Is multiple Bitwarden accounts overkill?

Let’s say I have two types of online accounts: pseudonymous and real identity.

If I have one Bitwarden account for both, used with a Firefox (and maybe Brave on phone) browser extension for autofill, I worry that it could be possible for me to accidentally autofill a real identity username instead of pseudonymous, allowing the website know my real identity. Or maybe a cookie of some sort managed to get into my password manager and see other accounts. Are these valid concerns?

I guess I have a choice between: one bitwarden account attached to one desktop browser, or two bitwarden accounts attached to two different desktop browsers, or something in between? (I wonder if Firefox containers would be useful in keeping my online identities separated from each other and minimizing the risk of deanonymziation?)

What do you think?

I’m curious what other people do to manage their accounts and passwords, especially when juggling several levels?

You still have to select which account to use/fill before logging in. Is that not the case with Bitwarden?

Also, this is silly. If you have two accounts on the same website for both use cases, what does it matter to the website which one you use? How will the website know you have two accounts? Think this through. Don’t think you have.

WHAT?! This is not possible.

No!

What are you even trying to accomplish here? Not sure what and why you’re trying to get at in the way you are.

I just use the one Proton Pass account I have and use aliases for different accounts. I just name the accounts differently so I know which one is for what.

What you are looking for is compartmentalization. You should re-do your threat model to see if it is actually necessary for you to do this. For example, who are you hiding your pseudonym from, and why? The website? Law enforcement? Web crawlers? etc. You are not giving much information. It seems to me that you want to hide your pseudonyms from the website itself, so I will be going off of that info.

Fingerprinting. The website doesn’t “know” that you have two accounts, but any webmaster for the site can certainly guess given enough information that one account is owned by the same person of another account.

If you’re really afraid of accidentally linking your pseudonymous identity with your real identity, you should be concerned with fingerprinting as well. In this case, you want to compartmentalize those fingerprints. Use a different browser or device for your pseudonym. Don’t use any fingerprintable extensions there. Use different VPN servers. I’m not saying these tips will be 100% effective. The actual goal behind them is to ensure that the fingerprints associated with your pseudonymous identity is not also associated with your real identity.

I’ve never heard of this. What exactly are you referring to?

Seems like an XY problem. Their concern is not Bitwarden exactly, but accidentally linking their pseudonymous identity’s fingerprint with their real identity’s fingerprint. They are talking about the possibility of human error with autofill.

There are ways to mitigate if not eliminate this concern if it is important. It’s a non issue.

Yep, which is what my reply was about.

As I said, this post seems to be an XY problem. OP thinks Bitwarden is the question to ask, while the real issue they should be concerned with is fingerprinting. I didn’t say it was an unsolvable issue, I said it was the issue OP should be concerned about.

Yes, thank you for reminding me about fingerprinting. My two follow-up questions would be:

1. Is it necessary to use different browsers to minimize unique fingerprint if I am merely using a hardened firefox with bitwarden?

2. Is it possible to have different VPN locations routed to different applications, rather than having to switch VPN manually each time I use a different browser (and/or (set of) accounts))?

And back to my original post, I guess I am asking:

3. Are there any significant privacy risks, tied to human error or otherwise, to using the same bitwarden (or other password manager extension) account for all accounts, including those tied to real identity and pseudonymous identity?

First, my concern with browser autofill is browser extension vulnerabilities. I suggest against enabling autofill.

Second, depending on extension design, it should allows you to pick which one to fill, if it sees multiple matches.

Third, as other members said, browser fingerprinting would be another keyword here.

This would be the browser extension vulnerability I mentioned above.

To your original question, in terms of data privacy, there is no tangible benefits for having multiple vaults and link each in different browsers. It does prevent you from basic manual errors, though.

To your following up questions,

I don’t understand your question, what is that dedicated hardened firefox for? just to retrieve credentials from Bitwarden?

I guess you are referring to split tunneling? Or Safing SPN? I am not sure.

I think that would be some of my responses above.

I tried to keep my response short, let me know if it is unclear or I got something wrong.

Yes I think as bitwarden is e2ee, multiple accounts won’t solve anything

I guess there’s two issues here:

Extension vs Desktop Application

I think it’s probably better to keep it simple and do extension to lessen the chance of human error which I guess was the concern which motivated my original post (and my decision to use password managers in the first place). The extension vulnerability you mention seems quite serious, but I’m thinking maybe such an attack would only occur on a very dodgy website, and could perhaps be mitigated by avoiding such websites, or using a dedicated Tor or Mullvad browser with no extensions for browsing in strange areas.

Avoiding Fingerprinting

Avoiding Fingerprinting is why I suggested two (recommended) browser setups: one for accounts attached to a password manager account for a set of real id accounts, and another for pseudonymous accounts.

I’m not sure how much a difference this would make, and I’m reminded of this post: comparing fingerprints seems like an essential skill for digital privacy folk like us, yet it is rarely discussed and seems quite difficult to do to get clear results on the extent to which altering a setup reduces uniqueness.

Same applies for the risk of having a more unique fingerprint by using a password manager extension. It’s quite annoying how PrivacyGuides both recommends against using extensions, while also recommending password manager extensions.

My suggestion of routing network traffic to different VPN locations per application seems like an extremely important way to prevent fingerprinting. So I’m thinking a different browser for different purposes/risk, and a different IP address per browser to minimize fingerprinting between them. Yet I’ve never seen this discussed anywhere, but it can hardly be too hard to implement, nor too costly for the VPN provider; Mullvad allows 5 active devices per account… why not make it 5 active locations per device, setup with the same level of ease as split tunnelling. Another suggestion, while I’m on the topic, is the ability to randomize VPN location per session. Again, such a shame Mullvad doesn’t have this feature, and I wonder if others do.

Returning to Initial Question: Multiple Bitwarden accounts?

Well, I think the rationale behind multiple makes sense in light of my suggestion of multiple browsers to minimize fingerprint, and to mitigate the risk posed by the extension vulnerability you suggested, and I guess it could also lessen the risk of human error causing a deanonymization of a pseudonymous account.