Offline Editing (management of writeable vault items)

This is important! One of my gripes with KeePass is that there’s too many fragmented managers forked from it to use interchangeably among multiple platforms. If Bitwarden has offline management, it would be the ultimate manager!

1 Like

Offline Management is a key must have feature.

3 Likes

Will bump this since the ability to make adjustments and edits offline is a must have.

2 Likes

This is much needed feature. Please make it happen…

3 Likes

It seems that Bitwarden’s website went down for a while recently, and I was quite surprised and concerned that I was unable to save a new password locally while offline? Why is this not a feature, I’d say this should be a basic essential before even having an online sync implementation.

2 Likes

My own self hosted bitwarden instance went offline for awhile recently and I was totally unable to login to my vault or access any of my passwords, either on mobile, firefox plugin, or desktop (linux) app. This is really concerning because the #1 time when I need access to my passwords is when my self-hosted servers are going offline.

1 Like

I recently switched to BitWarden from KeePass for my personal, business, and family password management. I promised myself I would not “jump all in” (migrate everything to Bitwarden) until I’d tested all scenarios. I missed this one.

I absolutely need the ability to open my password vault, read passwords, and change passwords while offline.

As many others have mentioned in this three-year-old thread, many users perform maintenance to equipment while offline (or connected to VPN with no external network allowed) and must have login/read/write access to their vault.

The only “solution” I’ve seen offered in this old thread is “login to Bitwarden before going offline and keep a text note of passwords you’ve changed so you can update Bitwarden when you get back online”. Obviously, this is unacceptable. If I’m going to VPN into a customer to configure dozens of endpoints with new passwords (and possibly updated notes or other fields), I am certainly not going to type all of that into a text file and then transfer it all to Bitwarden when I finally have an internet connection. Beside the unnecessary back-and-forth, there is too high a risk of transcription or other errors. I’d probably just export the vault to an offline file, make changes there (using a less secure tool to edit the file), and import the results when I’m back online. At that point, why not just go back to KeePass or something else which allows offline edits?

I read near the start of this thread a Bitwarden employee mentioning how difficult it is to implement offline edit/resync. I can appreciate that, but I also know lots of other tools that must, do, and have implemented synchronization of offline edits with the online copy.

Even if offline edit/resync is clunky to start with, I need something to justify staying with this tool that does so many other things well.

3 Likes

@Tim,

FYI I am in the exact same position.
I ended up sticking with keepass with a file replicated on a per customer basis over VPN for work purpose.
Ironically I was looking forward to support birwarden financially by promoting its use for our company but ended up having to stay with our old keepass.

To be clear, handling conflicts has to be an excuse given the fact that numerous options already exist including the most simplistic: “hey it looks like merging your record conflicts with the server, which one do you want to keep (first only, second only, both)”. Furthermore, you can already run into this very same situation right now if you open bitwarden client from 2 separate devices and update the same record differently without refreshing the second device after the first update!

4 Likes

This is a phenomenally horrible situation. Lost WAN overnight. PC was sleeping at the time and for some reason had logged out of BW. Could not get back into bitwarden to access a number of router/service passwords to troubleshoot network issues. Had NO idea that offline login was impossible if for whatever reason your device is logged off. This is truly making us have to rethink our whole choice to migrate to BW and we are re-opening our selection process.

1 Like

Bitwarden did what you (or the Administrator) set up in the settings. Set it up like this and you will be safe the next time:

image

Why did you not use a device that was online ? Like a smartphone ? Or make use of your backup ?

It is mentioned in the help:

“Bitwarden client applications must be online to log in.”

Source: Vault Timeout Options | Bitwarden Help & Support

1 Like

OK. Thanks so much for your kind understanding of our frustration.

In fact those are the settings pretty exactly, short of using “unlock with PIN”. Vault would not unlock using password while offline. Vault unlocked fine only when connection restored.

