Jump to content

Bitwarden Accelerator

Recommended Posts

Download: https://github.com/ajrosen/Alfred/blob/master/Exported Workflows/Bitwarden Accelerator.alfredworkflow

Source: https://github.com/ajrosen/Alfred/tree/master/Bitwarden Accelerator


I would include a link to Packal, but all I get is "The website encountered an unexpected error. Please try again later."


Bitwarden Accelerator


Interact with [Bitwarden CLI](https://bitwarden.com/help/cli/).


Key features


  • Login with username and password or API Key
  • Two-step logins with Authenticator app, YubiKey OTP, or Email
  • Copy username, password, or TOTP code to the clipboard
  • Search different fields of an item
    • Any item by its name or folder
    • Logins by username or URL
    • Cards by brand (eg., search for "Visa")
    • Identities by any field in the item
  • Favorite items are listed first
  • Download item attachments
  • Limit searches to a single vault and/or collection to prevent shoulder-surfing
  • View an item in a separate window to copy/paste multiple fields easily



Link to comment



I think the biggest difference is how they're designed.  The other workflow is essentially a single binary, while this is one is a collection of shell scripts and JQ libraries.  There are some differences in the interface that I think matter.


Theirs does a great job with favicons, but I think it looks better without them.  I find it distracting.


I really like having "show item" in a dialog window.  It stays visible while working in another app, and it's easy to copy/paste multiple fields.


I have some integration with web browsers, automatically searching for the current tab's hostname.  That was one reason I wrote LastPass Accelerator.  Bitwarden's browser extension is a lot better though, so I don't use the workflow while browsing as much.


You can set a default vault and/or collection, which is nice for work vs. personal environments.

Link to comment
On 2/21/2024 at 6:39 AM, dood said:

After entering my e-mail and password, the verification email doesn't appear to get sent out. Based on my experience with the other workflow, I think this may be related to the server URL. Would it be possible to allow the user to specify a server URL? (e.g. https://vault.bitwarden.eu)


I've implemented the changes in version 1.2.0.


Sadly it seems that logging into bitwarden.eu with the CLI is completely broken.  You might still want to try it.  Maybe it fails if you're not in the EU?


I created a separate Bitwarden account in EU.  I can login using the desktop app and the web vault.  I cannot login using the CLI, no matter what two-step method I use.  I tested email and authenticator app.  Even with no two-step method the login fails.


The other workflow has the same problem.  It gets the same response from Bitwarden (with a bonus error message that the `punycode` module is deprecated).

Edited by Andy Rosen
Download link points to new release
Link to comment
  • 2 weeks later...

I've just released version 2.0.0.  This introduces an Auto Sync option, which installs a Launch Agent that automatically syncs your vault every Sync Interval minutes.


It also fixes a bug where you're already logged into Bitwarden when the workflow tries to login to Bitwarden.


Link to comment

Hi @Andy Rosen, happy to report that I was able to use the workflow with the Bitwarden Client ID and Secret (and without needing to set a different Server URL). On my machine at least, this workflow retrieves passwords much faster than the other one – great work!


The only thing I'm not sure about is the browser integration – that section of the workflow doesn't seem to have any impact on the order of results that appear, etc.

Link to comment

Glad to hear it's working for you!


Is your browser the front-most app?  Browser matches use the browser's icon instead of Bitwarden's.  And it does not check the browser if you start entering a search term.



Link to comment

@Andy Rosen Would it be possible to add different behavior/options for credit cards? For instance, to be able to copy the credit card number upon hitting Return, or being able to view fields such as expiration month and year and CVV in the workflow itself?

Link to comment

@dood Yes!  I'm actually working on changes to automatically Show all fields for credit cards and identities.


I'd love to automatically copy different fields into the clipboard once others have been pasted.  Eg., username, password, then TOTP code, or card number, expiration, then cvv.  But I'm not aware of any way to know when the clipboard is is pasted.


Once I'm done with this change, I'm thinking of defaulting to the "next" field if the workflow is called very shortly after the previous call.

Link to comment

Interesting idea! The Show all fields option sounds great, especially for when I know certain fields by heart and as a result won't need to rely on the automatic copying function.

Link to comment

Version 2.1.0


Download link


Secure notes always copy the note to the clipboard.

Cards and Identities will always Show all fields


The auto-sync Launch Agent has been renamed to bwa-sync to make it easier to identify in System Settings.


There is now a "hidden" debug option. Setting the workflow's DEBUG environment variable to 1 will write basic log information in the cache directory.

Link to comment
  • 2 weeks later...

I hope it's okay to barge in, I just found out about this workflow: Everyone using this WF should be aware that it's based on "bw serve" which is not suited for a multi user machine. This is not a problem of the workflow itself but rather a problem of the used BW cli which allows full access to a BW account via its HTTP API without asking for any authorization whatsoever, once the server is started. Yes, it's only accessible from the local machine so it might be ok if you're willing to accept the risk (I don't because you're still exposing your secrets to everything that somehow manages to talk to localhost) if you're the only user using that machine, but if not, you should be aware of that.

Again, this is not a problem of the workflow, but still, I can't believe this API even exists.

Edited by lmrdaddy
Link to comment

You are correct, this workflow is based on bw serve, and I agree that its security model is...interesting.  But I feel it's the best option for an Alfred workflow.


The CLI itself is unacceptably slow without caching the results.  On my MacBook Air (M1 2020) it takes at least 3 seconds to execute bw list items.

$ time bw list items > /dev/null
1.063u 0.181s 0:03.16t 39.2%


Even bw get item <id> takes 3 seconds.  So there has to be something that keeps it all in RAM.  Doing that myself might have better security than bw serve if properly implemented.  I prefer not to take on that responsibility.


And I'm not even sure security could be improved that much.  I'm not aware of any macOS primitives that could address the biggest weakness (the TCP socket open to any user/process).


I do wish bw serve could at least implement Master password re-prompt.

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...