Option to hide email reference from the UI

In some cases, it is actually very useful to have at least part of the email address shown, and in other cases it is certainly not.

Similar to what @TheArcticGiant expressed, I recommend having multiple options:

1. Logged in as [email protected]
2. Logged in as exam***@e***.c***
3. Logged in

The big difference with what I am proposing as compared to @TheArcticGiant is that item #2 provides more information to cue the user as to the email address being used without completely revealing it.

Of course, it’s only about 4 more lines of code to fully support both this request and the one made by @TheArcticGiant, as the requests mostly overlap.

Pesky details: I didn’t want the above message to get lost in a bunch of somewhat minor details, so I’ll mention them separately down here in this postscript.

For item #2, you can use:
a. the correct number of asterisks (masking 1:1 the remaining characters in the email address and domain name)
b. a constant fixed number of asterisks
c. a random number of asterisks, perhaps from 3-6
d. ellipses instead of asterisks

Obviously, for maximum flexibility, allow the user to decide; for minimum time spent programming and testing, pick one and hope users don’t mind too much (ideally, run a UX study first, but I doubt this represents a big enough priority that limited resources will be spent on real science).

If you or the user chooses #2b or #2c (both do not use the correct number of asterisks), consider an info button or help string to indicate this fact.

If you or the user chooses #2c, I recommend using the same random number of asterisks in each section of the email address, and not vary between them.

If you or the user chooses #2d, which I think is one of the easiest and cleanest solutions, my only concern is that since all email addresses contain at least one period, distinguishing between ellipses and periods can present a significant challenge. I don’t recommend presenting the entire domain as just e…, as I think providing a cue to the correct TLD is important. A reasonable solution may be to use a different background and foreground color for the ellipses to contrast them from the literal characters in the email address. If you choose this technique, don’t forget to use colors that accommodate all forms of colorblind users (which isn’t very challenging in this case, because you can depend on additional visual cues provided by deltas in foreground/background contrast).

Each of these possibilities represents a tradeoff between obscurity and providing the user with sufficient information to recognize which email address is being used. Personally, I see advantages and disadvantages to each, but I lean towards #2d if you can make it look clear. If not, #2b or #2c work well if you can indicate within the UI that there is not a 1:1 relationship between asterisks and characters in the email address.

As an aside, I’m perfectly fine with the current implementation, but I understand that it’s not ideal for some other users, and the rationale behind their requests seems reasonable.

This is a serious account security issue.

still not fix.I need this feature

Hey folks - we have a PR from the community that will effectively allow you to show/hide your email. Redaction is also an option, but the issue is, some folks use the same emails, or the “[email protected]”, etc. - and it’s not super flexible if we always apply the same level of redaction to the email.

The thought is - what if we provide a nickname field for your accounts? This allows those concerned to name accounts in a manner that allows them to identify those that are logged in, but does not reveal the email (unless there is no nickname given)

Thoughts on this route?

I think that’s ideal. Great idea!

Agreed, a nickname is a good idea.

Any option sounds good as long as the email address is hidden

I understand that having the email displayed is a good idea in some circumstances. However, it is not a good idea in other circumstances. I can understand the difficult choices Bitwarden has in this respect, the current position is about the best compromise possible.

My solution has been to setup a second account, which has an email address which I don’t mind being exposed, associated with it. I’m just mulling over making it a paid account too, so that I can send files via it in a Send. So far it has only needed text.

Sorry for the belated reply. New job and some other stuff is reducing the time that I have free at the moment.

+1. Please support this feature.

Hi tgreer,

What about a checkbox to hide/show email?

Very Happy Bitwarden User,
Mike.
P.S. That’s what lastpass had and I would rather my email not show when the app is opened.

Hi all!

Just to clarify, what I really hope for is for my email to not automatically populate the field just because the app is opened.

Thanks!
Mike.

Well, in that case, since Bitwarden is highly tied to “security” and “safety”, it should classified to secure side. Just because some don’t care, like written their password on a piece of paper, it doesn’t mean that information is okay to be exposed.
Even in a single person house, such house can be broken in. We can go on and on with different circumstances and scenarios. However, this is a “PASSWORD” application, not a porn site. We, paying customers, demand that level of security. For non-paying customer, expose the email all they like. Consider it as a paid feature, then.

Lastly, this is not hard to implement this.

Masking the email is also a great idea. Just not expose the entire email like current setting. There a lot of prying eyes around us these day including spy cam and security cam. I am extremely uncomfortable to type in the password in the public if my email is also exposed.
FaceID, TouchID, Security Key are all great but in today’s world, it still comes down to type in password from the keyboard.

I understand your concern. Please note that what you mention is only true in some scenarios. In other scenarios, prying eyes and spy cams are not a concern (of if they are, you have bigger problems!).

I think flexibility is important to accommodate all the scenarios.

I totally agree with the person that says that this is a security issue and should never have gone unresolved this long. Honestly if I would have known I would have stayed with the password manager but I already paid. I cannot understand why no option to block e-mail address from displaying. It is Bitwarden that says you should keep this private. My old password manger had that as a option. I had at least that one has the option to hide it. Some people may choose to create a special email address just for the password manager and would not want that to be on the computer that anybody gets on the computer and clicks on the BitWarden icon and says the email address I think it’s very sloppy and that this is almost a year and not resolved. Make me wounder how many other issues that are not being resolved. Some people should have the knowledge to understand that it is a security issue I grant you it’s not a major one but it is still one of the chains and remember a fence is only as strong as its weakest link this is a weak link.
I truly hope this gets fixed soon, right now this shows me very sloppy work on BitWarden part. Not for the mistake but not fixing something that should not be that difficult to fix. thank you

I agree with you and this should of been fix a long time ago.

In addition, when I locked from the mobile app, desktop app or web browser. It will display “Your vault is locked. Verify your master password to continue.”
Below, it will show “Logged in as on bitwarden.com”.

My email address is expose everywhere. Masking the email address is necessity from prying eyes. Please address this issue.

Thanks development team!!

Agree, but this needs to be enabled by a setting and not by default. There are many valid reasons to have this information shown by default.
Also, this info is already stored in plaintext in your locally cached vault (needs to be) so it doesn’t protect you from anyone that has access to your device. Especially if you don’t use full disk encryption.

That’s exactly my point. Different people have different needs. It is not about one size fit all. Any security concern should be addressed.
Like plaintext stored in local cached is something we should be concern about as well.

So, let’s fix one issue at a time. I am not asking for perfect, just progress.

The plaintext stored in the cached file is needed. Even 1Password stores certain plaintext in the cached file, like email address. So if it’s needed and will remain there is little additional risk to having it displayed. Securing the desktop/workstation isn’t Bitwarden’s responsibility.