Bug: Android App Not Responding

Ask the Community Password Manager
, ,
1

Issue:
After changing the KDF to Argon2id and initial successful login, Android app becomes unresponsive on subsequent attempts to open the app.

Environment:
BitWarden app: 2025.1.2 (19740)
Device: Samsung S10e SM-G970U1
OS: Android 12
Kernel: 4.14.190

Reproduction steps:

  1. I logged into Web Vault and changed my KDF
    From: PBKDF SHA-256, 100000 iterations
    To: Argon2id, 6 iterations, 128 MB memory, 8 parallelism
    As expected, I was logged out of all devices.
  2. I opened the mobile app, I entered my email address (with remember me), password, and 2FA (with remember me), and logged in successfully. I could browse my vault. I changed the security settings to enable biometrics, then closed the app.
  3. When I reopened the app, it prompted for biometrics, then didn’t do anything. I assumed the KDF was taking a long time to run, so I left it for over two minutes. I then force closed the app.
  4. I logged into Web Vault and changed my KDF again
    To: Argon2id, 3 iterations, 64 MB memory, 4 parallelism
  5. I opened the app, logged in successfully, and could browse my vault. Enabled biometrics and closed.
  6. When I reopened the app, it prompted for biometrics, then hung.
  7. I opened Settings > Apps > Bitwarden > Storage, and cleared cache and data.
  8. I opened the app, logged in successfully, and could browse my vault. Didn’t enable biometrics, and closed the app.
  9. When I reopened the app, it hung.
  10. I logged into Web Vault and changed my KDF again
    To: PBKDF SHA-256, 600000 iterations
  11. I opened the app, logged in successfully, and could browse my vault. Enabled biometrics and closed.
  12. When I reopened the app, it hung.
  13. I deleted the app completely and reinstalled from Play Store.
  14. I opened the app, logged in successfully, and could browse my vault. Enabled biometrics and closed.
  15. When I reopened the app, it worked successfully. I closed and opened it several items without issue. I therefore assumed it needed a clean install between changing the KDF.
  16. I logged into Web Vault and changed my KDF again
    To: Argon2id, 3 iterations, 64 MB memory, 4 parallelism
  17. I deleted the app and reinstalled from Play Store.
  18. I opened the app, logged in successfully.
  19. When I reopened the app, it hung.
  20. I logged into Web Vault and changed my KDF again
    To: PBKDF SHA-256, 600000 iterations
  21. I opened the app, logged in successfully.
  22. When I reopened the app, it worked successfully. Closed and opened several times without issue. Didn’t need to reinstall or clear the cache.

I therefore believe the issue is with the Argon2id KDF, although I don’t understand why it works for the first login and not for subsequent logins.

2

@rossj Welcome to the forum!

Hm, normally, I would say: report bugs on GitHub (GitHub · Where software is built → “New issue”), and probably you should do so!

On the other hand, that can’t be a general bug, as I use Argon2 as KDF with my Android 14 phone successfully (and certainly many other people as well), so it may be an issue with your phone / OS / configuration / whatever.

You tagged this as “server:default-cloud”, but just to be sure: you are not self-hosting?

Did you try a previous version of the native mobile app, sideloaded via GitHub?

3

Thank you for the feedback, Nail.

I’m definitely not self-hosting.

I haven’t tried to install a previous version, as I’m not keen on side-loading.

I thought I had identified the cause, but I ran into the issue again today: the app wouldn’t open, even though I haven’t changed the KDF since yesterday (so still using PBKDF@600k iterations). I cleared the app cache, and it worked again.

My device has 6 GB RAM, currently with 2 GB free, so doubt memory is the issue.

4

Ugh. Happened again this morning. This time just clearing the cache didn’t fix it and I had to clear data as well, then log in from scratch.

5

Fair enough, but I rather meant it as some kind of (temporary) “test” if it is a problem or bug with the current mobile app version, that maybe wasn’t there with a previous version…

So, it seems it may be independent of the KDF… (probably I change that in the title then)… and as I have no immediate ideas at the moment, I would think again of contacting support (and depending on how that goes, maybe reporting it as a potential bug on GitHub)… PS: And again, if it is not a bug of the BW app, it may be an “incompatibility” or problem with your device/OS/configuration/… ?!