UI/UX Improvements for multiple accounts which share a passwordΒ #397
Description
Hey all,
I work at a large corporation, and while we have a centralized Active Directory/LDAP authentication backend, most of our services have their own UI for it. Among others:
- SAML login through our internal SAML IdP
- Grafana
- Jenkins
- GitLab
- ...and dozens more
This makes a password manager incredibly useful, but also incredibly cumbersome whenever you do a password change. As a result, I'd like to put forward the following usability improvements for consideration.
First, and likely the easiest, a way to display entries which share a password. Safari has an example interface for this, allowing users to see in their list which entries share the same password as others, and how many. This could significantly assist with reducing password re-use by users.
Secondly, technically easy but more UI/UX work, a way to group entries which share an identical login/password, and, ideally make batch changes to them. Even just a way of saying "Take all of these accounts and change their password to X".
Thirdly, and likely far more complicated, a way to either:
- "Associate" multiple entries
- Set a "master" credential to be offered for subdomains under a specific domain.
I have dozens of saved "credentials", all of which are identical credentials stored multiple times for multiple URLs. If I could either manually say "these are all the same login, treat them as one" or "Save this login as my corporate/enterprise/ credential", then be prompted for "What is your internal domain to use this with?" so that that entry is only stored once. Optionally, disable any of those entries from syncing to other systems (so that my Firefox at home doesn't get my corporate credentials).
It would be extremely nice if, when logging in to our internal Jenkins with a changed password, I could be prompted to "Would you like to update the saved credentials 'Corporate Active Directory'?" with prompts for "Update", "Save as new credential", or "Ignore".