As described in the Topic title, if I sign up at example.com and use the browser extension to add an item, then I find that Android’s Autofill with bitwarden as my default Android password manager will not find any entries for when I’m using the complement “Example.com” Android App. Sorry for that word salad, but I don’t know how else to say it. This issue is mainly because the Android autofill function is looking for androidapp://com.example and not www.example.com
Using Avis as an actual example, I signed up online at www.avis.com. The Website URI field was entered automatically into my item for Avis. Then, I installed the Avis app on my Android phone and the Android autofill could not find Avis. So, to fix it, on Android when signing into Avis, I pretended to add a new item, and Bitwarden added a new item with a URI of androidapp://com.avis.androidapp, then, I copy/pasted that URI into my original Avis item. The next time signing into the app, bitwarden now found my item next time I started the Avis App because of the androidapp:// URI.
I know that sometimes the avis.com does not always resolve to the com.avis.* as in the androidapp:// URI, but perhaps a wildcard prefix of androidapp://com.avis.* would be looked up during bitwarden’s autofill, or, have the URI added to the item automatically at item creation time on the web.
Hope all that makes sense, but I typically sign up on PC and then add apps after since I already have about 250 apps on my phone and only want the useful ones.
If you are using “Base Domain” as your URI matching method (which is the default setting), then you can also deal with this type of scenario by defining a “Custom Equivalent Domain” set under Settings > Domain Rules in the Web Vault. For example, click + New custom domain and then enter the following:
That’s when you discover that the organization example.com uses a different uri for apps e.g. androidapp://com.example.appserver.androidapp The problem is finding the uri. I know there are tricks and shortcuts to finding the uri but I can never remember them. I usually do something similar to @p4rmstrong.
Maybe a better approach would be have an additional option under Add an Item.
@kchapbw One existing function that may work for you (and for @p4rmstrong) is the Autofill and Save button (described here), which is available in the Android app and in the browser extensions (but not yet in the iOS app).
I gave it a test on my android phone and it worked. As I was testing I remembered that I had tried to use the feature before but was caught out by this scenario.
Glad I could assist. Hopefully, @p4rmstrong can use this method, as well.
I don’t know enough about the mobile apps to understand the problem that you faced on the above site (and on the 10% of web/app combos where you believe “Autofill & Save” will not help). If you can explain in a little more detail, I will see if I can come up with any additional solutions/work-arounds for you.
The base domains do not match. So take the scenario where I created my account on my PC. Later, I install the android app on my phone and proceed to login for the first time. Because the base domains do not match, Bitwarden does not offer any suggestions. I’m sure that there is a reasonable fix for this specific example.
If I’ve understood what you meant by the above, then it is an incorrect assumption. Bitwarden doesn’t care if you have multiple URIs stored in a login item and those URIs have different base domains; if your have your URI Match Detection rule (more about that below) set to “Base Domain” (which is the default setting), then Bitwarden will offer the credentials for autofilling if any of the stored URIs have a matching base domain.
Have you made any configuration to the URI Match Detection rules in your vault? There are two places where changes could have been made: in the browser extension Settings (under Autofill), there is a setting for “Default URI Match Detection”, which should normally be set to “Base Domain (Recommended)”:
In addition, when you edit a login item, there is a gear icon next to each stored URI field. This gear icon triggers the visibility of a dropdown menu for customizing the URI Match Detection method to be used for that particular URI. The normal setting is “Default Match Detection”:
Please check if you have made any changes to those default settings, as that could be a part of the problem you’re experiencing (which, to be honest, I still don’t fully understand).
What do you mean “it then changed”? The website for The Age has login forms on both of those domains, so you should have both of the above domains stored as two separate URIs for in the vault item for this account; then you would have a third URI for the Android App.
Remember that the Autofill and Save button is also available in the browser extension, so if you ever find yourself on a login form where Bitwarden does not provide a matching credential for autofilling, then (assuming that you have verified the website is legitimate, and not a phishing attempt) search for the credentials in the browser extension, open the desired login item for viewing, and click the Autofill and Save button. Now you should automatically get a match the next time that you visit this webpage.
Wow nice find of completely disparate URIs. I’m sure there are a lot of Android App URI that won’t even look close to the website URI, and this is mainly because that androidapp URI is based off the Java drilldown paths for the source code [ as from my Android Studio experience ].
I would hope that most of the time for large organizations, the browser URI and the androidapp URI could be fuzzy matched, as in the avis.com and androidapp://com.avis to use com.avis as an example.
Yes, I am using both defaults “Base domain (recommended)” and “Default match detection”, but that only is effective in the browser situation.
Maybe this issue means some sort of fuzzier matching, but only in the case of the Android Autofill as a service when looking up a matching record. Even if it was a crappy fuzzy match ( such as avis ) and load up all the records and display only a few, it still helps us to actually find it. Currently, since an empty list is generated in the Avis App example, I go to the magnifying glass and type in “avis” and up comes my one record, and I use that as “autofill” with the warning.
I guess it would be helpful in the Bitwarden App to ask something or anything if the results when it is invoked and an empty list is returned, to at least ask “Nothing found, please type the name of the app” to at least give something, not just the empty list. It’s the empty list which is confusing.
I was talking with someone with less computer/phone knowledge, and he came across the same scenario, and he said “Nothing shows up in the list” when I want to have it fill for the App, so I told him to use the magnifying glass to enter the name of the app to find at least a few records. I also said, “and you can also just login to the website through the browser”, and he seemed OK with that even though it causes a lot more clicks.
@grb I refuse to use MSFT Authenticator, and I very rarely use Google Authenticator, but I’m wondering if Google Authenticator has the same issue? I guess I could load GA up on a spare phone to test, but I don’t want to go down a testing path that may have already been done. I went down this rabbit hole because of avis.com and the Avis App, but I’m sure there’s a better domain/androidapp pair that could be tested with.
Once you (or they) find the record they want, you can use the Autofill and Save function. Then, next time that you need to log in to that app, you should see the match automatically.
I’m not sure I understand the connection of those authenticator apps to the issue at hand, but I’m probably just being dense.
Yes, that works, however, for my friend, it is somewhat inconvenient (and slightly confusing) to be presented with a blank page, especially since they don’t know to hit the magnifying glass to find their record, then hit the Autofill and Save. I personally can memorize this solution, however, for him, he’s just going to not do it because he won’t remember the process.
For convenience, what I’m asking is if when presented with a blank page, at least there be a prompt to type in the name of the app you’re trying to Autofill and Save for as if the magnifying glass was used, then, maybe prompt Autofill and Save and Cancel. Just make the process easier for people like him to use.
[ I tried to take a screenshot of the empty page on Android, but I get a black screenshot, presumably because the Bitwarden App is not allowing it to be screenshot. ]
[edit] – I found out Google Authenticator is just a TOTP, nothing to do with passwords. I was just trying to find out if Google Authenticator has a solution for this same process, i.e., Enter the name/pass on a PC for avis.com, then, use Google Authenticator to autofill for the Avis app ( for example ).
I owe you an apology, I’m sorry. In post #7 I meant to say
I was referring to the fact that Autofill and Save may not work when organisations use inconsistent base domains. I agree, once the uri is saved there is no issue. Bitwarden does not care if multiple uris have different base domains.
Also, now that I have more experience with Bitwarden, I should have said that Autofill and Save works 99% of the time.
icon next to each stored URI field. This gear icon triggers the visibility of a dropdown menu for customizing the URI Match Detection method to be used for that particular URI. The normal setting is “Default Match Detection”: