Option to hide email reference from the UI

In some cases, it is actually very useful to have at least part of the email address shown, and in other cases it is certainly not.

Similar to what @TheArcticGiant expressed, I recommend having multiple options:

  1. Logged in as [email protected]
  2. Logged in as exam***@e***.c***
  3. Logged in

The big difference with what I am proposing as compared to @TheArcticGiant is that item #2 provides more information to cue the user as to the email address being used without completely revealing it.

Of course, it’s only about 4 more lines of code to fully support both this request and the one made by @TheArcticGiant, as the requests mostly overlap.


Pesky details: I didn’t want the above message to get lost in a bunch of somewhat minor details, so I’ll mention them separately down here in this postscript.

For item #2, you can use:
a. the correct number of asterisks (masking 1:1 the remaining characters in the email address and domain name)
b. a constant fixed number of asterisks
c. a random number of asterisks, perhaps from 3-6
d. ellipses instead of asterisks

Obviously, for maximum flexibility, allow the user to decide; for minimum time spent programming and testing, pick one and hope users don’t mind too much (ideally, run a UX study first, but I doubt this represents a big enough priority that limited resources will be spent on real science).

If you or the user chooses #2b or #2c (both do not use the correct number of asterisks), consider an info button or help string to indicate this fact.

If you or the user chooses #2c, I recommend using the same random number of asterisks in each section of the email address, and not vary between them.

If you or the user chooses #2d, which I think is one of the easiest and cleanest solutions, my only concern is that since all email addresses contain at least one period, distinguishing between ellipses and periods can present a significant challenge. I don’t recommend presenting the entire domain as just e…, as I think providing a cue to the correct TLD is important. A reasonable solution may be to use a different background and foreground color for the ellipses to contrast them from the literal characters in the email address. If you choose this technique, don’t forget to use colors that accommodate all forms of colorblind users (which isn’t very challenging in this case, because you can depend on additional visual cues provided by deltas in foreground/background contrast).

Each of these possibilities represents a tradeoff between obscurity and providing the user with sufficient information to recognize which email address is being used. Personally, I see advantages and disadvantages to each, but I lean towards #2d if you can make it look clear. If not, #2b or #2c work well if you can indicate within the UI that there is not a 1:1 relationship between asterisks and characters in the email address.

As an aside, I’m perfectly fine with the current implementation, but I understand that it’s not ideal for some other users, and the rationale behind their requests seems reasonable.

3 Likes

This is a serious account security issue.

1 Like

still not fix.I need this feature

Hey folks - we have a PR from the community that will effectively allow you to show/hide your email. Redaction is also an option, but the issue is, some folks use the same emails, or the “[email protected]”, etc. - and it’s not super flexible if we always apply the same level of redaction to the email.

The thought is - what if we provide a nickname field for your accounts? This allows those concerned to name accounts in a manner that allows them to identify those that are logged in, but does not reveal the email (unless there is no nickname given)

Thoughts on this route?

8 Likes

I think that’s ideal. Great idea! :+1:

2 Likes

Agreed, a nickname is a good idea.

2 Likes

Any option sounds good as long as the email address is hidden

I understand that having the email displayed is a good idea in some circumstances. However, it is not a good idea in other circumstances. I can understand the difficult choices Bitwarden has in this respect, the current position is about the best compromise possible.

My solution has been to setup a second account, which has an email address which I don’t mind being exposed, associated with it. I’m just mulling over making it a paid account too, so that I can send files via it in a Send. So far it has only needed text.

Sorry for the belated reply. New job and some other stuff is reducing the time that I have free at the moment.

2 Likes

+1. Please support this feature.

1 Like