Hacker News new | ask | show | jobs
by xref 1981 days ago
That sucks though I’m not sure your story supports “the Bitwarden process for unsharing is broken”. If you could remove shared passwords from someone else’s vault wouldn’t that just leave _you_ with access, effectively locking out your spouse?
2 comments
bronco21016 1981 days ago
You can’t unshare them from the organization. Say you create an entry for Bank of America. You then later share that entry with the “Family” organization. That entry now forever lives with that organization unless you delete it and then make a new entry again in your personal vault.

A more user friendly approach would be for the entry’s ownership to always remain with the original creator and simply share that entry with the organization. You could then later revoke sharing the entry with others or the organization. This is how almost every other file sharing works.

I’m sure there are underlying issues, especially since the goal is for it to be cryptographically secure, it’s just not a very user friendly system and as I said it’s ultimately my own fault what happened to me.

link
xref 1980 days ago
Yeah I understand, I’m just saying in this case that feature would allow you to lock out your spouse effectively
link
bronco21016 1979 days ago
Which was exactly what my spouse did to me by having access to the password and then changing it with the utility company and not updating it in the password manager.

I think as another commenter said we’re complaining about the wrong piece of the flow. Important accounts like utilities should have a mechanism where as many users as necessary are tied to an address. In many households it will be one user but in some it might need to be 2, or in the case of roommates 2+.

We can have multiple users tied to our mobile phone service provider so why not the gas or electric?

link
cosmie 1980 days ago
Sounds like you can already do that with the "delete from org + recreate in personal" workflow, so an "unshare" button would just be streamlining that existing capability.
link
leetcrew 1980 days ago
the larger (but difficult to fix) issue here is that these important services don't seem to offer a good implementation of a joint account. if two people live in the same house, they should both have access to the account with the utility company to view balances and make payments, but neither should be able to lock the other out without some formal process. having multiple people share the same credentials is an antipattern.
link