TWO passord fields + bug

When I login to my office email I’ve to enter:
User name
Password #1
Password #2

Password #2 is a 4 digit PIN + 6 digits generated by a RSA authenticator app.

Obviously I can’t store the 6 digits that are regenerated every 30 seconds, but I would like to store the other information.

So it would be great if Bitwarden supports that 3rd field.
But until it does that, it should enter nothing in the 3rd field.

The fieldnames I found using the right-click method are:
Ecom_User_ID = User name
Ecom_Password = Password #1
Ecom_Token = Password #2

Right now it enters data as follows.
*In the ‘User name’ field it enters ‘User name’
*In the ‘Password #1’ field it enters ‘User name’
*In the ‘Password #2’ field it enters '‘Password #1

I must add the above is a bit of guesswork because I only see dots on the password fields. Only the number of dots lead me to that conclusion.


Right now it seems to enter Password #1 also in the field of Password #2. So I think that’s a small buggie that needs to be squashed :slight_smile:

You need to use a custom field and custom field autofill for a second password @NoNameEntered. There are good instructions in the Bitwarden online help:

1 Like


That’s the closest I can get. I’m missing the Password field and can’t enter the HTML name of the custom field

I also think Auto-fill should only fill in one password field, even if there are multiple on the page.

Actually you can store the time-based one-time password (TOTP) key in Bitwarden and if you have a premium subscription it can generate the 6-digit code automatically and put it in the clipboard whenever the password is filled out. So if you manage to auto-fill the PIN part of that second field, you just need to paste the time-based code after it.

Many websites will simply tell you the key when you set up the TOTP, but you can also extract it from the QR code you get when you set up the 2FA app. Simply scan the QR code with the camera on your phone outside of the 2FA app and read/copy the text. It will contain a URI, which in turn contains the key. For example otpauth://totp/my-website-or-username?secret=HZH4XMV6M4K7LVWRU. Just copy the secret part and save it in the Bitwarden entry in the field “Authenticator key (TOTP)” just below the password field.

It’s useful if you ever need to recover the 2FA on another phone for example. You can even set it up on multiple phones with the same key if you want.

I think I finally managed to do what @dh024 pointed me to. It only seems to work in the web based vault. Is that correct?
Unfortunately it doesn’t seem to make any difference because BW keeps entering Password #1 in that (Password #2) field; and I see no way to configure the correct one.

Maybe you can try to keep the value of the custom filed as null , if you don’t want to get it auto-filled with other password. The custom auto-fill feature is available on browser extension as well but i think the name of the custom-filed should be an exact match , for the extension to detect the custom field.Ensure if you used the right click method to copy the custom filed name.

I’ve no idea how to do that.
I’ve managed to get the fields setup as my last picture shows, but I’m unable to enter any value in those fields.

Please also re-read my first post in this thread because I just made a big edit (based on the kind feedback of you all) By the looks of it not only the third/custom field is wrong.

I’m quite new to BW (currently I’m a paid LastPass user who’s not really happy anymore) so I can’t make statements on extensive experience, but by the looks of it BW fills out correctly if if it’s the standard Username and Password page.
But when it has 3 fields things go wrong. But it also goes wrong when there is just one field like on Amazon.There I have to enter my username on a page. Then on the next page my password. BW enters my password on the username page.

Try not using the password field - just create two custom fields for the two passwords.

1 Like

I’m willing/trying to do that, but can’t find a way to enter my passwords in the two custom fields I’ve created.

When I use the regular password field BW enters something wrong, but it enter something.
If I add two custom fields and leave the regular password field blank, BW enters nothing. Not even the user name.

So do you have these fields set up?


(Where “password1” and “password2” are your password and 4-digit PIN respectively.)

1 Like

Got it working! @dh024 helped using a private message. He’s far more capable explaining what was the fix, but my short summary is:
3 instead of 2 custom fields.
1 TEXT field
2 HIDDEN (instead of linked) fields

And in this case, it was also necessary to leave the default fields Username and Password blank in Bitwarden.

Glad it worked for you @NoNameEntered !

Me again, sorry :slight_smile:
While it works as a charm with the Chrome plugin on Win 10 x64, nothing is happens when I try the same with my Android phone, Chrome and the BW app. All fields stay blank.

1 Like

Yes, this is a limitation of the mobile apps, unfortunately. You have to revert to copy and paste, I suspect :cry:

Hopefully that changes before my subscription at my current password app expires.
I’ve gotten a bit fed up by them ignoring a usability issue that has been reported over and over for years now. So I’m looking into several replacements. But exchanging one usability issue for another doesn’t look like a good deal.

Bitwarden is a new product with a very small development team, unlike the multi-billion dollar companies like 1Password, so they just don’t have the resources to immediately solve every small issue that arises, unfortunately. Their focus seems to be much more on security and efficiency, but if usability is key for you, sure - I understand where you are coming from.

I didn’t even know BW is new product. See that as a compliment.
While I don’t like I’ve to setup special fields to get things working (LastPass does it out of the box) I do see the power of it.
None of the big boys I’ve seen can handle those 3 field logins. BW takes some setting up, and then it works.

Their focus seems to be much more on security and efficiency, but if usability is key for you, sure - I understand where you are coming from.

I think you can’t really have one without the other. It’s hard to explain because it’s in large part a feeling and not science.

If security is very user-friendly, people use it. But if it gets cumbersome they avoid it.
People see the use of AV, but if the app reports about everything as a security risk it gets uninstalled.
When Windows got UAC to boost security, people turned it of because it was nagging to often.

The password manager industry greatly boosted security because less people use 123 as password. That includes me who now uses those insane 20+ random char passwords.
But if the usability suffers people ditch the app and revert to 123.
Even if that usability issue is backed up by extremely solid research.
2FA is great, but will force people back to 123 if they hate the extra steps required.