I recently deauthorized all sessions and then logged in again (web vault, mobile app). I did not receive “new device login” emails which indicates that deauthorizing does not reset device history on Bitwarden’s end.
Assuming this is indeed by design, I find this a bit troubling because I may deauth all sessions but if a bad actor has a way into my account then they can re-login on their previously logged in instance and I will not get a new device login email.
I noticed this to and I think this would be a great to add this. I noticed someone logged into my account and I went to deauthorize sessions…and since changed my password. But I have no idea if they logged back into my account.
I don’t get notifications if I log back into an account after is deauthorized as well.