clients icon indicating copy to clipboard operation
clients copied to clipboard
verified publisher icon bitwarden

BW autofill enters invalid password at specific and consistent but random URIs, whereas manual copy+paste doesn't.

Open RokeJulianLockhart opened this issue 2 years ago • 7 comments

  1. Steps To Reproduce

    As https://community.bitwarden.com/t/how-to-get-list-of-every-vault-entry-with-disabled-autofill/57201?u=rokejulianlockhart explains:

    1. Visit the undermentioned URIs:

      • https://www.artstation.com/users/sign_in,
      • https://www.npmjs.com/login,
      • https://theadulthub.com/login.aspx, or
      • https://lemmy.world/login.

    2. Autofill credentials with Bitwarden.

    3. To demonstrate that autofill is the cause, replace those credentials with credentials manually duplicated to and from the clipboard (from Bitwarden if desired).

  2. Expected Result

    Autofilling credentials should not prevent authentication if the credentials are correct.

  3. Actual Result

    Autofilling the credentials causes authentication to fail, whereas manual provision of identical credentials allows authentication to succeed.

  4. Screenshots or Videos

    Edit by @djsmith85: Removed the video and attached it to an internal ticket.

  5. Additional Context

    1. Do not merge this with https://github.com/bitwarden/clients/issues/1621#issue-811491652. Please read the report carefully.
    2. All credentials provided in this report are deliberately public, albeit undesirably so, since I merely don't possess the skill necessary to modify the provided footage.

  6. Operating System

    cpe:/o:opensuse:tumbleweed from https://get.opensuse.org/tumbleweed/#download.

    1. Version

      cpe:2.3:o:opensuse:tumbleweed:20240131:*:*:*:*:*:*:*

  7. Web Browser

    https://software.opensuse.org/download/package?package=MozillaFirefox&project=openSUSE%3AFactory#directopenSUSE

    1. Version

      https://download.opensuse.org/repositories/openSUSE:/Factory/standard/x86_64/MozillaFirefox-122.0-3.2.x86_64.rpm

  8. Build Version

    https://addons.mozilla.org/firefox/downloads/file/4219948/bitwarden_password_manager-2024.1.1.xpi

  9. Issue Tracking Info

    • [X] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

RokeJulianLockhart avatar Feb 08 '23 18:02 RokeJulianLockhart

Hi there,

Thank you for your report!

I was able to reproduce this issue and have flagged this to our engineering team.

If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time - our engineering team will be happy to review these.

Thanks once again!

joshuabjordan avatar Feb 08 '23 19:02 joshuabjordan

https://github.com/bitwarden/clients/issues/4697#issuecomment-1423097587

@joshuabjordan, has there been any progress? This issue appears to remain, and is more important now that autofill appears to be enabled automatically. Reported at help.artstation.com/hc/en-us/requests/317461.

RokeJulianLockhart avatar Aug 16 '23 00:08 RokeJulianLockhart

This is increasingly common now, and, for me, encompasses Paypal starting a few weeks ago. Both PC and Android appear to fill the text correctly, however, when pressing the button, website claims control is not filled. Typing, pasting, etc works.

Attempting to select the text field after being filled reveals that it is indeed empty, as if the field is filled in the placeholder text not in text (I am not a web developer. The text you get when field is empty).

IMNdi avatar Jan 14 '24 09:01 IMNdi

My details might be different but I assume this is related.
I had trouble logging into Paypal too. In my case it appears Bitwarden was injecting the TOTP code prematurely. (On the Paypal login page after only entering my email address it gave a warning about an invalid code.) In Bitwarden I ticked off "copy TOTP automatically" and then I could log in okay (manually copying the code when needed, of course).

corey851 avatar Feb 05 '24 22:02 corey851

Autofill doesn't work for me at all on PayPal. Have to copy paste all 3 inputs (user, PW, Totp) manually. This is on Firefox.

eylenburg avatar Mar 27 '24 08:03 eylenburg

ArtStation recently replaced their login dialog. ~~For the first time, it now appears to function with BW autofill. Comparing it and its predecessor may yield useful information. Unfortunately, https://web.archive.org/web/https://www.artstation.com/users/sign_in is inaccessible due to CloudFlare. However, its replacement, I have provided: https://github.com/user-attachments/files/16336681/ArtStation.-.Sign.In.22_07_2024.17_02_43.zip~~

RokeJulianLockhart avatar Jul 22 '24 16:07 RokeJulianLockhart

https://github.com/bitwarden/clients/issues/4697#issuecomment-2022236172

@eylenburg, it's always functioned for me on PayPal, interestingly. @eylenburg or @corey851, does ArtStation perhaps work for you (if you have an account)?

RokeJulianLockhart avatar Aug 06 '24 17:08 RokeJulianLockhart

⚠️ Stale Issue Notice

This issue has been automatically marked as stale due to inactivity. It will be closed in 2 weeks (October 15, 2025) if no further activity occurs.

If this issue is still relevant and you would like to keep it open, please:

  • Comment on this issue to show continued interest
  • Provide any additional information or updates
  • Confirm that the issue still exists in the latest version

Thank you for your contribution to this project! 🙏

closebot-bw avatar Oct 01 '25 18:10 closebot-bw

Confirm that the issue still exists in the latest version

@closebot-bw, ~~although ArtStation somehow remediated this when they redesigned their login page~~, this continues to reproduce at Lemmy (autofill breaks it, but pastage operates as expected):

https://github.com/user-attachments/assets/9d77bc85-8387-4a7d-8b9e-0ba7dc43b489

Confirmed in 2025.9.2.xpi:

Version: 2025.9.0
SDK: 'main (ab3c7db)'
Server version: 2025.9.2

RokeJulianLockhart avatar Oct 01 '25 22:10 RokeJulianLockhart