URI match detection for ports

Hi,

Been using Bitwarden for a while now and the biggest issue I’ve encountered is how Bitwarden handles URI matching.

A lot of the logins I have saved are for self-hosted things, that are under a bespoke port. For the rest of this explanation, let’s use my Plex server, under port 32400.

Unfortunately, the two closest match patterns Bitwarden offers are base domain and host. Base domain will suggest the login when I am on ANY port of a specified domain, meaning any time I’m connected to my server, any services I have will be recommended, despite being on different ports. Host is a little bit better, as it only recommends if the domain + port matches, but that still leaves me with a problem: I’m not always connecting from the same domain. I could be connecting via localhost, an internal IP, hostname.local, an external IP, or a domain name (which I do all of, depending on the service and where I am relative to my server). That would require me to add 5 URIs to every self-hosted service, if I were to use match detection.

I think, then, it would only make sense for Bitwarden to offer a port match. If it ends in 32400, suggest my Plex login. I don’t think that this would prevent any false suggestions, as you’d never be visiting google.com:32400, and most services that use a bespoke port, will use a port that is not used by another service. (But really, when would you ever be connecting to something with a bespoke port, that you didn’t set up yourself? Except if there’s two instances of the same program across two servers… but how is that any different than 2 accounts under 1 website? anyways…)

Anyways, to try to visualize this, let’s make a table. Let’s say I saved my password when connected via localhost. Where would Bitwarden find it appropriate to recommend this password again, with different match patterns?

Domain Base Match Host Match Port Match
localhost:32400 Y Y Y
10.0.0.XX:32400 X X Y
localhost:25565 Y X X
server.local:32400 X X Y
my-public-facing-URL.com:32400 X X Y
google.com:32400 X X Y

One false positive is better than a dozen false negatives, IMO :slight_smile:

All in all, I think it’d be a relatively easy feature to implement, and I might try to do something similar with Regex in the meantime, but seeing it supported in an official capacity would be the best. Thanks!

2 Likes

I fully agree. It is the most annoying feature that is missing here.

Especially if you’re developing this is a must - have, currently my main reason NOT to use bitwarden.