The Bitwarden Blog

How the open source community strengthens security tools

authored by:Bitwarden
posted :
  1. Blog
  2. How the open source community strengthens security tools

Bitwarden is an open source application. What does that mean? Simply put, it means anyone can view the Bitwarden source code, fork the application, or even submit a pull request for new features they want to be considered for inclusion. And with a thriving community of enthusiasts, you can bet this happens fairly regularly.

Take, for instance, a pull request made by user andrewda, from back in October 2021. The object for this pull request (directly from the Bitwarden Github site) reads:

"This PR allows Bitwarden to auto-fill TOTP fields in a login form, reducing hassle from having to click on another input box and paste in the code."

TOTP stands for Timed One Time Passcodes. In simplest terms, the new feature makes logging in with 2 Factor Authentication much more streamlined. Prior to this pull request being accepted, these TOTP codes would have to be copied and pasted using the system clipboard. With the pull request added (and slightly modified by the Bitwarden engineering team) now the TOTP can be autofilled by using the hotkey (Ctrl/CMD + Shift + L) or through the extension UI. 

Bitwarden thanks andrewda for their contribution!

Try that with a proprietary application and see how far you get. Spoiler alert…not very.

But why exactly is this TOTP feature useful? 

It's all about efficiency. 

Take this workflow into consideration: You're logging into a site on your mobile device. You tap the username field and select to have Bitwarden autofill the username and password. You then tap to send the 2FA code to your device. When the 2FA code arrives, you have to (at least with Android) pull down your Notification Shade and memorize the 2FA code. Back to the login screen, you have to then type the 2FA code to gain access to your account.

While this is not particularly challenging, when you need to log into many accounts throughout the day this process can feel a bit repetitive. Now, imagine Bitwarden is also capable of auto-filling the TOTP code for you, so you don't have to memorize it and type it manually. All of a sudden, your 2FA-enabled logins become considerably more efficient. 

Have you ever thought you memorized a 2FA code, only to find out you got it wrong? By the time you track down the notification, it's too late and you have to request another TOTP code.

Fortunately for Bitwarden users everywhere, this feature has been added to help streamline the process.

Even better, anyone in the Bitwarden community (with the necessary skills) can contribute with pull requests. You might have the perfect feature that would make Bitwarden even better. If so, join the Bitwarden community and start contributing right away. For those that are less technical but still want to contribute, community translation is also a powerful way to connect with and support the global open source community.

That's what open-source is all about. Community and the ability to contribute so the application you use and depend on improves with each iteration. To do so, make sure you have a GitHub account and then follow Bitwarden on GitHub. As a member of this growing and supportive community, you can help expand the features found in Bitwarden so that everyone benefits from your brilliant ideas.

Get started with Bitwarden

Not using Bitwarden already? Get started with a free personal account or sign up for a 7-day business trial to see how Bitwarden can secure your enterprise.