Windows 11 Pro - Password visible in preview window

Apologies if this issue has already been brought up before - I couldn’t find a similar discussion.

I’ve noticed an issue with Bitwarden running on Windows 11 Pro, such that I can see my previously looked-at password even when the app is ultimately locked. The problem occurs as follows:

  1. Open Bitwarden and look at any login credentials, toggling visibility on so that the password can be viewed.
  2. Minimise the app (which automatically hides the password if you click back on the app again).
  3. Hover over the Bitwarden app icon in the Windows taskbar.
    3a. This brings up a very small version of the app, for which it is possible to see the credentials on a big enough screen.
    3b. Hovering the cursor over the small pop-up brings the window to the front of the screen, showing the full credentials.

If I then click on the app, one of two things will happen:

i) If the vault has not been automatically locked, then the visible password will change to *********.
ii) If the vault has been automatically locked, then Bitwarden returns to the login screen.

But for that single credential that has been left open, it’s possible to look at the information without actually having to click on the app window. I assume that this has something to do with how Windows saves the layout of previous windows for a preview pop-up, but for an app like Bitwarden this could pose a serious risk.

Does anybody know of a setting that I can change in either Windows or the Bitwarden app, so that I can make sure this doesn’t happen?

When I minimise the app, it goes into the system tray where I cannot hover over it to get a preview, may be worth enabling that setting if you haven’t tried already (I’m on Windows 11 Ent dev builds)

image

1 Like