Can anyone help me with logging in to Bitwarden on my laptop windows 10 using chrome? Is it possible to use a fingerprint reader on my laptop, which I do have one, in opening this app in place of master password? If so, how do you do it, as i do not see any options for this.
The issue is that each time I want to login, i have to enter my master password which is quite long and easy to mistype. Is there any setting to disable using the master password for a certain time period?’ I do see the settings under “options” to vault timeout action being “locked” or “logout.”
I have it set to lock as I have 2FA verification on this and do not want to have to re-authenticate the manager again to enter. I also have it set to 1 hour as the vault timeout, but each time I minimize this screen, which actually sends it to the app itself and not in a minimized window, I end up having to enter my master password again to get into my vault. I am either doing something incorrectly or this program is not meant to be minimized, because it does not minimize to reenter on clicking on the app in the taskbar.
This also appears to do it on my iphone also, but at least I can use my fingerprint to reopen.
I cannot believe that this app has to have a password re-entered on each attempt to use it. I have to be doing something incorrectly or the settings are not correct.
My goal is to be able to log in with a master password and a 6 symbol authentication app as my 2FA and to be able to disable it for each device i am using the 2FA on. This is a feature on many sites whereby the login site remembers your 2FA device for a given time. However, it is not remembering my master password ever in Bitwarden. Even if I had a fingerprint method of using on my laptop, I could use it for that, but I do not see one to use for laptop.
Can someone share with me how they use the manager and if I am doing something wrong, as i have to have all these websites locked down with hard passwords and in many cases I am using Yubico Authenticator as my 2FA app and use the touch key method since this allows me more latitude in using my password manager on any device, and it is not registered by key for only one computer. Yubikey users will know what I am talking about with that.
Yes, you can set a PIN code or use biometrics to “lock” your vault so that you don’t have to type in your master password each time. But note that your Bitwarden app/client must be running in the background for this to work - this is a security feature so that your encryption key is protected in memory rather than having it stored on disk. If you REALLY want to have unlock persist, even after closing the BW app or browser extension, this is possible too, but not recommended. More details can be found here:
Regarding the biometric prompt on iOS every time you use a password, that’s an Apple feature not Bitwarden, unfortunately. Your BW app will respect the vault timeout features you suggest, but iOS will prompt you to verify your identity each time you want it to autofill a password (doesn’t matter if it is Keychain, Bitwarden, etc.).
Hello and thank you for replying to my topic post.
Are you referring to using biometric with Windows 10? Or are you referring to setting biometric option on mobile app?
From what I read there is no option to set biometric login on Windows devices. I really like BW alot as my password manager and it is an absolute need today. I just don’t feel I have it set up properly on my desktop.
Can you suggest a better way to use it without having to enter my master password while it is opened and then after a short interval, I have to re enter MP again. Even though time out is set at 30 min.
Is the biometric login via mobile or desktop hackproof? I assume I could just go to BW website and lock my account if that were to lose any device.
I guess I am very concerned, maybe too much, on security as I was a victim of two account hacks where my login info was compromised as well as my Google 2FA app was hacked. How my 2FA could be hacked without the use of my device still baffles me, but it was hacked. I now use a Yubikey to secure all accounts and email addresses. I even have BW secured with a Yubikey so no one would ever be able to hack into any account without having that Yubikey.
I just want to note here the difference between the Vault timeout options.
When the vault is “Locked” then the encryption key for the local cached vault is stored in memory. At no time is your local vault stored unencrypted (though I believe if you set the option to never timeout the encryption key is stored on disk rather than in RAM. Which is obviously a security trade-off and comes with an appropriate warning to the user).
When the vault is “Logged out” then you will always need to re-authenticate with Bitwarden by providing your master password and possibly 2FA depending on if you chose to “remember this device” during 2FA.
Should you ever suspect you vault may have been compromised you can always Deauthorize all login sessions.
Several other good tidbits to know are also found in the linked FAQs section of the Bitwarden documentation.