Login to browser extensions when logging into desktop app and vice versa

Any ideas if this is being looked into? Original post is 3 years old and it’s still being requested to this day.

1 Like

I’m guessing I’m blissfully unaware of the complexities of implementing this but this is such an obvious QOL/usability improvement.

I wish Bitwarden would recognize that not all of us have the same risk profile and/or have different degrees of risk tolerance.

Personally, I’m fine with a 4 or 6 digit PIN + Yubikey. I prioritize convenience. I’m just a low profile dude that wants to protect my low profile accounts. I don’t manage millions.

Why the extension and the desktop app doesn’t handshake, who knows? Do they dogfood their own product? If I was the CEO of Bitwarden, or even just a QA dude, sign into Windows with Windows Hello, and upon launching your browser, have to immediately sign into Windows Hello again, would think that this is really annoying.

I open the local desktop app to make some changes. Remains unlocked. Go on the web, enter the keyboard shortcut to autofill, got to unlock again. Why so much unnecessary friction? You’re protecting nothing. Desktop app is unlocked for the person logged in to see. Requiring me to do it all over again for the extension is a pointless exercise.

1 Like

Background

There are a couple of issues that stem from the current design of Bitwarden.

Desktop, cli and web extensions all have different vaults, so you have to manage login and syncing for them separately. I currently have five different instances (desktop app, two different browsers, bwcli and a linux-kde-krunner)

AutoFill on desktop isn’t working well. There are also requests for other features that are currently complicated.

Writing extensions or separate solutions on top of Bitwarden is currently not very easy. bwcli is usable, but you have to handle too much your self. And, it is very slow, which I don’t think is solvable in current solution.

Suggestion

I would suggest having one service running in the background on the desktop. It would handle unlocking and syncing and have an interface that applications can connect to.

Desktop applications, web extensions and autofill features would only care about presenting, skipping handling of vault and login and syncing.

There are multiple services I can see built on this: autofill, secretservice, kwallet, krunner, web extensions, cli, gui, ssh agent. This would simplify much for the community and other external parties.

An example is KeePassDX, which made it a bit different, and made their desktop client a master (a service) for web extensions, secretservice, ssh and more, but I think a UI-less solution would be more extendable and less messy.

Some thoughts on how I currently would try it out

The interface is probably the hard part to get it right, so discuss this in length, and keep the discussions public.

For interface, I would use something that web extensions can use on all platforms (if it is safe enough), I think that is the most limiting connection. I don’t know if there is a common way to handle this on all platforms.

It would be good if the interface also included a way to start the service.

There may need to be two different web extensions, one complete (current), and one thin.

2 Likes

Please implement this feature. I’d like to have my browsers unlocked if the desktop app is running and unlocked. It’s simple.
Coming from Keepass, it’s a feature I really miss.

1 Like

Running W10.
I run the BW extension in 4 browsers but do not run the desktop app.
I would like the BW unlock/lock to take place in all my browsers when I unlock/lock any one of them.
Seems like all the Bitwarden competitors already do this - why not Bitwarden?
And it’s been years since this feature was first requested by many - why the huge delay?
Is it scheduled for implementation?

1 Like

New user question…
For years BW users have been asking for feature that your pw competitors already offer. For browsers we are running with the BW extension on a given device when we unlock the extension in 1 browser we want it unlocked in all of the browsers. When will BW get it done?

1 Like

Scenario:
Broswer 1 Edge + Bitwrden extension
Broswer 2 Chrome + Bitwrden extension

It would be nice to have some system-level helper that would manage Bitwarden logins across multiple browsers, so we don’t have to log in multiple times (now we have to login into each browser separately).

BTW AdGuard is using a similar mechanism where paid version have this agent working on the system level and communicating with browser extension across all brosers

1 Like

At the present time, it is a bit inconvenient for me to have to lock two different apps, or unlock each of them.

If possible, being able to log in once to Desktop, and having those credentials unlock the browser extension would greatly improve convenience. The same can be said for locking the desktop app.

1 Like

I was wondering if there was any update on this?
Every Password manager that I have used in the past which has come with a desktop app has allowed me to unlock the app which automatically unlocks the browser extensions.
Similar to a few people above, I use different browsers and it can be teadious constantly having to unlock the browser extensions.

I appreciate that this functionallity might not suit everyones needs but even if there was an option to turn the feature on/off, that would be great!

I have used basic password managers that come with AV packages (Kaspersky/Bitwarden) and these give a similar functionality

3 Likes

Newbie from Lastpass here.
First thing I noticed after installing Bitwarden was the lack of cross browser login status sharing.
I’ll try to be patient while evaluating the rest of the product, but I do think that particular feature is a necessity.

I’d also like to see this, but with the addition of the CLI as well.

3 years has passed, seriously??

It is such a shame that this feature does not exist. Since I close my browser too many times a day I can’t quite use the browser app and always have to copy and paste everything through the desktop app.

Can we donate for this feature request to be prioritized?

1 Like

New premium user here, there are a few things I still need to wrap my head around, but so far I must say it’s a great app.
The only thing I can’t understand is why this feature is missing!
We really need a universal login button!! :pray:

i need this feature too… :slight_smile:
why does it take so long? every pw manager i used has this thing implemented… :smile:

That’s the only thing our company stops to use Bitwarden instead of LastPass. I know LastPass is trash, but as far LastPass offers nearly the same funcionality. That would be a real best seller.

Feature name

  • Global unlock

Feature function

I have Bitwarden desktop installed. I also have the bitwarden extension installed into Firefox and Wavebox. I have to unlock the bitwarden vault three times, if I want to use it on the desktop and in Firefox and in Wavebox.
IIRC Lastpass had a feature that, when the LP desktop application was installed, unlocking that would automatically unlock the browser extension(s) too.
It would be nice to have this feature in Bitwarden, too.

Any news on this?

This is difficult to solve in a secure way due to various platform limitations.

Currently we require a user interaction to ensure it was initiated by a user. If we remove this then any application on the computer could potentially retrieve the decryption key and use it to gain access to the vault data.

I have given this a little thought.
Could the extension initially always start with the “never” lock (override provided the master has been entered at installation?).
(if no internet access or no sync available lock immediately)
Then once the vault has been synced read a set of entries from the vault with desktop “unique desktop instance identifier” “current lock state” “desktop lock settings” "timestamp when last lock/unlock "
configure the extension accordingly.

The effect is to slave the extension via the vault to the desktop. A new configuration option to allow this.
Some thought would have to be given to what happens with multiple instances of extensions and or desktop application.

But it does open the possibility of having different browser instances with perhaps matching different desktop instances with for example different vaults.
The mind boggles with the possibilities :thinking:

The reverse could happen from the browser extension to the desktop version though whether that is desirable is another question