Hi, When I go the Bitwarden site and click on ‘Log In’ a box appears with my email address and password already filled in. This is worrying as all of my personal data and passwords could be accessed by anyone who uses my computer and just clicks on the Bitwarden site! This appears to be a major security failure. Has anyone else experienced this and, if so, do you know a way of stopping this from happening?
That’s probably filling in the password from community.bitwarden.com. What I did to fix this issue is I edited the community.bitwarden.com URI detection the make it detect “Host” and not “Base Domain”. This fixed my issue. You can try it. Have a great day!
Thanks for your reply, but I am afraid my tech skills do not stretch to working out where I need to go to change the URI detection settings. I have looked in the menus on the main Bitwarden site and on the Community site but cannot find anything.
Further to my original post, I have now discovered that I can change the settings on the Chrome Extension for Bitwarden so that I have to enter my Master Password before entering the site - which is what I want. However, if I access Bitwarden via the Chrome Browser my email address and Master Password are displayed automatically and can be seen by anyone who uses this computer. There does not appear to be anything in settings to turn this feature off. I migrated all of my data from LastPass and I am now regretting it.
Apologies to Bitwarden, the fault was with Google (and my poor computer skills).
My email address and Master Password were being automatically filled in by Google Password Manager (GPM). Autofill with GPM is normally not a problem as it allows you to gain access to common sites without any fuss, however, in the case of Bitwarden it fills in the details and leaves them hanging on the screen for anyone to read! I have now removed the Bitwarden site from GPM and when I now enter Bitwarden through Chrome I am prompted to enter my Master Password - Result!
For filling in the data you now have Bitwarden. Therefore you should consider deactivating the password manager within Google Chrome and deleting all entries (of course after you made sure that all credentials from inside Google Chrome exist inside Bitwarden).