So I luv Bitwarden and so it is extremely frustrating that they do not have a phone number for support. So my email (Bitwarden ID) is compromised and I cannot get into the email.. MIcrosoft s&^%ks. Unfortunately I cannot find a work around to use another email other than my ID to get a confirmation link. Any ideas..
So I just was able to get Todd at Bitwarden only through email after pressuring a sales rep. I appreciate the response, supposedly they can do a 24 hour single sign in without email certification, but of course it doesnt work. Now they are hoping that I have the app open on another device (gee thats secure) so I can download my vault. There is obviously a fix for this. It is crazy since they have no problem billing the credit card. Does anyone have the name of a competitor, I really do not want to leave, but their current suggestion is to delete my account and start over. If this is the case I am going to start over with a provider that can get me back into my account, why stay here???
Hi there, you can contact the official support team any time by filling out the contact form on the Help Center, please continue to work directly with the team.
If you’re able to get back into your account, more info on setting up additional two-step login methods can be found here.
You can also log in and unlock your Bitwarden account with a passkey.
@reynold111111 Welcome to the forum!
When you say you get a prompt for an email verification code, could you clarify which of those two different options you do see?
Option A)
Option B)
Do you see Option A) or Option B)?
The design may vary… the most important thing here: do you see the phrase “we don’t recognize this device” in your prompt?
I echo the recommendation by @dwbit to continue working directly with the Support Team. In the meantime, feel free to work with us forum volunteers in parallel — although this will require you to provide answers to questions that we ask you. @Nail1684 has already asked an important question above, aimed at confirming that you are locked out as a result of the New Device Login Protection (NDLP) feature. Based on context, I am assuming that this is the case, but a confirmation would be helpful. My own questions follow:
What do you mean by “it doesnt work”? What happens/happened when attempting to log in during the 24-hour window, and what error message (if any) do/did you see?
When does/did the 24-hour window close?
Not sure what the “gee thats secure” comment is supposed to mean, but it seems that you have misunderstood what you heard from the Support rep. If (for whatever reason), you are unable to log in on a new device despite having a 24-hour NDLP waiver, then the only ways to get access to your vault data would involve using either a passkey or a logged-in instance of Bitwarden client app (e.g., a Desktop app, browser extension, or mobile app on any device, as long as that client instance has not been logged out). There is nothing insecure about leaving a Bitwarden client logged-in, as long as it is locked while not in use; this is the recommended way to use Bitwarden.
IMPORTANT: If you think that you do potentially have some device where you previously logged in to a Bitwarden app or browser extension, please ensure that the device is fully disconnected from the internet (ethernet cables disconnected, and WiFi disabled) before launching the app or browser to check if Bitwarden is still logged-in. If you have a logged-in session that is older than 30 days, then it will be automatically logged out (destroying any chances of recovering your vault) if it is able to ping the server; this can be prevented by opening the app or browser extension in off-line mode.
Please let us know if you find a logged-in instance of any Bitwarden client app or extension, and if so, whether you are able to unlock it (while keeping the device disconnected from the internet).
If a competing provider can get you back into your vault, then your vault data will be vulnerable to compromise by social engineering attacks. I would recommend staying away from any provider that offers a “back door” into your vault.
After we get your responses, we can determine what the best path forward would be. If you make further progress with Customer Support, please update us here, as well.
-
I am hoping my situation will make Bitwarden better. As a former Cyber Law Enforcement Investigator, I never thought I would be in the postion I am in being extorted. My hope is that Bitwarden gets better and provides an answer to my situation and of course I will post a result expecially if positive.
-
Having Bitwarden open on multiple devices in my opinion defeats the apps security purpose. I try to close the app, in fact it closes more often on its own, especially if you have profile settings. Again, it worked better for me when it was simple back in March.
-
One of the Bitwarden techs told me that I had a 24 hour window to sign in without email confirmation, but this is not happening. So i wonder why since they said it.
Hope this helps.
With due respect, you have not provided answers to any of the questions that @Nail1684 and I have asked; it will be difficult to impossible for us to help you here on the forum without your cooperation. Hopefully the Customer Support Team has better luck getting the information that they need from you in order to help resolve your ticket.
