I have just set up a new Pixel 9 Pro XL with 2024.8.0 (18985), and I’m surprised I can’t set the app to “Lock: Never” anymore.
During setup of the phone, where I needed to login to 50+ apps, I’ve been logged out multiplke times, and even when it’s ‘only’ locked I need to press “login with biometrics” as an extra step instead of this being the default.
This is a massive hit to usability, and it requires me to unlock or even re-login when I just want to quickly fill a password.
@koehntopp To me that sounds like a massive gain in security. I never even understood, who would set up one or even four hours as lock-time, let alone “never”. So I hope it’s not a bug, but a security enhancement.
Each person has their own use for BW. To you, one hour may be a security issue. To someone else, it’s their SOP. Making a blanket statement means not understanding how someone else may use a program.
The OP clearly stated he was setting up a new phone. He doesn’t want to login in repeatedly. Seems like a perfect use of a longer “stay logged in” time.
But the security issue doesn’t depend on “opinions”. Having a vault unlocked for longer periods of times is not recommended (unencrypted in memory…). For my taste, it is far too convenient for a person who doesn’t understand the security implications (PS: I don’t mean you or OP - I mean it in general here, for all people who start with Bitwarden e.g.), to set it to “never”, so that I often thought, “never” shouldn’t be an option at all.
The timeout time works as “after last use, stay unlocked for XX time”. 4 hours after the last use of the vault still being unlocked is not enough for the set up of a new phone?