Clearer error message when vault is out of sync

Feature name

• Clearer error message when vault is out of sync

Feature function

• What will this feature do differently?
  • Make an error message easier to understand
• What benefits will this feature bring?
  • Less confusion
• Remember to add a tag for each client application that will be affected
  • I did not test all platforms, only noticed on Firefox addon

Related topics + references

NA

Body

I just got this error and took me a bit to figure out what was going on

The cipher you are updating is out of date. Please save your work, sync your vault, and try again.

I would think something more like “Your vault is out of sync” instead of “The cipher you are updating is out of date”.

I don’t know about how current things are implemented, but a random thought how one might do something like this if the issue is related to encryption is to have an unencrypted vault “version” that is just a guid and the client can check to see if the last known guid is a different than the online version and know if the current vault is out of sync.

I am also getting that error sometimes, but I could not figure out what it means or how to reproduce it.

Screen Shot 2021-08-01 at 18.44.33614×280 20.8 KB

You can reproduce it like this:
Edit an item inside Bitwarden (app/extension/web).
Edit the same item inside another instance of Bitwarden.
Try to save both of them.

This should read “The item you are updating…” - the term ‘cipher’ is just what we refer to items as in the coee. CC @Hinton

I receive that error for all passwords on my mobile client. What do I need to do? Logout and login again?

Hi @dreamflasher, can you try this advice from Github? Try logging out any active sessions and rebooting your devices.

This happens when the client you’re using finds a more up-to-date version of that same vault item in your cloud vault. Please log out of your browser extension, reboot your machine, log back into your browser extension, and let me know if you continue to encounter this.
Also, please make sure you do not have any of those vault items open in Edit-mode in any other Bitwarden client, just to be on the safe side.

Just came across this error too - I guess it makes it easier to search but a lot of non-technical users will be a bit scared by the mention of a cipher and I’d be supportive of updating it to the suggested version above. It’s also misleading as you can’t save your work if hit by this error!

If anybody wants to do a pull request, the message is hardcoded in the file server/src/Core/Vault/Services/Implementations/CipherService.cs:

Thanks @grb - done at [PM-5625] Update vault out of sync error message in CipherService.cs by EDIflyer · Pull Request #3652 · bitwarden/server · GitHub

Great! However, I think it may be best to take a more conservative approach to the revision of the message wording.

The original was:

"The cipher you are updating is out of date. Please save your work, sync your vault, and try again."

Your PR proposes:

"Your vault is out of sync & changes could not be saved. Please logout & back in to your vault and try again."

The error message seems to be thrown specifically when there is more than a 1-second discrepancy in the revision time of a modified item. I haven’t dug sufficiently into the source code to know the exact meaning of the two timestamps that are being compared (cipher.RevisionDate vs. lastKnownRevisionDate.Value), but I believe that the main purpose of the error message is to deal with conflict situations that can occur when two client apps are simultaneously editing the same item — thus, if the first client app has saved its item after the second client app opened the item for editing, then the second client app is editing an outdated item (and therefore should not be able to save their changes, to prevent undoing the changes saved by the first client app).

Thus, I would suggest that you use wording to the following effect:

"The item you are updating is out of date. Please cancel your work, sync your vault, and try again."

Compared to the original wording, the only changes I’ve made are:

• cipher → item (as recommended by @tgreer above).
• save → cancel (to address the confusion that you’ve pointed out about being unable to save). I think the intent was to advise the user to save a copy of their edits somewhere outside Bitwarden, but it would take too much space to provide that advice in a way that is not misleading (and hopefully the user can come to this conclusion on their own when the instructions point out that the edits made in Bitwarden will be lost).

Thanks for the suggestion - I guess my only slight concern was that in my case this evening syncing the vault again kept failing too (until I checked the status page I actually thought there might be an issue with the Bitwarden server!) - the only solution was to log out and back in. Not sure how to best cover that scenario when such limited space for the message?

The best I can come up with that only involves minor changes is the following:

"The item you are updating is out of date. Please cancel your work and sync your vault or log out, then try again."

However, I think that the following alternative version may be the best. It is slightly longer than the others, but as seen in the screenshot above, there seems to be some extra room on the last line of the alert.

