No report as weak password in case of same password and username

Hello,

I noticed yesterday, probably a wrong copy/paste in one of our login, that have the same password and username. I checked in the weak passwords report if the login was reported there, but sadly no.

Is this a wrong configuration or a missing feature of the weak passwords report ?

There is a separate report for reused passwords?

No, I think I wasn’t clear when I described the problem. My username is an email address, and the password is the same email address, probably due to a wrong copy/paste at the creation of the login. IMO, this case should be reported in the weak passwords report, but it’s not. We also have tons of passwords as we use Vaultwarden in our company and checking all shared password one by one is not an option.

This is a client side feature. I would suggest to report this at Bitwarden. They maintain and build all clients.

I noticed that as well, it is misleading to claim that the password is weak when it is duplicate, this is shown in the vaultwarden web app

The Vaultwarden web-app is just a fork of Bitwarden web-app with minor changes like logos and naming and some small other items so that it works with Vaultwarden, no features are added or modified.