Bitwarden: Automatically generated passwords with just one click

A new function from Bitwarden promises more convenience. The new version 2024.11 includes a feature that not only fills password fields on websites with stored account data, but also offers to insert an automatically generated password.

When visiting websites for which no login data is stored in the Bitwarden Vault, clicking in a password field causes the inline auto-fill menu to suggest an automatically generated and strong password, Bitwarden writes in a blog post from last week. The password is based on the current settings of the browser extension for password creation. Users can use the first suggestion directly or have another password created by clicking on the "Regenerate" icon.

Bitwarden: Create an account entry more easily

After completing the form, simply click on "+ New Login" to save the access data for the website in the Vault. However, Bitwarden also offers the option of saving the login after the password has been transferred –, so not saving it immediately is not a problem.

Auto-fill has also been given new options, Bitwarden adds. In addition to switching Auto-Fill on and off, there is now a choice of what type of data Auto-Fill should suggest: Identities or cards with credentials.

The release notes list further changes in Bitwarden 2024.11. For example, interested parties must first verify their email address with each client before they can create a Bitwarden account. Under iOS, the copy & paste function has been improved so that it is easier to use. The error handling of non-official servers has been improved. The developers have temporarily removed the function for allowing screen recordings on macOS and Windows, so that the desktop apps now appear in screenshots or screen sharing. For passphrases, the lower limit for words to be used has been increased to six.

Bitwarden points out in the blog that using individual machine-generated strong passwords for each access is the best way to stay secure. The "Auto Fill" menu also simplifies this. For those who do not yet use a password manager, the article "From zero to password manager" provides guidance on how to achieve a big security gain with little effort.

Around a year and a half ago, there were discussions as to whether a certain Bitwarden "Auto Fill" function posed a security risk. In certain configurations, the data could fall into the wrong hands. However, Bitwarden saw no reason to make any changes, partly because the "Auto Fill" function in question is not even active by default. However, Bitwarden users would be better off switching the URI matching to "Host" or "Exact", which would render the scenarios devised at the time useless.

(dmk)