I’d like the ability to change the source/from email for items I share from “Bitwarden Send”. The way it works today is that the recipient of my Send sees that it’s from my main Bitwarden email address. I’d like the ability to verify multiple email addresses with Bitwarden and then be able to both specify a new default Bitwarden Send email address and change the from email address for each Send I create.
1 Like
@jimj I like that idea as we all have multiple emails and not all of them are available to everyone. So, being able to specify ‘from’ would be nice.
would displaying you email which is also your login, means that you involuntary give away part of your login details?
Anyone who I send it to now will know my login.
if somepeople reuse (or use weak) password for their master pass and dont have the 2FA setup, hacker could use list of compromised passwords for this particular email address (from breaches) and login to your account.
Or even try to get entry to your email and then even bypass “Email 2FA”.
Why not make it optional to display email?
1 Like
I had the same thoughts. Personally I’d prefer it if it didn’t display an email address, but I was assuming that Bitwarden wanted a way to track back to the original sender in case you used the Send function to spam or harass someone.
spam prevention is the responsibility of the platform e.g Facebook, Email etc.
Regarding the abuse, you can identify this person by the platform they used, if they used email to send it, you will have their email (not necessary their login)
1 Like
I can’t use Bitwarden Send if it automatically exposes my account.
2 Likes
@robertpaulson Exactly. I’ve created an account just for Bitwarden to minimize the potential hacking attempt and this would just expose it… So, there is room for improvement and I don’t see a need to show that info.
It’s a great feature, I’m not using this only because my email gets exposed to receiver. Hope to have this feature released soon in near future. Thanks
www.sync.com has a send function similar to Bitwarden but they ask you to set a display name for the send.
I will be refraining from using the Bitwarden send feature until it is possible to hide or mask our main account email address.
I see you can now hide your email address:
2 Likes
Unfortunately, because of the warning this is still almost unusable for me. The warning scares a lot of my recipients, they hesitate or are too scared to download my file.
I hope there will be an option to add more (verified) e-mailadresses to bitwarden send soon for this feature to become more useful. I also have the problem mentioned before: I use a specific e-mail for bitwarden login only for security reasons. I don’t want that address to be exposed (by the bitwarden send feature). It is also an address where I’m generally not reachable.
1 Like
Yes, we definietly need this. I’d also like the ability to send from an organization’s email. Those are already verified so should be a no-brainer.
I think it would be a horrible idea to be able to send a different e-mail address as originator. This would open all gates to impersonation attacks.
I do like how currently it is possible to not show the sender e-mail address.
I would recommend you place whatever contact address you would like to supply inside your text text block.
@JurgenG it should be easy for Bitwarden to restrict your originating email address to only verified email addressees to avoid impersonation attacks.
indeed… but I guess you see the feature creep crawling in…
Is this the only feature request? I feel like there was another with a lot more votes but I can’t find it right now.
This seems like the next logical step to me. Many people do not want to reveal their Bitwarden email address. Furthermore, in a lot of cases, that address does not identify the sender in any meaningful way. So there is only downside and no upside to showing the real address.
Whereas if we could verify at least one other email address then we could send stuff from an email that is meaningful to the recipient. Until this is implemented, Bitwarden Send’s usefulness is greatly impaired because the warning message is (rightfully so!) a little intimidating when the sender is hidden.
I hope this gets implemented some day. Perhaps as a premium feature to further mitigate against any possible misuse.