I completely agree. The user is already providing three independent affirmations that they wish to change the password, by:
-
Clicking the
icon in the Password field, which by itself directly communicates an intent to change the password. -
Clicking Select to replace the old password.
-
Clicking Save to explicitly confirm that changes made should be kept.
And if a user somehow manages to unintentionally overwrite their password by completely sleep-walking through these three steps, then there is still an option to retrieve the previous password from the Password History.
Thus, the extra “Are you sure?” prompt — which now brings the total number of user affirmations to four — is completely superfluous (and as noted by OP, impedes efficient use of Bitwarden by requiring an unnecessary additional mouse-click).
I would further note that the UX here is inconsistent, since the “Are you sure?” warning does not pop up if manually overwriting the password, only when using the Password Generator.
If Bitwarden does not wish to eliminate this pop-up altogether, then I would propose two essential changes:
-
The “Are you sure?” pop-up should appear when clicking Select in the generator, not when clicking the
icon in the Password field. -
The pop-up prompt should include a user-checkable option for “Do not show this message again”.