Password (vault item) expiration date

Having an expired flag on a password would allow you to tell the different reports (Exposed, Weak, Duplicate) to ignore those Passwords as well so you could attempt to keep the report clean even with passwords you want to keep around but can no longer change.

I think there should be an option to set a reminder after 3 months, 6 months, etc. to change a password for security. BW can then send a reminder to a mobile device, put an exclamation point next to the entry that needs to be changed, etc. Just so that users who have not changed a certain password in a while will be reminded that it’s a good idea to keep them rotating.

Yeah, I guess this have been discussed here before. But for now, if you’re a premium user, you can use the security reports to check all the sensitive data that can be compromised and do it manually. I know LP offered that option with ease, but there are things with higher priority right now.

We can leave this open for just the alert function, and let the other thread capture the votes, etc. for capturing the expiration.

I wish to see this feature available as well.
my requirements:

1. I can set the frequently of password change reminder (3m, 6m, 9m, 1y). I can override the next password change date.

There are accounts that i hope to change frequently and some less frequently. So password policy should available for us to set. bw will notified us when we need to change password.

2. I can mark an account to have password changed soonest.

sometimes, we might need to use other people’s computer or public computer to do something. even though, we will logoff afterwards. But i wish to change the password as soon as i can.
So during login on to other’s computer, upon reading my password from bw, i wish to mark the account to have password change soonest. I can then change the password after back to my own computer, change them in 1-2 days, may be. etc.

Hi All,
I guess that would be a very good plus a ‘reminder’ to change the passwords stored in the vault, kind of deadline or expiration notice, maybe with a day counter field?

Thanks in advance.

Thank you for your post!

• Please [search for an existing topic]
  (Search results for '' - Bitwarden Community Forums) before posting a new one
• Please review the feature request rules before posting as well

Feature name

• Enter the name/concept of the feature being requested

Feature function

• What will this feature do differently?
• What benefits will this feature bring?
• Remember to add a tag for each client application that will be affected

Related topics + references

• Are there any related topics that may help explain the need and function of this feature?
• Are there any references to this feature or function on other platforms that may be helpful?

Which password are you referring to? Your Bitwarden master password, or the passwords stored in your vault? It’s actually no longer best practice to routinely change passwords - both NIST and the NCSC recommend only changing your password if you suspect it has been compromised.

Hi Danmullen,

Thanks for taking my post in consideration.
Despite of the guidelines, maybe you’re not aware that you’re password has been compromised. So my personal opinion is that the frequency you change a specific password must be directly proportional to the importance of the password itself.
This is just a personal idea.
Kind regards.

Can you add a change password reminder notification every XX number of days? Could it also be set for some entries and not others?

Thank you for your post!

• Please search for an existing topic before posting a new one
• Please review the feature request rules before posting as well

Feature name

• Enter the name/concept of the feature being requested

Feature function

• What will this feature do differently?
• What benefits will this feature bring?
• Remember to add a tag for each client application that will be affected

Related topics + references

• Are there any related topics that may help explain the need and function of this feature?
• Are there any references to this feature or function on other platforms that may be helpful?

I have recently switched over to Bitwarden and am trying it out to see if I will replace KeepassXC with it. The jury is still out. I was surprised to see the lack of ability to expire passwords. Keepass & KeepassXC allow you select an expiry date (options in days, weeks, months, years). The field is set when changing password and the default is none.
As others have noted, many sites, applications, etc., require password changes at regular intervals. Some of them disable/delete the account if the password is not reset within the time period. Not trying to be snarky, just pointing out the reality of the situation.

Hey @Nick_Fury thanks for trying out Bitwarden and for the feedback

Hi! Long time Personal Premium user, first time poster here. I just created a community account to vote and comment on this feature request.

In addition to periodic mandatory password changes, I think this would be very useful to add extra security to important accounts on services that don’t offer that option.

In todays age where you sometimes get access to sites for a limited time (trials, temporary access to course tutorials, soon to be decommissioned accounts (social media accounts who won’t be deleted right away), it would be cool to have an expiration/decommission date for created logins, cards etc.

If a login, card etc. expires, it would be cool to get a notification in the app, web extension to either keep/update or confirm to remove the stored credentials in Bitwarden.

As a long term KeePass user and trying out bitwarden now this is a key missing feature!
This is a must have.

Any updates on a timeline?

Thanks for the feedback @4c37l no updates at this time, but data from Bitwarden can be exported to provide additional reporting/notification capabilties SIEM and external systems integrations

Many services come with expiration dates. Why not have a date as a custom field that then can be questioned as a simple DB that shows all expiration dates across data entries in chronological order?

This would be really handy.
Creation, modification and expiration dates are all very handy.

Why do you need an expiration date? If you use long random passwords there is no reason to change it every so often unless you think its been breached. And if you work for someone that makes you change the password they’ll let you know when it expires the next time you log in. If you’re paranoid you could set up a calendar event on your phone to remind you to change all your passwords, but this is not needed.

Expiration date of insurance, credit card, driving license, ID card, passport, etc.

Add date as a custom field type. Including a date picker for mobile devices and the web interface.