I have run a vaultwarden installation for my organization for a couple of years now without problem. Today everybody is getting nasty “Deceptive site ahead” screens injected by google chrome when they try to visit the site or use the browser plugin. The rest of the screen says:
“Attackers on may trick you into doing something dangerous like installing software or revealing your personal information (for example, passwords, phone numbers, or credit cards).”
Has anybody else had this problem before? I used the “Report a detection problem” link that appears when you click the details button and told google its my own vaultwarden installation.
I think the problem is how similar the login screen is to bitwarden’s. Is there any way to change that header image on the login screen to say the name of my company, or something similar?
This issue has been seen in the past. But has nothing to do with Vaultwarden it self. It’s probably a flag on the (sub)domain which contains Bitwarden in the name i guess.
1 Like
I was pretty sure it wasn’t a technical issue. I think it’s just because it says “Bitwarden” at the top and basically looks just like Bitwarden web login page, so google thinks it looks like a phishing page. That’s why I was wondering if there would be an easy way to show a different logo or text at the top.
Then i think you are not using the latest version of Vaultwarden. Since this should be fixed already in v2022.12.0 version of the web-vault. There we changed all the logo’s and names to Vaultwarden.
Ok, I just updated the container and see the change. Hopefully, when google gets around to checking my report, they’ll see the change and lift the warning. Thanks!