search

bitwarden / server

Bitwarden infrastructure/backend (API, database, Docker, etc).
https://bitwarden.com
Other
15.51k stars 1.31k forks source link

Have a "Trash" to keep (accidentally) deleted passwords #134

Closed rggjan closed 6 years ago

rggjan commented 6 years ago

It would be great if all deleted passwords were stored in a "Trash" (at least for some time) to prevent users from accidentally and unrecoverably deleting passwords.

yfdyh000 commented 6 years ago

Similar to https://github.com/bitwarden/browser/issues/118 and #33.

rggjan commented 6 years ago

Thanks for the links! I think it is complementary to https://github.com/bitwarden/core/issues/33. Although conceptually similar, the UI and technical implementation will be quite different (and almost independent) I imagine.

https://github.com/bitwarden/browser/issues/118 is closer to what I was thinking of, however I guess it would make sense to have this feature in the core and not separately for the browser / mobile / web vault...

pauldalewilliams commented 6 years ago

This is an important enhancement for all use cases I think. At least from an enterprise perspective I'd feel much better about bitwarden if this were available. Sure, you have to confirm the deletion, but it's easy to get a little click happy and delete something unintentionally. This should apply to notes, cards, and identities as well.

I'd suggest clearing out items older than 30 days automatically and also allowing users to immediately delete an item from Trash if desired.

rggjan commented 6 years ago

I feel that if automatic clearing after 30 days is implemented it should be optional... I don't mind having deleted items around a bit longer, just in case.

pauldalewilliams commented 6 years ago

@rggjan I was following LastPass's model. I'm not sure how complicated it would be to make this a user preference - either do/don't delete after 30 days OR allow the user to set a desired number of days with 30 as the default (and still keep an option to retain forever/until manually deleted).

rggjan commented 6 years ago

@pauldalewilliams I'm aware this is what LastPass does. If you ever accidentally deleted a (hard to recover) password more than a month in the past, you will understand why I hated this LastPass autodelete "feature"... ;)

kspearrin commented 6 years ago

We are moving away from tracking Bitwarden feature requests like this one as GitHub issues. We have created a Bitwarden Community Forum which has a section for submitting, voting for, and discussing product feature requests. Please sign up on our forums if you want to continue contributing to feature requests.

Since this was a popular feature request we have already re-created it on the forums and linked back to this GitHub issue for reference. You can vote for this feature request there if you'd like.

https://community.bitwarden.com/t/soft-delete-items-to-trash/32

This issue will now be closed. Thanks!