I can’t speak for Windows, but on Mac, you can’t can’t log into a site from the app (aside from manual copy/paste, of course). You can launch a URL from the app but it won’t autofill in the browser. At that point, the app is merely as useful as a bookmark, more or less.
I just realize I use the app less and less over time. I agree with you that the app navigation is easier than the extension (which is more like a port of the mobile app), but I can’t think of an operation the app could do that the extension can’t.
The extension even allows to have multiple windows at the same time (!), which the app can’t do.
I’m a new BitWarden user and I have to say, I really like it.
I find it counterintuitive and frustrating however, that if I am logged in using the BitWarden application on the PC, when opening a browser and trying to login to say, Gmail, it does not recognize that I am logged into that vault in the app.
I have to log in AGAIN, within the browser. There is no check to see I’m already authenticated in the official app.
Enpass, for example, allows this. I can open the app and work within it, etc, then if I visit a website that needs a login, it checks if I have the App open and authenticated. If it’s been locked, it won’t let me. It’s quite simple, and facilitates integration between the app and the extension.
Further, I have to input my full master password each time I do this. I added a Yubikey in hopes that I could simply authenticate with bitwarden using my physical key. Avoiding having to enter that log tough password every time.
These are legitimate issues I have for fully embracing your software at the moment. To the point that even though I bought premium, I am considering moving back to Enpass until these get addressed. I find them to be that much of a standard option/ability I can get from Enpass, Lastpass, Dashlane, or any others.
I meant this to be respectful, and not a bash on the program. I legitimately like BitWarden and simply want to see it’s abilities mature.
Hopefully this is high on the todo list. No one get a PW manager so they can have to type their PW multiple times whenever they login. PW should reduce password entry requirements. This would go a long way.
I wonder if the Safari/macOS roadmap with universal extensions will make this easier as they’ll be compilable cross-browser…
Another ex-Dashlane user here. Really miss this feature, to the point of considering returning to Dashlane. I just want to do the auth via the desktop app and remain logged in until I exit Windows or explicitly log off from Bitwarden itself. Having to log in every time I re-open my browser is a pain, and I really don’t like using timed log-offs.
I too vote to have this feature added. I am a newbe coming from 1Password
When bitwarden is unlocked on your computer, one should not have unlock over and over again each time you open a browser. The browser apps need their own log in when they are on devices other than your main computer, like TVs, phones, or other devices. When on your computer the browser app should first look for an unlocked computer bitwarden app before asking to unlock the same app on the browser. Please eliminate this redundancy and you will make all your users very happy.
Other than that and a lack of duplicate finder and remover, this app really seems to rock!!! Keep up the good work!
This would be great. Really the only thing I miss coming from 1Password, and one of the first things I noticed when I tried Bitwarden. I still made the switch, however, because Bitwarden is otherwise excellent.
Is this possible as long as Bitwarden is an electron app? I can’t think of one that can communicate between across the system like that between two separate pieces of software, albeit one is an extension.
I use multiple web browsers simultaneously (Brave, Vivaldi, Edge, Edge Insider, etc.), and it’s irritating to have to unlock my vault on each one individually. I get why the vault is locked when I close a browser, and for cases where I don’t also have the desktop app installed, this is definitely my preferred behavior.
But I do know that on at least some web browsers, extensions are allowed to communicate with native desktop applications. (For example, the MEGA extensions can have the MEGAsync desktop app handle downloads instead of doing it themselves. And the extension continues to inform the user of download progress.)
So, if a user has the Bitwarden desktop application installed, it would be useful to have the browser extensions rely on the desktop’s state for whether or not the vault is unlocked.
A great thing will be to change extensions working scheme or add new kind of extensions that could works this way: instead of opening the vault with the browser’s extension, the main desktop’s application (for example: Bitwarden’s Windows desktop’s application) take care of the vault management and opens a communication’s channel with the browser’s extension that just take care of things like forms filling and saving new entries.
Keepass can do it with some plugins/extension. Roboform 8 works like this. Sticky Password too. That’s 2 examples but I believe that 1Password may do it also. Maybe more.
I think that it is far easier to care about memory’s safety on the fewer levels possible. If you keep vault into OS, you doesn’t have to look for browsers flaws at the same time as Os’s ones.
At the same time, you avoid having the need for opening the vault in RAM twice to work with the desktop’s client for some purposes that are easier with it, and, with the extension to browse through web. So, it is obvious that it is hardware’s resources saving.
Another advantage of this setup is that it may be useful to improve Bitwarden faster by focusing on actions specific to apps or extensions without the necessity of working the same feature twice. I could also add the fact that Firefox for Android addon would immediately benefits from it by enabling unlocking vault with fingerprints already available with the full app.
Finally, some security experts have wrote that encryption is not safely handle into browsers. It is considered that it is better to avoid browsers extensions to encrypt/decrypt vaults.
Here here. I highly second this. And I would also add that pin code login and theme and settings should also travel across devices. I find it counter intuitive to have to set up pin login in each browser on each device.
I gotta disagree on PIN login for the same reason Microsoft doesn’t do it for Windows: a shared PIN is inherently, and extremely, insecure. That said, I feel physical security keys are secure enough to replace passwords outright, and even more so if you had to use said key on a trusted device. (For example, instead of plugging my Feitian FIDO U2F key into my computer, send a notification to my phone and require PIN or fingerprint, PLUS tapping the key to the NFC reader.)