github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-06-11 09:06:13 -05:00
Code Issues 2.2k Packages Projects Releases 127 Wiki Activity

[GH-ISSUE #6357] [PM-30786] Password generator creates a new password at each focus gain #102486

New Issue
Closed
opened 2026-06-03 02:23:37 -05:00 by GiteaMirror · 7 comments
GiteaMirror commented 2026-06-03 02:23:37 -05:00
Owner
Copy Link

Originally created by @gitPhate on GitHub (Jan 14, 2026).
Original GitHub issue: https://github.com/bitwarden/android/issues/6357

Steps To Reproduce

  1. Create a new login entry
  2. Click the icon to generate a new password
  3. Copy the generated password
  4. Switch to another app without closing bitwarden (e.g. the app you're registering to)
  5. Go back to bitwarden

Expected Result

By doing the steps above, I'm expecting the generated password to stay the same I copied at step 3

Actual Result

Once you go back to bitwarden at step 5 the password changed and is not the one you copied at step 3.
You don't save the generated password until you know it is accepted by the registration process, because sometimes you set some generation rules that are not allowed in the app / website you're registering to, so you go back and change them.
More than once I saved a new password instead of the one I used in the registration process because I did not realize it changed; there is also a button to generate a new one so it should be up to the user to generate a new password and not the app at each focus change because

Screenshots or Videos

No response

Additional Context

No response

Build Version

2025.12.0 (21003)

What server are you connecting to?

US

Self-host Server Version

No response

Environment Details

  • Device: OnePlus 12R
  • OS: OxygenOS 16

Issue Tracking Info

  • I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
Originally created by @gitPhate on GitHub (Jan 14, 2026). Original GitHub issue: https://github.com/bitwarden/android/issues/6357 ### Steps To Reproduce 1. Create a new login entry 2. Click the icon to generate a new password 3. Copy the generated password 4. Switch to another app without closing bitwarden (e.g. the app you're registering to) 5. Go back to bitwarden ### Expected Result By doing the steps above, I'm expecting the generated password to stay the same I copied at step 3 ### Actual Result Once you go back to bitwarden at step 5 the password changed and is not the one you copied at step 3. You don't save the generated password until you know it is accepted by the registration process, because sometimes you set some generation rules that are not allowed in the app / website you're registering to, so you go back and change them. More than once I saved a new password instead of the one I used in the registration process because I did not realize it changed; there is also a button to generate a new one so it should be up to the user to generate a new password and not the app at each focus change because ### Screenshots or Videos _No response_ ### Additional Context _No response_ ### Build Version 2025.12.0 (21003) ### What server are you connecting to? US ### Self-host Server Version _No response_ ### Environment Details - Device: OnePlus 12R - OS: OxygenOS 16 ### Issue Tracking Info - [ ] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
GiteaMirror added the bugapp:password-manager labels 2026-06-03 02:23:38 -05:00
GiteaMirror commented 2026-06-03 02:23:40 -05:00
Author
Owner
Copy Link

@bitwarden-bot commented on GitHub (Jan 14, 2026):

Thank you for your report! We've added this to our internal board for review.
ID: PM-30786

<!-- gh-comment-id:3749021964 --> @bitwarden-bot commented on GitHub (Jan 14, 2026): Thank you for your report! We've added this to our internal board for review. ID: [PM-30786](https://bitwarden.atlassian.net/browse/PM-30786) [PM-30786]: https://bitwarden.atlassian.net/browse/PM-30786?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ
GiteaMirror commented 2026-06-03 02:23:41 -05:00
Author
Owner
Copy Link

@pamperer562580892423 commented on GitHub (Jan 14, 2026):

Another user here.

You don't save the generated password until you know it is accepted by the registration process, because sometimes you set some generation rules that are not allowed in the app / website you're registering to, so you go back and change them.

I do see the issue, but tip: I would recommend to just save the generated password. If it isn't accepted by the site, you can just as easily generate and save a new one.

<!-- gh-comment-id:3749116654 --> @pamperer562580892423 commented on GitHub (Jan 14, 2026): Another user here. > You don't save the generated password until you know it is accepted by the registration process, because sometimes you set some generation rules that are not allowed in the app / website you're registering to, so you go back and change them. I do see the issue, but tip: I would recommend to just save the generated password. If it isn't accepted by the site, you can just as easily generate and save a new one.
GiteaMirror commented 2026-06-03 02:23:41 -05:00
Author
Owner
Copy Link

@gitPhate commented on GitHub (Jan 14, 2026):

@pamperer562580892423 that's quite obvious, but it requires more taps in case you need a new password.
But my point is about the password silently changing without any warnings

<!-- gh-comment-id:3749255758 --> @gitPhate commented on GitHub (Jan 14, 2026): @pamperer562580892423 that's quite obvious, but it requires more taps in case you need a new password. But my point is about the password silently changing without any warnings
GiteaMirror commented 2026-06-03 02:23:41 -05:00
Author
Owner
Copy Link

@pamperer562580892423 commented on GitHub (Jan 14, 2026):

But my point is about the password silently changing without any warnings

I understand that - and kind of agree with you, even.

But saving the new item directly has another advantage: in case you get disturbed in the process, you can't forget to store the login item. In your workflow, you create the account first, and then store the login item, while creating the login item (and storing the password) first always ensures you can't "forget" that.

<!-- gh-comment-id:3749289142 --> @pamperer562580892423 commented on GitHub (Jan 14, 2026): > But my point is about the password silently changing without any warnings I understand that - and kind of agree with you, even. But saving the new item directly has another advantage: in case you get disturbed in the process, you can't forget to store the login item. In your workflow, you create the account first, and then store the login item, while creating the login item (and storing the password) first always ensures you can't "forget" that.
GiteaMirror commented 2026-06-03 02:23:42 -05:00
Author
Owner
Copy Link

@gitPhate commented on GitHub (Jan 14, 2026):

@pamperer562580892423 As I was saying it's not about the workflow, it is about the password generation. I understand your point but it is off topic on this issue.

<!-- gh-comment-id:3749679333 --> @gitPhate commented on GitHub (Jan 14, 2026): @pamperer562580892423 As I was saying it's not about the workflow, it is about the password generation. I understand your point but it is off topic on this issue.
GiteaMirror commented 2026-06-03 02:23:42 -05:00
Author
Owner
Copy Link

@pamperer562580892423 commented on GitHub (Jan 14, 2026):

FWIW, the behaviour you describe is in alignment with how e.g. the browser extension operates (or rather the generator in general). - It remains to be seen if this is considered the expected behaviour or a bug.

<!-- gh-comment-id:3749730979 --> @pamperer562580892423 commented on GitHub (Jan 14, 2026): FWIW, the behaviour you describe is in alignment with how e.g. the browser extension operates (or rather the generator in general). - It remains to be seen if this is considered the expected behaviour or a bug.
GiteaMirror commented 2026-06-03 02:23:42 -05:00
Author
Owner
Copy Link

@Krychaz commented on GitHub (Jan 15, 2026):

Thank you for taking the time and reporting this.

I have discussed this with our Product Team who agreed that this would need to be treated as feature requested. While the behaviour can definitely be improved, it currently matches the behaviour on our other clients.

<!-- gh-comment-id:3755788146 --> @Krychaz commented on GitHub (Jan 15, 2026): Thank you for taking the time and reporting this. I have discussed this with our Product Team who agreed that this would need to be treated as feature requested. While the behaviour can definitely be improved, it currently matches the behaviour on our other clients.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label app:password-manager bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#102486
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?