search

bitwarden / clients

Bitwarden client apps (web, browser extension, desktop, and cli).
https://bitwarden.com
Other
8.98k stars 1.18k forks source link

Autosave is saving literal `...............` as the password for some sites #2288

Open tangowithfoxtrot opened 2 years ago

tangowithfoxtrot commented 2 years ago

Steps To Reproduce

  1. Go to an affected website. I encountered this on Battlenet.
  2. Go through their account creation process. Log out and back in so the extension can detect the credentials.
  3. Use the "Save" option when prompted by the Bitwarden browser extension.
  4. View the newly-saved item. Use the "Toggle Visibility" button to reveal the password.

Expected Result

The password that was entered gets saved.

Actual Result

Password gets saved as literal ................ characters.

Screenshots or Videos

image

Additional Context

No response

Operating System

Windows, Linux

Operating System Version

Arch Linux + Windows 11 Pro

Web Browser

Chrome, Firefox

Browser Version

Firefox 96.0.1 + Chrome 97.0.4692.99

Build Version

1.55.0

ElectricityMachine commented 2 years ago

Able to reproduce on my machine. This also happens when you log in and click "Update" when BW prompts you to update a "changed" password. Luckily, there's password history so I can revert it, but the exact same thing happened to me.

OS: Win 10 21H2 Browser: FF 96.0.2 Build Version: 1.55.0

coolfarmer commented 2 years ago

F*ck, I'm screwed. My battlenet account is behind an auth code, I can't change my password without this code. My BattleNet auth app is logout ... RIP

Password history can't help me, too far away.