Vault Item Sharing

Sharing secrets with a single user would be nice to have. Right now the only way to do it (that i know of) is to create a collection just for that user, which is suboptimal because it pollutes the collection list.

(this was originally Share with a single user · Issue #124 · bitwarden/web · GitHub)

BTW, being forced to make yet another account on a forum I’m not familiar with and resubmit an issue I already submitted because of an internal tool reorganization is uber annoying.

11 Likes

Yes, I think this would be a great feature.

I would like to illustrate @bfabio request with a use cases:

In my organisation we have to rely on another encrypted medium in order to share secrets between users. Because collection-based secret sharing is always for very low-risk secrets & for non-individual account. Which is rather rare actually.
What’s happen very often on the contrary, is someone, creating a secret for someone else. Either to transfer a secret (and leave it) or to share a secret.

Exemple:

  • Transfert a secret: Creating an account for someone else (eg. aws identity), setting up the login card with all the expected informations along with the secret, then send it to someone else, giving him ownership on the secret.
  • Share a secret: all employee maintain their identity card, with some confidential informations in it, and share the card with the human resources manager.
4 Likes

Aggree - espeacially for big organization that would be important to have, because the admin will not be able to manage collections and group settings for all departments.

4 Likes

I just found this because of another post I made.

I would +1 this as well.

Sharing should really be a feature for the personal premium accounts, not just “organizations.” Ideally, I would like to be able to share with 1 or many different users. At any time, I should be able to unshare with 1 or more users that I’ve shared an item with.

As someone who is just starting the evaluation of a PW manager for my wife and I, I find the way the bitwarden does it confusing. This is then compounded by the pricing of what is technically two different products (personal and organizations).

5 Likes

Just found out about BW and considering moving over from LastPass. Also found this thread when searching for how to share things with a single individual. Often we share passwords with one team member for whatever reason so seems a bit limiting to not be able to do that and a single collection for each team member seems overkill.

4 Likes

I migrated from Last Pass and this option a long time ago by the team, now creating a collection for each one is very bad, only point until then negative

2 Likes

Hi,

This would be a very usesul feature, because the only alternative is to create a new collection for every pair of users that want to share items between them. Creating one collection by user is not enough, otherwise any user in that colllection can see all password for that user.
This feature is a must have !
Thank you

4 Likes

Hi vbev,

Not sure this would work for you but here’s what i did to help our organization with sharing without creating a collection for each Item. I have an organization setup.

  1. As admin create a collection for each user… (user1 logins, user2 logins etc) Give the user permissions to only their own collection.
  2. Have every user share their items to their own collection which the organization now takes ownership.
  3. Admin then can go in and share an item with only collections needed (say user1 and user2 collections) so only those users have access to that item.
  4. Users can send requests to administrator to share their Item with another user. Admin can then login into into the organization and share that login item with the specific users collections. Now users can just look into their own collection and see the shared logins

This works for us on a small scale. Downside is now administrator have to manage this. The upside is that since all users have shared their Items with the organization, if an employee leaves the organization then the organization still retains ALL items. This only works if the user/employee shares ALL of their Items of course.

Hope this makes sense.

lukeyboy

2 Likes

Good idea !
Regarding the manual process of asking the admin, Couldn’t it be automatized ? By developing some kind of backend and a frontend where users would be authenticated using their corporate email, then the frontend via API would request the backend on behalf on the logged in user to share some item into another user’s ad-hoc collection. The backend would be running with an admin credentials and would use the bitwarden client to send the appropriate sharing update request to bitwarden.com server. There would be some checks in the backend to make sure the item to be shared belongs to the user in its ad-hoc collection.

Of course, it would be a lot easier if this feature was native instead of having to develop it in every company…

Finally I would still let the users create item without putting them in their ad-hoc collection if this is actually private stuff like some.

1 Like

Great request. In LastPass I was able to just share an item (even with attachments) with any user. As simple as that. And here in Bitwarden item sharing is super confusing, hard to use and not easy to understand, and costs additional money. It looks like this sharing options for companies, and not for personal use.

Please, revise sharing options for personal use!

PS: I paid for premium to support this project and the ideas behind, but I will look for other options in managing passwords if personal sharing won’t be revised and implemented.

2 Likes

So I migrated from Lastpass this week and the only thing I miss is the ability to share a login with someone. I

It is so easy in Lastpass but can only be done (AFAIK) in Bitwarden using Collections which is nowhere near as good as the Lastpass solution where you are advised whether the person had accepted the shared login or not.

With Collections, perhaps because it is new to me, I have no confirmation that my shared login has been received?

1 Like

If both users have access to the collection, as soon as you place the item in the collection it is available to the other user :slight_smile:

They may need to sync their vault, but it will be there :+1:

2 Likes

Thank you for your quick response.

As a newbie I should have drilled down harder but anyway, I now realise my mistake that I missed a step in adding the person to the Collection. I thought I had done this when creating the Collection but only realised now that I had missed that step somehow.

In summary although different from LP the approach does involve a sent invite and a mechanism to report back when accepted so I am completely happy.

Just wish there was an autofill function! :wink:

1 Like

Autofill is there :metal:

It’s disabled by default but you can enable autofill on page load in the browser extension settings :slight_smile:

1 Like

OMG. I keep learning things. I thought I had read somewhere that it was not supported.

Anyway, I now found it (Settings, Other - Options, first option). Just tested with my bank and autofill.

Joy.

Thanks again! :+1:t2:

1 Like

I just found this. I am a premium subscriber and want to share a password with a friend. Not an org, not my family. I really wish I could just enter his email and he would just get it in his account or get an email to create an account to accept the note/password.

1 Like

I think this feature request has been implemented in the form of new feature - Send - About Send | Bitwarden Help & Support

2 Likes

Now hopefully this Send feature will be expanded to vault items versus just generic text/files. Messing with collections for one-off shares is pretty messy imo.

4 Likes

Sharing between individuals (and the ability to unshare) is important for both individuals and organizations to have access to. We are considering moving away from LastPass but the sharing model here is a bit too complicated.

1 Like

From what I understand, Send is for sharing new bits of text or files - not existing passwords or secure notes.