Two Person Sharing with One in Control

I am a former LastPass user who has left because of security concerns and who has converted to Bitwarden after reading numerous reviews. So far I am very pleased with the product and have 150+ logins in my vault that I have brought over from LastPass.

My wife and I have separate PCs, and currently I am the only one using Bitwarden. I would like her to enjoy the ease of logging into sites that I experience. I’ve been reading articles on family plans, organizations and collections, etc. and am deciding how best to proceed.

My wife’s level of computer expertise is very low, even after years of using one, and her interest in learning more about computer use is equally low. I think that for us, better than any sharing plan would be for her to have her own Bitwarden account. I would export my vault, delete a large number of the password entries that she doesn’t use and import the remaining entries that she does use into her account. She probably accesses about 10% of the websites referenced in my vault. She will also never add passwords to her vault.

Does this sound like a reasonable approach? Is there any problem importing a small number of my entries into her vault? Any advice will be appreciated.

The main pitfall is that if you change any of the shared passwords, you’ll need to do it in two places.

Alternatively, you could create a shared collection, and move the 10% shared credentials into the collection. Then you would also be able to set up access controls to prevent her from accidentally modifying or deleting any of the shared login items.

After making the initial post above a couple of months ago and gaining more experience with Bitwarden, I’ve decided that the following approach is probably best and requires the least effort:

  1. Have separate BW accounts for my wife and me.

  2. I do all updates and maintenance of the vault on my PC.

  3. Initially I exported my vault and imported it to her account on her PC.

  4. Periodically after there have been changes, I will export my vault, delete the entire contents of the vault on her PC and import my latest exported vault. Even though there are many entries she will not use, it’s easier to include them than to specifically delete some of them. They are also there if I use her computer.

Does anyone see a problem with this approach?

It is just that it is a lot more work then having the pool of shared logins in a collection as that collection is automatically updated when either user changes the password. My wife and I have been using this scenario for more than two years and it has been foolproof. (My wife seldom ever changes a password so our situations are quite similiar.) It does take a bit of reading to get things set up initially but it is not really that difficult-- as I remember it.

Your approach should be fine, unless she ever adds her own vault items (which you’ve said she’ll never do), or if any of the shared vault items contain file attachments (which wouldn’t transfer over in the export/import process).

Furthermore, I would strongly recommend that you use the “Password-Protected JSON” format for the exports, which you can only create from your Web Vault (by first specifying an encrypted JSON format, and then selecting the “password-protected” option, as opposed to the conventional “account-restricted” option). CSV exports do not preserve all vault data, plain (unencrypted) JSON exports are likely to leave sensitive information on your device (which can be recovered from an SSD even after deleting the file), and the “account-restricted” exports can only be imported back into your own account.