Password Encryption

Hi,

I have a question regarding the password sharing services. I noticed that when a password is shared with another user, he can utilize that to login to a service using your browser extension.

Now when that user calls the password on the login page, it may be well hidden within the Bitwarden itself, but, he can use the browser’s functionality “Inspect Element” functionality to view the password in the field.

Is there a way to stop this? Can we send an encrypted password?

Regards.

There is no way that I’m aware of to prevent a user from seeing a password once it’s shared with them. As you rightly point out, at some point the user must have access to the unencrypted password in order for it to be entered into a web form - websites wouldn’t accept a password that is encrypted or hashed.

2 Likes

Most websites will allow a password to be changed by anyone with the current password. So, even if the password were hidden, the user could just change it to one they know.

If you’re not comfortable with this then perhaps the user needs their own account on the website?

2 Likes