I’ve just started with bitwarden and can’t find any answers to this issue.
I’m using Chrome, have imported all my passwords and installed the extension.
When I go to a site, eg, Amazon.com, I see the Bitwarden extension recognises i have an account here. However, chrome is also autocompleting my login details with my username and weak password.
How do I update my crappy password? I’ve tried generating a new one but the login fails.
Do I need to disable all the Chrome autofill options and login from fresh for each site?
My question now is how do I replace all the weak passwords with stronger generated ones? If I use the password generator from the chrome plugin, the site tells me it’s the wrong password.
I don’t want to have to change all my passwords manually. I know I’m missing something here though, so any help would be great!
Unfortunately, every online account has its own procedure for updating a password, and even its own set of rules for what would constitute an acceptable password. It is currently impossible to automate the password change process (no matter what you are using for your password manager), so there is no other solution than to manually go to each website’s password change page and set a new, strong password there.
Assuming that you already have a matching Bitwarden login item that you’ve imported from Chrome, then you can quickly access the vault item by opening the browser extension, and clicking the “view” icon (icon looks like a card with three lines) next to the item shown at the top of the page.
At this point, the most effective work flow is to complete the following actions within the browser extension:
Copy the existing password to the clipboard, by clicking the Copy icon next to the password field (icon looks like two overlapping squares).
Click the “Edit” button (upper right corner).
Click the Generate Password icon () to the right of the password field.
Click “Yes” in response to the “Overwrite Password” warning.
(Optional: If desired, make adjustments to the password generator settings. A good default is to set the password length to 15, with a mix of at least 1 uppercase letter, lowercase letter, number, and special character.)
Click the “Select” button (upper right corner).
Click the “Save” button (upper right corner).
Click the “Auto-fill” button at the bottom of the displayed item information (if you have a large notes section, you may have to scroll down to see the “Auto-fill” button).
On the website’s password change form, the new password should now have been transferred to all password entry fields (including the password confirmation field). If one of the password fields on the form is “Old Password”, then delete the new password from that field and paste in your old password (which you had copied to the clipboard in Step 1 above).
Submit the password change form.
It may seem like a long process when written out like this, but the work flow is quite natural, and you’ll get the hang of it quickly. If you get an error (because of the website’s password rules), then you should start over from Step 2 (do not copy the password again, since the password stored in Bitwarden is now your attempted new password). If you should lose the original password from the clipboard, you will be able to retrieve it from Bitwarden’s password history (open the item for viewing, scroll all the way to the bottom, and click on the number shown after “Password history”).
@Harpandu to update passwords using Bitwarden, you should be able to follow any website’s password reset (or change) process. I’ve used a similar process to what @grb pointed out usually without any issue. (I have uninstalled all old password managers, and have disabled the browser password managers.)
Usually the only issue I have is when a website doesn’t accept the new password (due to length or invalid special characters.) Pro Tip: If you run into this and need to access the old password, you can, while viewing the login entry, scroll to the bottom and click the number next to “Password History:” Bitwarden only saves the most recent 5 though, so don’t make the same mistake too many times in a row.
@grb, I’m going to try out your method next time. I’ve been using auto fill first (to get the old password in the fields) then copying the new password and pasting. Not a huge difference, but worth trying.
One difference is that with my method, the new password is never placed on the system clipboard, where it is vulnerable to clipboard attacks (since any process running on your computer has the ability to read the clipboard contents at any time).
) to the right of the password field.