited could login with? I mean limited to sign up to Bitwarden with the organisation email only that was used originally? This is one of the aspwcts where for example LastPass has failed.

The above said, I would considering implementing the multiple account support the following way:

  1. A user may register as any user (it’s no matter if they are first registered as for personal user by signing up or organisational member by invited by other)
  2. The user can add any number of email addresses to his/her/it’s account. Pretty nuch the same way github does it.
  3. The organizational memberships can be associated with one of the organizations a user belongs to.
  4. When user saves a new password they would chose the personal/or organisation account where the password is stored.

But now I have to also say that where Bitwarden is bad at. Think about a situation when a user is removed from an organisation because their contract ends, is terminated or the member’s account is suspected to be hacked or there is high risk of it e.g. lost device like lost laptop or mobile phone. Then what the organizations CIO wants to happen? To close all work related accounts the employee had or transfer the accesses to another person(s). Currently Bitwarden does not support that for those vault items that were not shared.

So I think it would make a lot of sense that if a user is removed from an organisation then they would loose all access to the vault items of that organization. Currently Bitwarden does not do that - it only removes access from the shared items. As for second additional feature, the organisation manager or someone in the organization IT management should able to be see where the organization members have created accounts to be aware of those - there could be a list by person and the event log could show whenever an organisation member had created access to a new system. In many organization they are not aware what accounts they have and where.

If Bitwarden would work like I described it would be actually jumping to a whole new level of business because instead of it being a password manager it would be organizational access management tool:

  1. you know where your organisation members have created accesses regardless if an organisation member have created it or its a shared password. Just a note I think creating shared credentials is usually a bad practice and many organization policies might disallow them.
  2. When you need to remove organisation members, you know you can take their access away from all the systems they had earlier access to and potentially transfer the access credentials to another person in the organization. Now you might say that it actually does not remove the access from the target systems but at least when an organisation has the list of places their member had registered, they could more easily then go every system and remove them manually or via API integration level.

What comes to the actual password policies (how long and complex passwords, what is their expiry/change frequency) and use two factor authentication could be also be set per organization basis and I don’t see a big conflict in that area as then the user just have to follow those policies even accessing their personal “space” in the password vault.

4 Likes

I was really surprised to find out this is not the #1 issue on the forum here. Multiple profiles in the browser is good but not having multiple profiles available in the desktop app or the mobile app is a big deficiency for me. Thanks for a great product but it would be so much better with quick switching of personal and work related profiles. I really like the way that MyKi handles this, you can switch profiles in all of the apps (desktop, browser extention, mobile app) in two taps.

3 Likes

At now, as workaround, you can clone browser webextension and use two extensions in one browser, more info is here https://github.com/bitwarden/browser/issues/1058

2 Likes

Linking two accounts and allowing to access all your secrets this way is fine if one only uses one Bitwarden service or server. But in some cases it’s required to access to fully distinct installations of Bitwarden (i.e. private + business, or “customer 1” and “customer 2”).

So enabling the Bitwarden clients to handle this kind as some sort of “Profile switching” or “identities” is key to allow such use cases.

1 Like

First you should be able to login and switch between multiple accounts. If you work with multiple companies that use Bitwarden, you should be able to use three Bitwarden accounts without having to carry three different phones!

Linking accounts so that one account give you access to another is convenient, and if you are going to store you company password in you personal password store, then there is no difference in security whether you have to use that password manually or ‘one-click’ or automatically. But that’s down the road feature if you don’t have multiple account support in the first place.

1 Like

It’s on the roadmap :slight_smile:

4 Likes

I would be able to signin as multiple accounts in the App, as I have both Personal & Business Account

1 Like

How is this feature named in the roadmap? Could not find any. Or was it implemented already?

Its called Client Profiles on the roadmap

Roadmap

2 Likes

Certain Google mobile apps like G-mail and Drive allow users to quickly switch between accounts just by swiping down on their profile pic or the letter icon. I find this feature really handy. Its really convenient to use. Maybe BW can implement something like this?

I can agree with most of the posts before mine.
I’d like to switch within the between my personal (not linked to a corporate) account and my corporate account. I love to use Bitwarden in any way on my computer and mobile and fucked up to need another password manager where I can store my personal stuff. Please change that!