How are you being extorted?
Your opinion about this is incorrect. But if you prefer to use your password manager only on a single device, then you may want to consider switching to KeePassXC.
They said it because they temporarily disabled the New Device Login Protection for your account, waiving the requirement to use an email confirmation code to log in to an unrecognized device. If you are unable to log in, it is likely for reasons unrelated to the New Device Login Protection feature.
Without your answers to the questions that I had asked you previously, I may not be able to provide any further assistance.
With this experience, and with your concern about the security of your Bitwarden account, I am surprised that you did not feel it necessary to enable Two-Step Login for your Bitwarden account. Had you done so, you would not have found yourself in this bind.
I am surprised that you do not understand. It is very simple.
Bitwarden requires email confirmation after you enter your ID (email) and password. My ID (email) is not working because of a present extortion by my former IT employee. Unbenownst to me he owns
my companies domain so the email (Bitwarden ID and confirmation Email Address) is presently shut off, so I cannot get into my vault.
I have been emailing you at the same time I have been emailing customer service. Presently Customer service has no answers for my current situation. They have finished emailing me saying they cannot speak about the email I own and have used until 4am this morning to get into Bitwarden.
I do not have a recovery code and have never attached a another validation program to my vault, so they are saying I am stuck. Seems silly that as early as March I was able to log in with only my ID and password, and I cannot go back to this status.
This situation will only get worse and worse if there is no other way to get back into a vault, there for my recomendation for people that I know is NOT to use Bitwarden because if you loose access to your email and have not set up another recovery, you are screwed.
@reynold111111 I read your whole text, but you didn’t answer if you see Option A) or Option B) when you try to log in now. (see my previous post for the corresponding prompts/screenshots) So, which of these two options do you see now?
Alternatively: could you provide the screenshot of the exact prompt you see and where you can’t continue? If you post a screenshot here, please make sure to redact any personal information if it would be visible otherwise.
(Explanation: as there might be two different situations you could be in, it would be important to know which one it is. Based on all your answers so far here, we still don’t know for sure which one it is.)
Thanks, but I’m a bit confused now. I meant the prompt you see where/when you are stuck – my guess is it should be the prompt after you entered your email address and master password. We need a screenshot from that exact prompt.
if you look to the right of the window you will see its requesting i enter the code sent to my email. I cant get into the email to get the code, see the box?
The email registered to my Bitwarden is shut down. so I can’t get into it to get a code. Make sense. Appreciate the help
Only this one screenshot arrived here on the forum:
I see you answered per email and maybe a second or third screenshot didn’t go through?
But this screenshot I see here doesn’t ask for an email verification code, but just for the email address. You can enter your email address here now.
After entering your email address you’re asked for your master password. When you entered your master password – the exact prompt you then see next would be the one we need to see as a screenshot.
One of the unfortunate security realities is that creating a lock that is hard for bad guys to break means that the lock is equally hard for the good guys to break. If Bitwarden were able to give you a copy of your credentials, they would also be able to hand them to an imposter.
The broader take away is that one is always at risk of loss of access to their data, be it their vault, their email, online storage, or even a failed hard drive. The single best defense against this is to maintain an off-line copy (or copies) of all data that you “can not afford” to lose, and keep it current with a frequency that balances your tolerance for data loss against your willingness to spend time updating backups. Regardless of where you land (bitwarden or elsewhere), I do encourage you to start taking regular backups so that things are hopefully less painful next time you experience loss.
Specifically regarding Bitwarden, they have instructions for backing up and there are other steps us volunteers routinely recommend to prepare for regaining access if something like this were to happen again.
The box shown in your screen shot only asks you to type in your (no longer working) email address, it does not ask you for a security code. When you click Continue after entering your email address, you would be presented with a prompt asking for your master password. Had you entered the master password and clicked Log in with master password on this second screen, your extension would have been logged in — if you had done all this within the 24-hour window during which your NDLP requirement was waived by Customer Support.
Regardless, it seems you have now let the 24-hour window pass, so your options may be limited (or non-existent) at this point.