Password Generator Templates / Ability to preconfigure rules

Feature Requests Password Manager
, , ,
1

I would like to suggest a feature request. It is called Password Generator Templates.

Bitwarden has a built in password generator, for generating random passwords. this can be set for the whole organisation with minimum requirments.

I would like to be able to have multiple profiles or templates defined with multiple options. This has to be done on organisation level.
the current organisational password generator settings becomes the master template.

In a template you set following parameters

  • Name of the password generator template;
  • Minimum length of a generated password. (and optional maximum characters)
  • Predefined choice of what characters to use.

The reason to do this is to give endusers less choices; but still within the companys minimum set of rules for a password.

Users can then choose from a predefined set of templates, and even considering the link of a generator profile to a password entrie for future password changes.

2

A post was merged into an existing topic: Filter special characters in generated passwords per login

3

Hello,

Recently I made post about Password Generator Templates

Reading this post I want to ask for two new features.

  1. Password Generator Templates
  2. Password Generator Templates enforcement base on domain’s

1. Password Generator Passwords
I would like to suggest a feature request. It is called Password Generator Templates.

Bitwarden has a built in password generator, for generating random passwords. this can be set for the whole organisation with minimum requirments.

I would like to be able to have multiple profiles or templates defined with multiple options. This has to be done on organisation level.
the current organisational password generator settings becomes the master template.

In a template you set following parameters

  • Name of the password generator template;
  • Minimum length of a generated password. (and optional maximum characters)
  • Predefined choice of what characters to use.

The reason to do this is to give endusers less choices; but still within the companys minimum set of rules for a password.

Users can then choose from a predefined set of templates, and even considering the link of a generator profile to a password entrie for future password changes.

2. Password Generator templates enforcement
As the Password Generator templates should be organizationally set by the administrator, The enforment has to be done on an other mechanism.

  1. Domain list (URL based) centrally registered with admin’s determining the minimum password policy
  2. User option to overrule Password Generator Template, but only to a higher template with more restrictions, than set by an administrator for a certain domain.
4

Because your new post is just a refinement of your original idea (and had little overlap with the topic where you posted the follow-up), your comment has been moved into your original feature request thread.

5

I would like to deploy Bitwarden enterprise wide, but I have a feature I need to make any password manager useful our non-technical end users.

Like most enterprises we have domain name and/or urls and we use them for a lot of internal things. However some of those things use the same password as each other, some do not. For example:
(I am using semicolons instead of periods because the site is bitching about me using too many links… Whatever).

activedirectory;company;gov uses a users AD credentials, so I don’t ever want bitwarden to save credentials for that URL.

paysystem;company;gov is our horrid payroll system. Passwords have to be 5 charcaters, numbers only.

selfservice;paysystem;company;gov uses the same horrid password.

enroll;paysystem;company;gov users a 8 character upper/lower and numbers symbols except for # are allowed.

company;gov/photos is our company picture site that users can upload event pictures to, uses yet another unique ID/PW combo.

I would like to be able to preset these up so that users don’t have to know or understand the rules, the generator does and only makes passwords that will be valid for the url/uri. Or in the case of AD, won’t even offer to.

Sometimes we also have sites (SAS stuff) that doesn’t yet use our MS Entra ID for auth. We would like to preconfigure the generator to again, make passwords that are valid for the site, but as complex as we can make them.

I would like to set these sites up and be able to distribute them to users who need them or who we have authorized for them (LDAP lookup would be great, we assign a group in ad, lookup the members of the group and pre-populate these sites and rules).

Right now I can only justify Bitwarden for our IT folks because I’ve seen non-it folks struggle (I use it at home with my teen kids and wife and end up being techsupport), and we have a number of users who are mechanics, lawn maintenance, and other jobs that need access to some computer resources but are generally Luddites.

Anyway, if anything I said is unclear I’d be glad to clarify it…

Thanks
Alan Russell
CISSP

6

@Alan_Russell1 I moved your feature request (“Preconfiguring password generator rules and url/uri equivilencies”) into this existing feature request to the same topic. If you see the need for certain aspects that are not covered by this feature request, to have it’s own feature request - feel free to open a new one.

PS: Maybe you also want to have a look into this feature request: Remember Password Generator Settings for Each Login

PPS: I adjusted the title of this feature request from “Password Generator Templates” to “Password Generator Templates / Ability to preconfigure rules”.