The Bitwarden Blog
Six ways password reprompt delivers the right Bitwarden security for you
August 2nd, 2021
Delivering on continued feature development and community feedback, Bitwarden now offers Password Re-prompt, part of an extensive set of new features rolled into the latest Bitwarden release.
The feature - available for desktops, mobile, and across free and paid Bitwarden plans - is highly anticipated among the Bitwarden community as a way to bolster day-to-day security. When activated for an individual item, it prompts the user for their master password once more, before accessing or editing a hidden field.
To activate this feature for any given Vault item, simply select the option from the add/edit screen to require verification of a master password to access the hidden fields of that item such as a password or credit card number.
If you’re already using Bitwarden without this feature, rest assured: Your passwords and everything stored in a Vault are end-to-end encrypted. Password Re-prompt isn’t a new approach to encryption, nor does it change the quality or strength of your Bitwarden Vault. Rather, it prompts you for your master password more frequently, which adds an extra layer of security for those who want or need it.
What are some real-life scenarios of password re-prompt enhancing your security? We tapped into the Bitwarden community of users for their feedback - they couldn’t have said it better.
When you’re logged into the Bitwarden Vault and accidentally leave your laptop open in a public setting (coffee shop, shared workspace, etc.)
“It rarely happens that I leave any device with Bitwarden unlocked, but mistakes happen.”
When you’re extra cautious about items with sensitive banking or financial data.
“I would like another verification step before accessing some of my items, credit card numbers, and some extra sensitive passwords.”
When a friend wants to borrow your laptop to quickly “check on something.”
“Having this feature will protect my data from someone who ‘just wants to check their email’ on my computer.”
When you’re working on a shared family computer.
“I use Bitwarden on a family shared computer and...when it’s unlocked, my family can see all my passwords.”
When you don’t want your kid making a surprise Amazon purchase because you forgot to lock your Vault.
“...you’ve got three kids running around one painting the walls, the other running around without a diaper and the third trying to climb to the roof because he thinks he’s Superman and can fly… locking your computer is the last thing on your mind.”
When it’s convenient to have the Bitwarden extension active for as long as you need.
“Without this feature, I’m forced to lock the extension very fast to prevent a malicious user from logging into my bank account.”
All hidden fields remain hidden until the master password is prompted and entered again. The sequence of master password re-prompt is client specfic. For mobile, browser extension, and desktop, re-prompt is activated before editing an item. For the web vault, it is activated before viewing an item.
Master password re-prompt is part of the latest Bitwarden release rollout, which marks new features for usability, upgrades, and enterprise management. Highlights include:
- Admin Password Resetis available on the Bitwarden enterprise plan and allows administrators to reset end-user accounts if an employee loses or forgets their Bitwarden master password.
- Bulk User Management gives organization owners and admins the ability to resend invitations, confirm accepted users, and remove users from an Organization in-bulk.
- Event Log Export enables owners and admins the ability to export event logs directly from the Web Vault.
For the full release note, please visit our Help Center here
Start a free 7-day trial for business plans at https://bitwarden.com/pricing/business/
Individuals can access a Bitwarden Premium Account for just $10/year or a free account at https://bitwarden.com/pricing/
Back to Blog