My subscription renews May 30, I’m looking at alternatives. This is just unacceptable, don’t think the few posting here are the only angry and frustrated users, Reddit has thousands of very concerned posts, get your act together now!
Please remove this feature.
I cannot login to bitwarden on my windows vm
Just came back to say that now I’m able to access my vault.
Don’t know what happened, as I did nothing. Hope the enginering team decided to go back from blocking IPs, then other people won’t have the same issue we had - althrough I don’t think it’s the case as I didn’t had to solve the captcha.
Anyway, wish y’all from BA can manage to solve the security issues.
Bye.
I came here to report this same issue. I have been unable to access my account now for a week. The mobile works but only read-only. This should be my 4th year using Bitwarden at this point I think I have had enough. Is there any way I can export my password even if on the mobile android app? Was anyone able to get this to work? I am connecting from starlink and have no VPN
Came here to report the same situation. I found that my account was silently not syncing on my MacOS desktop clients. Tried to force a manual sync and received a cryptic “Syncing Failed” message. Tried to log in to the Web Vault and got told that "An error has occired. Traffic from your network looks unusual. Connect to a different network or try again later. [Error Code 7]"
. Emailed support a few hours ago (with IP address, client, timestamps, etc) and have received only “Have you tried not using Tor or a VPN?” (I use neither for the last few days).
I wouldn’t mind if the IP range got blocked as a precaution, as long I also got emailed to confirm that it’s me and was able to confirm that. But no - not a single actionable notice came from Bitwarden. It was only when I noticed that some saved items were not showing up in another client that I even realised syncing was failing.
Bitwarden - I’m really very happy to pay for this open-source product. I’d pay $10 a month for reliable password management, let along $10 a year! But in exchange your syncing service has to be rock solid reliable.
Ironically I had to log into this community site via Github, as my Firefox Bitwarden extension won’t save a login and password without the syncing problem being fixed.
UPDATE: I just received my second support email telling me to not use Tor or a VPN. Thanks. Useful.
Whenever I tried to login, it says “An error has occured, traffic from your network looks unusal”. I even tried changing the network but no result. What should I do?
Same here since a couple of hours.
I came here to report the same problem. Everything was fine, I used a VPN, but Bitwarden wasn’t even running. I turned off the VPN, two hours later I used Bitwarden and everything worked fine for a week. But today I had the following problem. I can’t add any sites to the desktop app on my PC (I thought it re-login would help to log in to my account; now I can’t even log in to my account) and I can’t log in to my account through a web browser. The same error everywhere - Traffic from your network looks unusual. Connect to a different network or try again later. [Error Code 7]. I restarted the router, cleared the cache, tried to log in to my account in the desktop app… But, as I wrote above, now I can’t log back in. But all this miracle works on a smartphone (Android app) that connects to the same network via Wi-Fi - everything works fine.
I was experiencing this problem and tried to disable AdBlockPlus…
This is an extension to block advertisements in FireFox (the browser I use)…
And it worked. BitWarden is now working properly again.
… I reinstalled the extension and BitWarden still works.
Well, this is rubbish! Recently switched to Bitwarden and now I cannot save my passwords anymore. Rebooting network cannot be done until later.
Hey @doornik have you followed the steps at Unusual Internet Traffic | Bitwarden Help Center
If you’re using a VPN, you can switch connections to refresh IP range.
This is a catastrophic drop of the ball impacting core functionality, how is this still affecting people months later? I was considering paid / family plans but at this point I’m concerned about the competence of the team working on this project.
If your service is holding an important database such as passwords you cannot, cannot, cannot just randomly (from the user’s PoV) block it off with no practical way around it. No, changing IPs / moving off the current network are not a “solution”; if you’re blocking login due to unusual or suspected unauthorised activity then an attacker will just move to a different network as well.
For a blocked login to make any sense you need to still allow the legitimate owner to (at a minimum):
- Be sent an email requiring them to confirm the suspicious login (+ potentially requiring captchas / backup code entry)
- Once logged in, navigate to the security menu and review recent account activity
- Confirm or deny the recent activity / network locations as valid / trusted or not
Sending users through the time wasting rigmarole of changing networks (not possible in many cases, see secure offsite / work related VPNs or shared / static WAN connections) is not acceptable.
