When it comes to passwords and online security in general, I tend to go a bit overboard. Why? Because I’ve watched as so many people get their accounts hacked or their identities stolen and it’s no fun to see your friends and family struggle through such an ordeal.
To that end, I strive to add every layer of security I can. One very simple layer I take advantage of lies within the Bitwarden password manager. This open-source tool has quite a good number of features that not only make Bitwarden more useful but also more secure.
One such feature is the password re-prompt.
Also: The best password managers of 2023
Let me explain this feature by way of a scenario.
You’ve unlocked your Bitwarden vault and opened an item. You copy the password and then paste it into a login prompt. You then step away from your desk for a moment, forgetting to either close or lock Bitwarden. Some nefarious ne’er-do-well sidles up to your desk, sees Bitwarden open, clicks the eye icon to view your password, writes it down, and walks off. That person can now log into whatever account you have visible in Bitwarden.
You don’t want that.
Now, if that vault entry had the password prompt option enabled, when the scoundrel clicked the eye icon to view the password, they’d be prompted to type your Bitwarden master password before the password in question was revealed.
To sum it up, with the password re-prompt option enabled, any time anyone (including yourself) wanted to view a password, that person would have to type your vault master password a second time.
Yes, it’s yet another step to access that password, but that added layer of security can keep your accounts from being accessed by anyone but you.
Also: How to use Bitwarden Send (and when you should)
The other silver lining is that the password re-prompt is required when just copying a password.
A couple of things to keep in mind:
- The password re-prompt doesn’t prevent someone from copying the password and pasting it in clear text anywhere else.
- The password re-prompt can be enabled on either new entries or existing entries.
Because the password re-prompt doesn’t prevent copying the password, it’s not a perfect solution. That means, of course, they could copy the password, open an email client, paste it into an email, and send it to themselves. Or, they could simply paste the password into a document and view it in plain text. Even so, it will prevent other people from viewing your passwords. So, it may not be ideal but it’s still an extra step I would suggest you enable (especially for important passwords, such as bank account information).
Also: How to send password-protected emails in Gmail
With that said, how do you enable the password re-prompt? Let me show you.
How to enable the Bitwarden password re-prompt
What you’ll need: The only things you need for this are a working instance of Bitwarded, either on a desktop or mobile device. The process also works on the web-based version. I’ll demonstrate this on the desktop app, but the process is the same on all platforms.
The first thing to do is open the Bitwarden app and unlock your vault.
The next step is to locate and select the vault item for which you want to enable the password re-prompt. Once you’ve done that, click the pencil icon to open the item for editing.
With the vault item opened for editing, scroll down until you see the Master password re-prompt option. Click the checkbox to enable the feature for the item. Once you’ve done that, click the save icon and you’re done.
Now, any time you want to view that password, you’ll be prompted to type your Bitwarden vault password. Those who do not know your password will be unable to view the entry.
Also: This AI-generated crypto invoice scam almost got me, and I’m a security pro
Keep going and add the re-prompt feature to any/all vault entries you believe need the extra layer of security.
A couple of extra steps
This may not stop unwanted users from copying and pasting your passwords, but it will definitely prevent them from viewing them. Because of this, I would highly recommend you set your desktop lock and the vault timeout to very short periods. You might set your desktop to lock after 5 minutes of inactivity and the Bitwarden vault to lock after 1 minute of inactivity. With just a bit of extra work, you can ensure your passwords are far more secure than they would be by default.