Hello everyone, I accessed my vault via app authorization from my smartphone.
I went into the settings and clicked on ‘change main password.’ I didn’t set one, so I don’t know what it is, but as soon as I clicked, I got logged out of the web portal, and then the app on my smartphone logged me out automatically as well. Now, even on the iPhone app, it’s asking for the master password, which I don’t know because I didn’t set anything. I’m in a situation where I can’t access my vault either from the web or from the app. What should I do?
Please Help me … thnx 
Please clarify “as soon as I clicked”. Clicked what and where specifically?
Also - do you have any devices (PC, etc.) that are still logged in, but Locked? If so, first thing to do is disconnect it/them from the internet (unplug cable, turn off wifi, or if it’s a phone, put it in Airplane mode). This is important to keep this logged-in but locked device (that is, if you have one) disconnected so that it cannot be logged out remotely by the Bitwarden servers.
The big problem is that both on the web and mobile app, the only way to access is by entering the master password or through the generated access code that must be authorized… but of course, the only authorized device was my smartphone. How is it possible that after clicking on ‘change master password’ on the web portal, it logged me out without letting me select the new password?"
Hi, basically, from the security section of the portal, I first selected the normal password change and entered a secure password generated by my MAC without saving it. Then, below, there is the section for changing the master password. I clicked the related button but didn’t enter any password, and immediately the system logged me out of the portal. Then, to access, it asked me for the master password.
I’m really desperate, I can’t access my vault in any way anymore…
Unfortunately, I don’t have any devices logged in… the PC logged out immediately after I clicked the button, and the smartphone, when I opened the app, immediately asked me for the master password… all of this happened in just a few seconds!
You have no currently logged on but locked devices?
I’ve never had to change my master password before. What generated the (new) master password? As with any master password, it should be something that you can recall from memory (in other words, you should never store, and indeed never need to, store your master password inside of your (any) password manager.
But it sounds like you entered a new master password that was application-generated. If that’s the case and that is what your Bitwarden vault has now recognized, the only suggestion is can you go into wherever you created that new password and see if it has a History that you can see what it created and write it down. When you say “generated by my MAC” is that an application on your Macintosh PC?
@bwuser10000 … can you send here print screen of security section of BW portal and I will explain you where I have inserted pasword or clicked the button to chanage main password?
Thnx
Well I follow that, but where did the new password that you created come from?
Also do you have your Bitwarden vault backed up? Do you have recovery keys so you can recover access via another method? Again I’ve not had to do this so I can’t relate personal experience.
he password was created by my Mac with Sequoia, I don’t have a backup, and for recovery phrases, the system provides me with words that I should verify through the app on my smartphone. But since the app is asking for the master password to access, how can I do that? The words to confirm appear in the app on my phone, and then I would have the code in Google Auth.
But actually, I didn’t want to change the master password. I only entered the password in the ‘change password’ section, not the master one… then, after clicking the master password button, it logged me out of the portal on its own, and from there, it asked me for the password!
So to be sure I understand, you created a new random master password using an app on your Macintosh. Is there a history inside of that application?
I don’t quite get why you would create a random password on device A and then type it into device B, especially for a Master Password (since a Master Password has to be something you can remember).
If you were in the web vault page on the Security settings tab and selected “Change Password”, that is how you change the Master Password.
I’m not sure I can offer any suggestions here. There are others with much more experience in disaster recovery than I who will likely offer any further assistance that they can relay to you.
One thing too, I would stop trying to access the web vault via your phone. Use your PC. Though if you can’t recall that new Master Password you’re pretty much out of luck as far as I can see.
Exactly, what you said is correct. The system generated the password for me, but I understood that it wasn’t the master password, otherwise, I wouldn’t have done that. The password I created wasn’t in the master password section, which is why it confused me. I left the created password in that field and then clicked on ‘change master password.’ As I mentioned, it automatically logged me out of the Bitwarden portal on the computer, and immediately the smartphone app logged me out as well and started asking for the new password.
If you try to access your security section from the web and take a screenshot of the password fields and send it to me, I’ll show you with arrows where the system placed them and where I clicked.
@eKKelon_R Welcome to the forum!
If you really got through with all that (screenshot) and changed your master password…:
… then you’re pretty much out of luck.
As you can see in the screenshot, some devices/apps may remain logged in up to an hour after that change. That would be your only hope now. If you had one app still logged in, disconnect it from the internet and export everything manually as soon as possible.
Otherwise, without the master password, there is nothing that can be done now.
One thing I would try, if still your old master password is in place… otherwise, a “change of the master password” should only be done, if you typed in your old and your new master password, including the “confirmation”/repetition of the new master password. If you did all that, then that is what happens… and as you can see in the screenshot(s), there are warnings that you get logged out after that.
The problem is that when I logged in, I didn’t enter my old password and then generate the new ones. I only generated the new ones and then clicked below, and automatically the system logged me out and then asked for the master password. Moreover, as soon as I opened the app on my smartphone, it also asked me for the password…
Without entering the old master password, the change isn’t even done, so that sounds a bit odd. (and either it didn’t get changed because some input was missing - or it did get changed because everything was put in)
Could it be, that your browser filled in the old master password?
And again, as unfortunate as that is, there are warnings of the logouts etc. and when you click on “change master password” - did you expect it doesn’t get changed then?
@eKKelon_R , welcome to the community! And, sorry for the situation that brought you here.
When you first created your Bitwarden vault, you created the master password on this screen. The question is what generated the passoword for you and does it maintain a history?
Without your Master Password or a logged in account, you are now in rebuild mode. Do you have an export of either your bitwarden vault, or whatever you moved to it from? As you start to build a new vault, I suggest following this getting started guide so that you never get in this position again.