I created a new login for BW Community Forums. I had to use a different password than for BW. No separate record was created for the Community Forums, however. Nor was I prompted to save the login as a new login.
When I went to save the new login, however, it was going to save the CF password over the top of the one for BW itself.
How do I get BW to create a separate record for the Community Forum and not overwrite the record for just Bitwarden?
Presuming that “BW itself” is your master password, and that you are using it to login to the vault. If so, change the “website” on that entry to “vault.bitwarden.com” (instead of bitwarden.com) and set the match policy to “host”. This will keep it from trying to match on the community. You might also want to change the name to “Bitwarden - Vault” to make it obvious what the entry is for.
Then, click the “+” button to create a new entry for the community (perhaps named “Bitwarden - community”) and set its URL to “community.bitwarden.com”, again with “host” match detection. On this entry, store your community username and password.
After that, autofill should select the correct entry for each site and the name will give you a visual indication that things are behaving.
You’ve tagged this post as app:desktop, but I assume you are actually using the browser extension (if you are using the Desktop App, then that is part of your problem). This is what you can do in the browser extension, given that you have already registered for a forum account:
Unlock the browser extension (click Bitwarden icon and verify your identity using a PIN or biometrics).
Click (or the “Add a Login” link).
Type your forum username (Carl36) in the Username field,
Type your forum password in the Password field.
Find the URI1 field, and click on the icon to the right of the web address, then change the selection in the drop-down menu from “Default” to “Host”.
Click Save in the upper right corner.
In addition, as pointed out by @DenBesten, you should edit the existing vault login item for “BW itself” (presumably the web vault — https://vault.bitwarden.com), find the URI1 field stored there, click on the icon to the right of the web address, and change the selection in the drop-down menu from “Default” to “Host”, then click Save.
Perhaps a slight digression: I am mystified why people store their vault password in their Bitwarden vault. Mechanically, you can think of it as storing the combination to your safe in your safe. It means that exactly when you need it, you won’t have it, unless you store it elsewhere also in which case what was the point of having it in the safe?
There was a case of this in the forum in about the last week. “My combination is securely stored in the safe, and I’ve forgotten it. What can I do?” (paraphrasing).
Relevance to this thread is that if you do not have your vault password in your vault, there can be no over-writing or confusion with the forum password.
Simplifies logging in to the Web Vault, by making it possible for the browser extension to auto-fill the Web Vault login prompts.
Some users prefer not to record the master password in an emergency sheet. Instead, they can use their emergency sheet to document the password for a vault backup, and then (in case of emergency) extract the master password from the backup.
The first use case is fair. The second I see as an instance of having an external copy. If I were to pursue my ‘safe’ analogy, then you have a second safe with a different combination to store the combination to the first safe, and store this second combination externally. This is simply a layer of indirection, equivalent to an emergency sheet in the first place.
Adding: there are other sound reasons for having a second encrypted copy.
Not disputing this, but as you noted, vault backups should be made regardless. Backups should be encrypted, and the encryption password should be recorded on an emergency sheet (or equivalent “external” storage). Thus, saving the master password in your vault allows you to omit the master password from the emergency sheet.
I don’t use this approach personally, but I know that there are some users who prefer it.
I indirectly have both of those things, but not as a primary recovery mechanism. I have one emergency sheet, that has all the critical things, including my safe combination and master password. Identical copies are stored in my vault, on an encrypted offsite USB, on an unencrypted USB in my safe and on paper in my safe.
Since it is not harmful to keep the combo in the safe, I see no reason to increase the odds of typos by maintaining multiple unique emergency sheets.
Another thing to consider is that an emergency sheet could potentially contain a typo or become outdated. Since you “never” use it, one would not know it is bad. The copy in ones vault that they use to login to the webvault has been tested recently enough to know that it works. So, being able to look into the backup becomes a “Plan C”.
When it comes to disaster recovery the more options available, the better.
Imagine the 2nd safe belongs to your parents or your attorney. It is then available if you forget your combination or when your executor settles your estate.
@DenBesten, I did not claim it was specifically harmful, except where you have no additional copy. I questioned the utility where you do have an additional copy.
Of course. I keep no emergency sheet myself, for the deficiencies you described. My wife and children (the latter in two other cities) have an encrypted file (phrase well known to them) containing three entries. With those keys they have access to everything necessary under any circumstance short of two continents being obliterated in which case we may have other concerns.
Each person to their own style. I am not claiming there is a serious issue with keeping your Bitwarden password in Bitwarden. Some like to simplify their vault login that way as grb noted. I am observing that keeping either the Bitwarden pass-thing or other primary key-thing in Bitwarden itself adds no utility to that contained in the backup steps otherwise described. The risk is that people can forget that storing in Bitwarden itself is not a backup, as happened recently here.
Thank you for all of the suggestions and interesting discussions.
Here are a couple of updates and clarifications:
(Spaces have been entered to avoid creating links.)
I did change the item name from “bitwarden. com” to "vault.bitwarden. com. So login titles of “bitwarden. com” and “community.bitwarden. com” are not used in the Vault.
I have decided to put the login for bitwarden. com in the Vault – that is my decision.
When I login to the Community, I enter the separate password for the community, not the vault.
I am then asked if I want to save the “Update” to the vault, which brings up the item record for “vault.bitwarden. com”.
If I enter the password for Community, it would update the record for the Vault – leaving it as an incorrect record.
WHY does Bitwarden not separate the Vault and Community records, since it requires the Community to be a separate login and password?
It seems to me that since login information for “bitwarden. com” and “community.bitwarden. com” do not exist in the vault, creating a new item in the vault should be the natural effect of what is required to happen for the Community login – not revising or updating the item titled “vault.bitwarden. com”.
This seems to me like a “bug-not a feature” instead of “a feature-not a bug” situation. If a separate login and password are required for the Community, then Bitwarden should not be asking to update the Vault record. The two are required by Bitwarden to be separate. A new record for the login community.bitwarden. com should be automatically created.
Edit the vault.bitwarden.com entry. There is a box labeled “URI1” and containing the full URL. To the right is a gear-icon (). Click it. This will bring up a menu that says “Default Match Detection”. Change it to “Host” and then click save. This entry will no longer match the community.
“Name” is freeform text; you can put whatever you want in it because it is not used for anything by Bitwarden. When looking for a “matching” vault entry, Bitwarden uses the URI 1, URI 2, etc. fields. This help article describes it in more detail.
It’s a feature. Bitwarden is built to be flexible, to be able to meet the needs of different users. For most users, the default configuration of the browser extension behaviors works perfectly well. If the default behavior doesn’t suit you, then you have to customize the configuration to your liking.
In your case, you’re expressing a preference for having Bitwarden automatically distinguish that vault.bitwarden.com and community.bitwraden.com are two unrelated entities, and act accordingly (offering to save passwords separately for each site).
This is not the default behavior, but you can easily make Bitwarden conform to your expectations, simply by going to Settings > Auto-fill and changing the value of the “Default URI Match Detection” option from “Base Domain” to “Host”. Try it!