Search by password

Example: I have many accounts that are tied to my MS account and its credentials. However, I also have many accounts that use the same email as my MS account but are not tied to its credentials. So I can search for [email protected], but I still must remember which ones have a generated password and which do not.

I now realize that I could just add new URIs to the accounts that are synced with the MS account, instead of having a separate entry for each site. But that still leaves me in the “which of these are which” boat, since I can’t just look for all the accounts that are currently using the MS password.

I am for this. I’ve found exposed passwords with other services, which bitwarden does not detect in its own vault reporting tools. I think implementing a password search is critical and highly beneficial.

Search by password would definitely provide some additional use cases over exposed password or vault health reports. For example before using a password manager i used a very bad way of creating a password i.e Full-Name + an incremental string of 3-4 digits on each new website.Unfortunately a few days back i got to know that one of my passwords were exposed and that password too had the same type of pattern i used earlier.This certainly increases the risk of my other website logins getting compromised.
So it would be good to have a feature where i could directly search by a string starting with “…” in the password field without needing to manually export an unencrypted copy and searching for the required password.

Thanks for the additional information @Gaurav, for now, you can export and search the CSV as a work around.

1 Like

And if you use the Bitwarden CLI, you can use a shell command like this to print a list of the names of items containing the password = MyPassword:

bw list items | jq -r '.[]| select(.login.password == "MyPassword") | (.name)'

Or if you want to save that list to a file:

bw list items | jq -r '.[]| select(.login.password == "MyPassword") | (.name)' > MyFile.txt

4 Likes

I just added my vote to this request. It is a good idea, for reasons already stated. The suggested work-around involving a plain-text CSV export introduces security risks, and while I’m happy to see that there is a solution available using the CLI (thanks @dh024!), this method will probably be intimidating for many.

Even if an advanced search query of the form >login.password:MyLeakedPassword were required, this would be a very helpful feature.

Any news about this feature ?

If this feature doesn’t compromise password security then i’d definitely also be interested.