Option to toggle note visibility per item

Feature name

  • Hide notes on item view (first time)

Feature function

  • Problem
    You may store confidential (extra) data in the “notes” section of your password. For instance, I save my Txn PIN in my note. So if I’m only seeing the item, notes should be hidden or disabled & must require a master password to view (if enabled).

  • Solution
    Sometimes, we are accidentally showing our vault details to our friends/colleagues. So in that case, if the above feature is approved, will be great firewall :fire:

Related topics + references

I agree. I want the ability to toggle the visibility of notes (hide by default). I often use this section to save the security questions and answers that some login systems use.

Yes please. I came here from LastPass and all my imported notes are now visible in the browser extension to anyone who gains access to my computer. I have security question answers and access codes, as users here have mentioned.

Added to this, the way LastPass works is that to actually see the password characters you have to enter your master password again. This is how notes should work as well.

For this I use “hidden” custom fields.
For details see here: Custom Fields | Bitwarden Help & Support

Hidden custom fields help, but I also have various instances where I need to type a paragraph or two. Those custom fields seem to only allow one-liners.

Another Lastpass refugee here. I think this should not even be a feature request but a bug report, as the behaviour is different from how it is described in the documenation. I submitted this bug: chrome extension does not ask for password for note even though 'Master password re-prompt' is checked · Issue #4448 · bitwarden/clients · GitHub

I think all fields containing potentially sensitive information should be hidden by default, in the same way passwords are - the overriding principle should be secure by default. Typical use of a login item should not even need access to the note, so it doesn’t matter if it is an extra click to view it. Similarly with secure note items - just browsing through the items should not immediately show their sensitive contents. Maybe there could a default setting to toggle this if some users do really want the existing behaviour, but I think that the default should be to hide.

Note that I’m also an ex-LastPass user, and so now my notes that were hidden in LastPass are no longer hidden in Bitwarden, and only noticed that when I just created a new item with a secure note - I did not even notice for a few days, which could have meant that I might have accidentally leaked some information (e.g. while screensharing). I think that there should at least be a warning about this during the import process until the behaviour is changed. I do really like Bitwarden in general though!