Why didn’t I use a device that was online? Well, I also guess we missed the part of the documentation that said you need to always have mutliple devices / internet connections handy as a pre-requisite. I guess since we work in the field a lot in funny places with spotty service we should have multiple devices with BW clients on them at all times and preferrably multliple internet connections? Maybe satellite phones on hand? “Why didn’t you have 1 or 2 workarounds for the fact that the application doesn’t work as most people would expect it to” is what you’re really saying and seems like a lot of victim-blaming here for a feature gap. Like other users here have done, what I DID do is go to our previous password vault application, and luckily the PW’s needed were still current there. For our needs… the application must be able to unlock a local vault with the master password at any time without a connection, end of story.

And when i said we had no idea… I didn’t say its not documented. We just didn’t come across it, had we, as I said, we’d likely have chosen otherwise.

We will be reconsidering our current paid license and looking back at other products unless this behavior can be resolved.

1 Like

Hi @ComotoJC - I can understand the frustration here. I just want to make sure that it’s clear that the default setting of “Lock” on your Bitwarden clients does allow you to access any of your Vault items with just your Master Password - no problem.

5 Likes

@tgreer Thanks - if that is true then what we experienced this weeked was perhaps more in the form of a ‘bug’ than a feature enhancement but for sure that’s the client setting and it did not work.

We still support/desire the feature request nonetheless (what if this computer was off when we had the incident…) but I understand the difference between a logout and a lock and that the unlock is supposed to work.

1 Like

This needs to be on already.

1 Like

This problem, once discovered by the user, is a real deal breaker.
See, it can pop up in a situation like:
User changes a password, updates it in a browser extension just as their ISP has a tiny outage.
User gets an error “Fetch failed”, gets confused, alt tabs the window, extension drops the changes.
If the user doesn’t keep their password in their clipboard, it’s lost. Even short outages may result in losses and this turns BW into a landmine.

Don’t let 1Password own you with this feature. It’s a hidden one, yet critical for many of us.

7 Likes

I have also been caught by this (lost internet in the middle of creating a new entry). Luckily I had KeepassXC available. I don’t understand the reluctance of Bitwarden to implement this functionality. I can only assume there is a weakness in their sync implementation.

I love Bitwarden and i’m a paying customer but not having proper offline capabilities is a deal-breaker for me. Too many times I needed to save/retrieve a password while being offline and was unable to.

3 Likes

Same here - I was going to be a paying customer but I use my password manager (Keepass) offline all the time and need to be able to access other data stored in it and without reliable offline access I can’t switch. I also keep credit card numbers, personal ID info, etc which I need to be able to get to without internet access.

2 Likes

I just bought a paid version of bitwarden but forgot to look at this case. Just assumed because something like KeePass has it then the paid version of bitwarden will have it 100%. It’s something I personally deem as really important.

2 Likes

Having come from KeePassXC (open source newer version of that nice offline password tool - being a big fan of it for its right purpose), gone into BW head first… let’s see how things happen in KeePass when you’re in a multi-user (or multi-device) environment. I solved this back then using Nextcloud (but you could also use Dropbox).
I regularly ended up with multiple instances of my keepassxc vault file in my folder because the file was open on different devices when I changed/stored a new password into my vault.

Now, we’re using it in our company with a few dozen employees, including a few non-technical students who can use the passwords but don’t have view access. Having 2 versions of the same login credentials, makes it more or less impossible for a “can only use” account to decide which one is the one to use.

Race conditions are oddities when you’re only with one or a few users. They will also only rarely occur in companies, but as they grow, the rarity will decrease. Just imagine lumping into a situation where a password reset needs to be done.

In the case of an online sync for a tool that affects 10 persons - as soon as the first person did the reset, (s)he can update the passoword, and the other 9 persons get the new password.

In the case of an offline situation, imagine 5 persons do a password reset and update their offline version of the vault. Now, 5 instances of the same login appear when these people leave their no-internet locations.Given all the powerful group policy features of bitwarden, offline sync can quickly become really difficult.

Do keep in mind though, that it will end up equally complex with a growing number of people if you want to use KeePass(XC) :scream:.

2 Likes