I was actually expecting to get this with premium: Items should be checked automatically and have a little indicator for weak, duplicated, compromised passwords. Data breaches should be announced via OS notification and a big red banner in every BW app.
I think the current browser-only manual reports are „nice to have“, but nothing more. The consistency of automated checks is far more beneficial than sporadic manual reports on the website. Especially for the ones that we are forcing to use BW (let’s call them family).
Trey Greer once said that such a feature would require the vault to be unlock or decrypted every time, which is not very safe. There probably might be a better way.
Once a day it could do while you have it open or provide a prompt to initiate it. I believe 1Password checks once a day but I don’t know how they have implemented it.
I don’t know how 1P does it, but like MONKiPASS says, checks could be done when the vault is unlocked. For data breaches maybe the service could have it‘s own (secure) database of just the sites in your vault, so it can work independently and warn you if need be.
This would be great! If you are logged in and the vault is unlocked, in theory, it should be able to detect. As others say, once a day would be fine and it could be run as the vault unlocks.
Integrate a recurrent automatically checks for all the passwords in the vault to make sure that none of them has been in a data breach via Have I been pwned .
I have friends that use 1password and Watchtower is the reason they picked 1password over Bitwarden. I agree this feature would go a long way towards matching 1password’s feature set.
Had an idea to extend the reporting functions of Bitwarden.
When a password has been found to be compromised by a recent leak it should be able to send you an email alert saying your password has been found to be compromised, so you can update it and avoid losing data etc ASAP.
Monthly or weekly reports on whether your passwords are weak, being reused or 2fa isn’t used on the account could also be sent out too, keeping you up to date on your security.
Adding on to this, passwords older than 3,6 or 12 months old could also be notified for organisations that need to keep them updated.
I would imagine this would be more of a premium feature rather than a free one since you’d be paying for the service.
Data Breach Report should do automatic lookups and alerts
Feature function
We have to add manually email addresses that we want to lookup. The thing is some people have a lot of different email addresses. For example, I have more than 20 email addresses and aliases. So the feature function would be to configure an automatic lookup for all email addresses contained in a vault’s item, in addition to the manual lookup. Automatic alerts would be useful as well. What I would like to see at best is something similar to 1Password Watchtower, or at least something similar as LastPass Security dashboard.
This feature would bring better visibility and alerts for users, and users won’t have to manually check each of their email addresses randomly. Also, it would offer a more convenient security dashboard to users.
I definitely agree that these features need to be developed in Bitwarden as well. It would make Bitwarden easier to use and make it much smoother and faster. Also, password scanning for leaks would add security to passwords, so these are must-have features.
This is pretty much the main feature I’m missing in Bitwarden. It would also be nice if this future dashboard would also be accessible from the desktop and mobile app. It would create more peace of mind and be much more intuïtive than accessing the web vault and going to reports. And when you visit the website, or look at an (possibly) compromised password, an alert would be helpful too.
I hope this suggestion will get more votes, because I think many users will greatly appreciate it.