Example: I have many accounts that are tied to my MS account and its credentials. However, I also have many accounts that use the same email as my MS account but are not tied to its credentials. So I can search for [email protected], but I still must remember which ones have a generated password and which do not.
I now realize that I could just add new URIs to the accounts that are synced with the MS account, instead of having a separate entry for each site. But that still leaves me in the “which of these are which” boat, since I can’t just look for all the accounts that are currently using the MS password.
I am for this. I’ve found exposed passwords with other services, which bitwarden does not detect in its own vault reporting tools. I think implementing a password search is critical and highly beneficial.
Search by password would definitely provide some additional use cases over exposed password or vault health reports. For example before using a password manager i used a very bad way of creating a password i.e Full-Name + an incremental string of 3-4 digits on each new website.Unfortunately a few days back i got to know that one of my passwords were exposed and that password too had the same type of pattern i used earlier.This certainly increases the risk of my other website logins getting compromised.
So it would be good to have a feature where i could directly search by a string starting with “…” in the password field without needing to manually export an unencrypted copy and searching for the required password.
I just added my vote to this request. It is a good idea, for reasons already stated. The suggested work-around involving a plain-text CSV export introduces security risks, and while I’m happy to see that there is a solution available using the CLI (thanks @dh024!), this method will probably be intimidating for many.
Even if an advanced search query of the form >login.password:MyLeakedPassword were required, this would be a very helpful feature.