Sharing secrets with a single user would be nice to have. Right now the only way to do it (that i know of) is to create a collection just for that user, which is suboptimal because it pollutes the collection list.
(this was originally Share with a single user · Issue #124 · bitwarden/web · GitHub)
BTW, being forced to make yet another account on a forum I’m not familiar with and resubmit an issue I already submitted because of an internal tool reorganization is uber annoying.
Yes, I think this would be a great feature.
I would like to illustrate @bfabio request with a use cases:
In my organisation we have to rely on another encrypted medium in order to share secrets between users. Because collection-based secret sharing is always for very low-risk secrets & for non-individual account. Which is rather rare actually.
What’s happen very often on the contrary, is someone, creating a secret for someone else. Either to transfer a secret (and leave it) or to share a secret.
Exemple:
Aggree - espeacially for big organization that would be important to have, because the admin will not be able to manage collections and group settings for all departments.
I am constantly pushing our company to move to BW organization, but every day we get more and more used to LastPass.
One feature I see used more and more that is lacking in BW is external sharing.
ie. We have a contractor. We don’t want to add him to the org, but we need to share 1 or more passwords with him.
In LastPass we can add free-account-members from outside our org as a reader/writer to any internal share folder / shared items. This seems to get used a lot…
Couldn’t you just add the user to the org with limited access to achieve the same effect?
Yes, but the difference is:
If we had to introduce a flow for doing this, we need to increase workload on IT admin and finance staff for approval on the org addition and budget clearance.
I understand it’s a hard feature to add to the current model and has possibility for abuse. But just letting you know a feature we use of your competitor.
I just found this because of another post I made.
I would +1 this as well.
Sharing should really be a feature for the personal premium accounts, not just “organizations.” Ideally, I would like to be able to share with 1 or many different users. At any time, I should be able to unshare with 1 or more users that I’ve shared an item with.
As someone who is just starting the evaluation of a PW manager for my wife and I, I find the way the bitwarden does it confusing. This is then compounded by the pricing of what is technically two different products (personal and organizations).
Just found out about BW and considering moving over from LastPass. Also found this thread when searching for how to share things with a single individual. Often we share passwords with one team member for whatever reason so seems a bit limiting to not be able to do that and a single collection for each team member seems overkill.
I migrated from Last Pass and this option a long time ago by the team, now creating a collection for each one is very bad, only point until then negative
Hi,
This would be a very usesul feature, because the only alternative is to create a new collection for every pair of users that want to share items between them. Creating one collection by user is not enough, otherwise any user in that colllection can see all password for that user.
This feature is a must have !
Thank you
Suppose you want to share a password 1 time with someone else, you should be able to generate a link and email that link to that person.
He or she can than see the password 1 once. The link itself expires too after a few days (configurable when sharing?)
Kinda like http://onetimesecret.com, but integrated in the Bitwarden web interface.
This feature could also be used for the “Emergency access” feature request here. An emergency contact could receive an email with the master password (or another item that is configured for emergencies?).
This however, would require a working SMTP server, so it’s not perfect. I’d like to see emergency access to be more robust and not dependant on any external service like SMTP.
I.e. the old sysadmin at the company dies and servers have started to deteriorate. Only then will people scramble and realize they can’t receive the emergency password. Sounds kinda far fetched, but that’s how emergencies are sometimes.
Hi vbev,
Not sure this would work for you but here’s what i did to help our organization with sharing without creating a collection for each Item. I have an organization setup.
This works for us on a small scale. Downside is now administrator have to manage this. The upside is that since all users have shared their Items with the organization, if an employee leaves the organization then the organization still retains ALL items. This only works if the user/employee shares ALL of their Items of course.
Hope this makes sense.
lukeyboy
Good idea !
Regarding the manual process of asking the admin, Couldn’t it be automatized ? By developing some kind of backend and a frontend where users would be authenticated using their corporate email, then the frontend via API would request the backend on behalf on the logged in user to share some item into another user’s ad-hoc collection. The backend would be running with an admin credentials and would use the bitwarden client to send the appropriate sharing update request to bitwarden.com server. There would be some checks in the backend to make sure the item to be shared belongs to the user in its ad-hoc collection.
Of course, it would be a lot easier if this feature was native instead of having to develop it in every company…
Finally I would still let the users create item without putting them in their ad-hoc collection if this is actually private stuff like some.
Great request. In LastPass I was able to just share an item (even with attachments) with any user. As simple as that. And here in Bitwarden item sharing is super confusing, hard to use and not easy to understand, and costs additional money. It looks like this sharing options for companies, and not for personal use.
Please, revise sharing options for personal use!
PS: I paid for premium to support this project and the ideas behind, but I will look for other options in managing passwords if personal sharing won’t be revised and implemented.
share to transfer and create share mechanismWhy?
The currently implementation is not a share. It is a transfer. The ownership of the item changes. There is some decent confusion on this.
I am aware that “pull requests are welcome” and will start looking at this myself. OSS FTW.
This would be the greatest fix I would say because it prevents many users from losing passwords just by deleting the organization or purging organization vault. Happened to me 2 times. It is a much needed function. Or both share and transfer should be present and users can select what they want.
Can’t understand how this has gotten so few votes. This would be extremely helpful for businesses where sharing secrets externally is occasionally needed. It wouldn’t even need an SMTP server configuring, you could just have an embedded one-time link into each item which can be copied and sent via email as needed.
Thats what the API is about, isn’t it? I hope this GIF is suitable enough
Yes, this is definitely a must have feature. The current naming is very confusing. And the lack of “classic” sharing mechanism is the main thing I miss since I switched from lastpass to bitwarden.
