Just a reminder - All Enterprise, Teams, Families, and Premium subscribers receive priority support at Get in Touch | Bitwarden
Inside Vault even after securing the password with re authentication, we can see the old password in the history which should not be exposed without permission.
Hi @Manoj_Rana - can you explain why this would be a security vulnerability, as you say? By definition an old password means it is no longer used as part of login credentials.
Yes, that’s exactly why I asked. Non-predictable passwords are disposable. You only expose yourself to risk if you are reusing predictable patterns or phrases.
I believe that the password history does have an important purpose. Imagine that you are about to change the password. You of course first make this change within Bitwarden so that there is no risk at all of losing the new password. Then while making the change in a program, on a website or for a service something goes wrong. This could be anything like a crash of your device, the loss of the internet connection, the browser timing out or the service not being available anymore in that moment. As a result you get stuck in a limbo. The password inside the password manager already was changed, but not the one of the website, program or service. For those ones you still need the former password. Thank god there is a password history!
You can easily look up the old password and try again to make the change. Something that could have been a catastrophic moment is reduced to a minor inconvenience.
So for me, password history definitely serves its purpose well. Many times I create passwords that are auto-generated and the password length or characters used in the password isn’t supported on a specific platform causing me to have to go back to the old password to re-enter a new supported password.
In regards to vulnerabilities, like they stated unless you are creating patterns or passwords that you can auto-generate such as monday01 tuesday02 style or even a 4-digit number then 5 characters things like some isp default router passwords, that would possibly then be a vulnerability but the first thing is they would need to access your vault so securing your vault should always be a priority and if they are able to access your vault the password history would honestly be the least of my concerns at that point.
It’s not even necessary for anything to go seriously wrong. Most password change forms require you to enter both the new and the old password. I believe the best practice is to copy your old password to the clipboard, then randomly generate and save the new password in Bitwarden, then autofill your new password (which typically fills the boxes for both the old and new passwords), and finally to paste the old password from the clipboard into the “old password” box and submit the password change form. However, it is also good practice to keep a short time-out setting for Bitwarden to clear the clipboard, so it is possible to lose your old password before you have the chance to paste it into the “old password” box. The chances of your clipboard contents timing out increase if you have to deal with issues related to the website not accepting your new, randomly generated password (as described by @pdsec). Thus, since you have already changed the password stored in the Bitwarden vault, you would have to retrieve your old password from the Password History (or from a vault backup).
Yes it makes sense and I agree the importance of the history. Then why not securing the history as well ?
Using your example: You never know how much would it take to recover the crashed device or website ? Till then the password would remain visible in the history.
Bitwarden is already giving an another layer of security for the current password by hiding it and seeing/editing it by re entering the master password, then why not history ?
Hey @Manoj_Rana if you are referring to the master password re-prompt, it is already being reworked to protect the entire vault item (not yet available).