I have a strange problem that I have not been able to sort and I am hoping the community may have some idea as to what is happening.
I run a self-hosted instance of BitWarden and it works great. Recently, I decided I wanted to have a little better security on my account so I decided to change my KDF to Argon2id from PBKDF2. I set the algorithm to Argon2id, iterations 6, memory 96mb, and parallelism to 4. That works as expected. I can login to the web GUI and everything is there and works as expected. However, things get strange after that.
First, the desktop app… just spins when I login. I end up having to kill the app. Then delete the bitwarden folder located in C:\Users\username\appdata. Then I restart the app and it now lets me setup up like a new user by putting in my server instance, username, and password. It then logs in and I can see all my folders and things in my vault. But if I click on a folder to view the entries, no entries are displayed. If I search for entries I KNOW are there, they are not displayed. I found that issues can be easily resolved in the app by going to View > Reload. Then bam, the entries all show up and work fine. So at least that is not a huge issue.
Then there is the problem with the browser plugin. The browser plugin seems to work fine except for one thing. The option to unlock with pin is not unchecked. That would not be so bad except that when I recheck that option, and enter the pin, it acts like it saves the option and pin but it does not. If I wait for the plugin to lock, it requires me to use the password instead of the pin. If I go back into settings, the “Unlock with pin” option is unchecked again. It simply will no longer allow me to use that option anymore.
Whats even stranger is that I setup a family member with a brand new account on my server. As soon as the account was setup, I went in and changed the KDF function right away (before even installing the browser plugin for him) and it works just fine
I primarily use FireFox but have tried this on different browsers and machines. This is also the 3rd time I have attempted to do this in three months or so. Each time I get the same results. Each time, I had to switch back to using the PBKDF function to get the browser plugin to work properly again.
My server instance and my plugins are all up to date (and I keep them that way). This feels like some kind of weird caching issue but I have clear all browser, windows, and user caches to no avail.
Does anyone have any idea as to what might be happening? Has anyone seen this behavior themselves?