Hi,
Since when does the desktop application vault need to be unlocked to enable biometric unlocking in browsers? This requires two actions each time a password is needed, or else you have to leave the application vault open all the time, which is dangerous.
Previously (before what?) the bitwarden application simply had to be started and locked. am I wrong?
@mdeherder Hi!
See here: Biometrics
(and in the there cited Reddit thread, a Bitwarden developer (" rmaccallum_bw") wrote on May 23, 2024 to this:
"This is expected new behavior to protect the encryption key stored by the desktop app, which is used for biometrics, from being used unexpectedly.
The team is discussing solutions to allow this flow in a secure way.")
Since a few weeks ago… This was an intentional change by Bitwarden, implemented to mitigate a vulnerability.
https://www.reddit.com/r/Bitwarden/comments/1cyw9sp/comment/l5crkrk?snippet=
Thanks to all…