"The item cannot be saved because it is out of date. To edit this item, first sync your vault, or log out and back in."

I like it, thanks! Have updated the PR with that.

Cool, I just got this error to, I was totally confused, and a bit worried that my data could be corrupted. Thanks dev team!

Why is this persisting?! What does this actually mean?! Why are you using terminology like “cipher”? I got my grandmother on the phone, who I set up on Bitwarden, asking me what a cipher is. I’ve got to explain to my grandmother what a cipher is?!? Why are you using dev talk in the actual product?!! That’s so weird. Why haven’t you thought about this?! Why is there this talk of making it more user friendly a YEAR AND THREE MONTHS AGO and yet here I am trying to explain to my grandmother what a cipher is because you can’t seem to actually update the app to use clearer language?!?

Not only that why the hell wont it actually just save the new password like im asking it to. What does out of date actually mean in the context of a password manager how can something be out of date?! This is not a can of beans that has been sat on a shelf too long, it’s a password manager. If I’m trying to create a new password, forget about anything else that came before it and take it that what I’m changing to right now replaces all instances everywhere, and save it, why is this so difficult?!

For Christ’s sake sort it out

I get that you’re frustrated, but every forum user who has been active in this thread in the past 3 years (myself included) is a Bitwarden user (just like you) — not a Bitwarden employee — so there is no reason to come here and yell profanities at us (and doing so also violates Community Guidelines for forum behavior, which could get your comments removed).

Apparently, the PR submitted by @metaphase has been held up in Bitwarden’s review process (the PR apparently needs to be reviewed by bitwarden/team-vault-dev and by somebody named Jason Ng). Perhaps @dwbit would be willing to follow up and check whether the logjam can be broken.

It means that you (or your grandmother) are using two or more different devices to make edits to the same vault item, and that the second device had an unreliable internet connection (so that it never received the update when the vault item was modified on the first device). Thus, when the second device is editing the vault item, it is editing an outdated version of the item, which does not contain any of the changes that were made by the first device. If Bitwarden would allow the second device to save its changes to the cloud server in such a case, then all edits that had been made by the first device would be lost; this is why this safeguard exists.

This error should be a rare occurrence, if your devices generally have a reliable internet connections.

That’s likely not what happened to badwinter’s grandmother. There is very little chance that a grandmother is going to be trying to edit the same password on multiple devices. This issue happened to me today and I was only using a single device. I did use the option to pop out the extension into its own window. Maybe that was behind the problem. Then when I was trying to edit a password, I got the error about the cipher being out of date.

I can relate to the frustration expressed in this thread. BW was instructing me to discard the password that I was trying to save and, if I did that, I’d be locked out of the account. It’s not like I’d be able to remember the 24 character password that it randomly generated for me.

What I experienced (and badwinter’s grandmother) is probably a new bug, but it is sad to see that someone submitted a PR a long time ago to fix the verbiage and it’s being ignored. The BW folks don’t need to do any coding here, just approve someone else’s work.

A lot of people moved to BW from LastPass because LastPass had began to suffer from “large software vendor syndrome”. I fear the same thing may be happening to BW. Large software houses stop being responsive to customers (especially smaller customers) and it becomes frustrating when the most basic common sense request goes unresolved for years.

It’s possible. Can you reproduce the error? if so, a bug report can be submitted.

You can always retrieve the password from the Generator’s password history, so you shouldn’t get locked out.

I just have the anecdotal experience. All I know for sure is that this cipher issue occurred with single device usage.

A month or so ago I ran into an issue where a login I had entered was not saved. I think I had clicked off in some manner that caused it to be lost. During the process, the BW password generator had been running to suggest passwords. Trying to find the password that I had manully generated provde challanging. I got locked out of the account for two many failed login attempts. The next day I was able to get in using the 4th password in the list.

Beyond being an ageist comment, one does need to keep in mind that Bitwarden has an odd definition for “device”. Firefox and Chrome on the same PC are different devices. Two different chrome profiles are different devices. Vault.bitwarden.com is yet another device in each different browser you are using. Even more fun, each time you launch incognito, it becomes a new device.