Application Interface

How I access this tool, and how it is displayed to me.

Desktop

WebApp

https://bitwarden.com/help/article/getting-started-webvault/ 

In it's most basic form, there is a webapp that users can log into with their browser:

2021-07-12-19-26-01-Bitwarden Web Vault.png

This is most handy as a bookmark in a web browser, or for accessing on public, or otherwise non-typical devices.

This is the best place to perform administrative functions, such as manipulating folders, performing administrative functions, and organizing groups.

NOTE: While a compromised server cannot access your encrypted information, it is able to modify the webapp code that it serves to your browser, potentially injecting malicious code. It is recommended to use platform-native implementations, such as a browser addon, or a desktop or mobile client.

Browser Addon

https://bitwarden.com/help/article/getting-started-browserext/ 

This is where this application really shines. It brings together all of the aspects that you would want in a password manager, including auto-fill, new login creation, and of course random password generation.

The addon button looks like this, and will indicate with a popup number whether it has an auto-fill match for the site in the current tab:

2021-07-12-19-30-36-Projects · Dashboard · GitLab.png

Clicking on that button will bring up a minimized version of the web app, which looks very similar to the mobile app, and allows you to perform almost all functions that you would need to consume the service. However, the web app is still the best place to access the more advanced functionality.

Auto-Fill

The auto-fill on the add-on is straightforward. For every login, there is a field named "URI" that accepts one or more entries. This allows the browser to determine which logins are for which site. Once that has been populated, the entry will show up in the "Tab" section of the popup.

NOTE: Don't worry if you don't want to add the URI in advance. You can always search for it, and add it as you are actually using the browser add-on.

Here is a look at what that looks like:

Screenshot from 2021-07-12 20-38-37.png

From here, I am able to select the login that I want. Note that I have several different options since I have several different logins for this same URL. Matching rules can be tweaked as appropriate in the Settings section.

Desktop Client

While all clients are enabled to work offline, the desktop client is especially well-suited, as it should be included in any desktop backups that are taken, while remaining fully encrypted at rest, with decryption done in memory.

Desktop clients also feature biometric unlocks that are able to be used as an alternative for re-entering your master password to unlock it after the initial login.

Command Line Interface

Yes, Bitwarden does have an official CLI client: https://bitwarden.com/help/article/cli/ 

There also exists an alternative implementation here: https://github.com/birlorg/bitwarden-cli

And of course the script that will create the params for a new user to be created written by Andrew: https://gitlab.com/compositionalenterprises/role-compositional/-/blob/master/roles/compositional/files/bitwarden_registration_params.py 

Mobile

https://bitwarden.com/help/article/getting-started-mobile/ 

The mobile interface for this application is pretty much the same as the browser addon - it is meant to be used, and is not necessarily the best for performing administrative functions.

NOTE: For your own protection, mobile apps don't let you take screenshots.

Installs

The applications for Apple and Android are available in the App Store and Google Play respectively.

Note that for Android, the application is also available in the F-Droid repos: https://mobileapp.bitwarden.com/fdroid/ 

Unlock Options

For the initial login, your master password is of course required as it generates the data necessary to retrieve your passwords. However, after the initial login, you have the option of unlocking the application simply with your biometrics or your PIN.

Auto-Fill

The autofill will pop up once you enable it in the settings. The following prompt pops up whenever you click on a password field. This is an example of logging into ebay on a mobile browser:

Screenshot_20210712-203511_Opera.png

From there, it will switch apps to your Bitwarden app, where you can select the application to auto-fill it with. Keep in mind that the auto-fill follows all of the rules of the browser add-on.

Filters on the Home Page

Filters provide a way to look at different items in your vault based on different categorizations and tags. These tags can vary from favorites, to different types, to folders, and lastly to collections. At Compositional Enterprises on a daily basis I use collections to filter down different passwords. Clicking on a collection provides just the entries within that collection. At Home I have everything in folders based on different categories (homelab, work, school, etc..)

image-1624924251833.png