Hi folks
On my Android S24 (SM-S921B/DS), I’m running Bitwarden App V 2024.7.1 (11086).
I’ve enabled biometrics to unlock the vault.
I had registered 2 fingerprints. Everything was working fine. The vault could be opened with my 2 fingerprints.
Then I added an additional fingerprint. I was able to unlock the vault successfully with the existing and the new fingerprint, instead of getting a message like “Biometric unlock for this account is disabled pending verification of master password.”
So in case, someone knows (or guesses or secretly looks at) my device pin, he would be able to add his own fingerprint and get access to my vault.
Could someone else with a S24 verify this? Are other phones also affected from this?
(unfortunately, you have to re-enable biometrics on other apps like your banking account, because of the change in the biometrics. Before testing, please make sure, you have all your app codes / passwords for doing this. This would be the expected behaviour, also for the Bitwarden app)
Thank you