Hey there. I like BitWarden. Was coming from Lastpass 3 or 4 years ago and it goes better and better.
Cos of an problem on android with the login I create a temporary account and delete it after my tests. The delete was done in seconds. There was no captcha and just one prompt.
Sorry to ask that, but: Are you serious?
In BitWarden is my digital life saved. All my passwords and a lot of hints and notice pieces. The default BitWarden timeout after install is 15 Minutes. If anybody knows how easily it is to delete a BitWarden account or child or a pet accidentally tapping this option⌠(jep, this could really happen, no joke)
So my suggestion:
Ask for a captcha like BitWarden did It when creating an account
To another prompt if the user is sure to do this.
Instead of deleting immediately the account, just disable the account for 3 month
The only way to push this process faster is by recovery-key
To undo this delete request you need to click on a link in your mailbox. You should get this when you request your deletion.
I think it would be an interesting feature I would imagine some might prefer to have some type of captcha in the Danger Zone or something of the like.
I would be curious about this as I imagine there are some users who upon wishing to delete their account would want all of their data scrubbed from Bitwardenâs systems. Even though there is a zero knowledge architecture in place many users are security conscious individuals some with highly sensitive information stored, and in the event they needed I could absolutely see situations where someone would need data deleted immediately.
I would also like to note Bitwarden DOES currently require you to confirm the master passphrase prior to making any of these changes.
Youâll be prompted to enter your master password to confirm you have the authority to take this action.
Hi @LessOrNothing - which method to delete your account do you speak of? If you try to delete your account through the Web Vault, you are confronted with DANGER ZONE! warnings and bold red text and you must enter your master password before you can delete anything.
If you are deleting without logging in via email, you must respond to the system-generated email before anything is deleted.
In either case, I donât understand how an accidental keystroke or a pet will achieve this. Can you please elaborate?
The same process for deleting your account occurs on the Android app. You canât accidentally delete it unless you also âaccidentallyâ enter your master password. I donât think a child or pet could do that, as you suggest.
