Wallet Password Size Limitations

Frazzle

The wallet password has a size limitation of 31 characters if I remember correctly. I wanted to use the password stored in my security key (yubikey) as my wallet password but it is 38 characters. Using the security key I don't have to remember a long complicated password or be bothered with typing it in. Why do they have a restriction on the length of the wallet password and why don't they get rid of this restriction? Having to remember and type in long complicated passwords just makes the safepay wallet cumbersome and more difficult to use!

Alexandru_BD

Hello @Frazzle,

This is, indeed, a limitation. Given the fact the new Password Manager was launched, there are no future plans for development of the Wallet.

I am sorry for the inconvenience. I would recommend testing the latest Password Manager, as it has so much to offer compared to the Wallet, it's really a game changer and more upgrades are planned in the next releases this year. And you can easily import your passwords from the Wallet by following the steps described in the article below:

https://www.bitdefender.com/consumer/support/answer/2108/

Best regards.

Frazzle

I think the problem here is that most people already use a different password manager and don't need the hassle of switching over to the Bitdefender password manager. That is certainly my situation. It's also my understanding that only the Wallet and not the Bitdefender Password Manager can be used with Safepay in Bitdefender Total Security to autotype in saved user names and passwords. That's why it seems totally illogical to me that they wouldn't still be improving and supporting an important feature that is a unique and integral part of Bitdefender Total Security? From what I've experienced the Wallet has some serious limitations besides it's 31 character password limitation. It's very limiting in it's storage of additional log on information such as answers to log in security questions or static second factor passwords. Seems to me it could use a lot of improving that could make using it so much simpler. The problem and strength of Safepay is that it blocks everything else on your computer while using it. It's cumbersome to have to move back and forth between the Safepay window and your normal desktop to copy and paste information that can't be accessed in the Wallet! Trying to use a second factor authentication app is a good example of this. Kaspersky had a more usable solution although it might not have been as secure, although I'm not certain of that. They have a SafeMoney hardened security browser which is totally accessible on the desktop and by all your desktop programs. I could use my existing password manager to autotype into this SafeMoney browser and all my secondary log in information was readily accessible for me to copy and paste. All my second factor authentication programs could be used while the SafeMoney browser was running and were easily accessible. It was a far more user friendly solution although I'm not sure how it would compare security wise. Like most people for better security I'm willing to sacrifice a little usability convenience. but honestly, how hard can it be to get rid of a password length limitation and improve what information can be stored and accessed in the Wallet. In my opinion, if they continue to use the Wallet in Safepay they should be supporting and improving it!

Alexandru_BD

It's true that the Wallet has other limitations as well. Being a module with basic functionality, It is available only on Windows and does not work on Mac, Android, or iOS devices. So the engineers had to come up with a password manager compatible with these operating systems and at the same time, one that lived up to the Bitdefender standards, assuring the highest data security through the latest, military standard, cryptographic algorithms – AES-256-CCM, SHA512, BCRYPT, HTTPS, and WSS protocols for data transmission.

Password Manager is using an end-to-end encryption system, which means all data is encrypted and decrypted only locally on your device. This guarantees that no one, except the account holder who knows the master password has access to the passwords.

Password manager never stores or transmits the master password, which means no one else can access your vault in the unlikely event of a data breach.

Bitdefender Password Manager is ISO 27001 and GDPR compliant.

The Wallet operates on a different architecture which could not be upgraded to such security levels. Furthermore, there was the browser compatibility involved. The Wallet integrates with Chrome, Firefox, Internet Explorer and Bitdefender Safepay only. Password Manager has been made available with Chrome, Firefox, Microsoft Edge, and Safari (coming soon) across Windows, macOS, Android, and iOS. Unlike Password Manager, the Wallet does not offer master password recovery options: if you forget your Master Password you lose all your passwords. Wallet functions are limited to autosave & autofill, auto-lock, and a password generator. On the other hand, with the Password Manager, if you forget your master password, you can always reset it and regain access to your data. It has a plethora of bonus features that increase your privacy: autosave & autofill, password generator, password quality check, search & delete password duplicates, (un)hide passwords as you type them, security reports, password leak alert, secure notes, remote logout, biometric unlock on mobile devices.

The service is quite new and not in its final form, as more upgrades are expected to arrive in 2022. One of the biggest concerns and pain points reported by multiple users is the necessity to login every time. This however will be fixed in the upcoming release. A "Remember me" feature will be implemented and this is tied to the Safari extension for which the developers are awating for a green light from Apple, as the request has been already submitted. It is uncertain at this point if the Password Manager will provide cross functions with Safepay, this is too soon to tell, as the developers already have ongoing improvement plans on the table for now. It's definitely a more flexible service that offers more development opportunities in the future. I understand that some users may use a different password manager and it's totally fine, of course. But there was really the need to develop a more performant password manager, to ensure the protection and security levels for which Bitdefender is known for.

Nevertheless, I will forward your feedback to our development teams for analysis, as the Expert Community has proven such a valuable source of ideation and suggestions of improvement and our product managers are delighted to receive user feedback. The truth is, the most relevant and important feedback always came from the users and this helped shape the solution set we have today.

Best regards and thank you for being a valued member of our Community.