Through the recent Bitwarden user research study I realized that our company uses bitwarden quite differently than most companies would it seems.
We do not supervise employee and don’t isolate the in the typical marketing, development … islands.
While access to all password is limited at first through collections/groups, our employees are free to ask around for existing logins and request them at our administrators. They will than often be added without much hassle.
However it would be much easier if anyone could use the search function of bitwarden for this to see if there are credentials/notes available for their search that they don’t have access to yet and request it through the application
Self Service Access Request
- let member of a vault search for items they don’t have access to
- these search results are obfuscated¹ ² and cannot be used by members without access to that group/collection
- access can be requested through the bitwarden application/web vault/extension³
- administrators and/or owners are being notified by mail, that someone requested access to an item
- admins/owners can see details about the requested item’s group and collection
- admins/ owners can deny the request or choose to add the requester to either the item’s group or collection
¹ a message is being displayed : “there may be X results for your search, that you don’t have access to”
² clicking that message would reveal only the Name fields of the item(s).
³ below the item(s) name is a request access button being shown
- streamlined self service for larger organizations
- less time needed for employees to get information about company credentials
- avoiding unneeded/multiple accounts for already exiting websites or services