To head off the inevitable question, yes I’ve tried the options in the support post up to but excluding contacting support. To get back in to my account I used a VPN from another country. Somehow a login from a different country is “less unusual” than a login using a connection I’ve previously been using with different devices for days / weeks…
I haven’t had this happen to me yet, but as a software engineer I can see how false positives can be triggered, and the user is sometimes left with no realistic recourse to get it working again. The other thing is we have no idea how many times this happens on the back end, was caused by an attacker and is a legitimate block to protect the user/account and/or back end systems. It could be that this is a HUGE problem filtering out unusual traffic, but we’d have no idea. Security through obscurity indeed.
The other thing that isn’t being said is this unusual traffic is being detected by the BW backend systems, and IPs go in & out of being temporarily being blacklisted. Let’s say there was a way for the user to validate their IP. That wouldn’t stop the unusual network traffic if indeed it was caused by an attacker. But if it wasn’t, then re-validating that IP would allow the user to get around the false positive that triggered the temp blacklisting
yoooo i had to register for the community forum because i can’t wait for the support to reply after reading this thread!!
I can’t access my password manager on my business trip. PERIOD. This is crazy, you have to do something about this. There’s a reason why this doesn’t happen at apple key chain or 1password, you HAVE to think about how they do this and provide a hotfix straight away!!
this is not a simple issue where you can just say “have you followed these steps?”, “if you have then you need to contact support”.
This is URGENT!!
We have security mechanisms that protect our cloud infrastructure. After analyzing the connection pattern for the IP address you provided us, the security team took the decision to maintain the restrictions until the traffic normalizes.
Please consider the following options:
Restart your router.
This may result in your connection being assigned a new IP address that is not within the range of the malicious traffic. If your IP address is static or if you continue to experience blockages even after changing your IP address, we recommend contacting your internet service provider (ISP) and informing them that their infrastructure may have botnets operating on it, and see if maybe they can review that activity.
Ensure that all user agents are up-to-date.
It’s important to apply all software updates as soon as they become available.
Use a VPN to mask your IP address.
We apologize that we are unable to do more to resolve this issue at this time.
This is the reply that i get from the support… you guys literally asked me to ask my ISP to change their IP address. crazy
Maybe you read the email too quickly, but this is not what they say.
Do you even have a static IP? Most ISPs assign IPs dynamically.
Did you try the other suggestions provided in the email?
I don’t have a static IP, but i have stayed here for the past week and mate, i have restarted the router so many times. It just doesn’t work.
What other suggestion?
Ensure my user agents are up to date? yes i did
Restart my router? yes i did, many times
use VPN to mask my ip address? I don’t even want to do this but this is the only resolution. so now i have to access my bitwarden from my mobile carrier or VPN, because apparently my ISP ip address ranges are “suspicious”
Yes, it is very likely that the ISP you are using during your travels is also being used by a botnet that is actively attempting to attack Bitwarden’s servers. And, because of dynamic IP assignment, if they whitelist your current IP address now, the same IP address could be assigned to that botnet later on.
One other thing you could try is to check whether restarting your router actually gives you a new IP address. If not, do you have admin access to the router? By logging in to the router, there is usually way to force it to drop its connection to the ISP and acquire a new IP. This is also faster than rebooting the router, so you could mash that reset function a bunch of times until you see an IP that looks more “different” from the others.
If that doesn’t work, then a VPN seems to be your only other solution.
Per Bitwarden’s recommendations, it would also be a good idea to let your ISP know that there is evidence of a botnet using their servers — they are the only once who can stop the activity (and after it is stopped, Bitwarden should be able to whitelist your IP if it doesn’t automatically connect).
Good luck!
Today i started seeign this error, Nothing change in myside, I use Bitwardan at two place, 1) Office 2) in Home. I am login from same devive and same network sinec login time, I restarted my home router too, i do not use VPN, I am In India and using Jio Fiber connection where i started getting an issue.
There is some thigns wrong on Bitwards, they should have some way to white list Ips of they see that is an issue, and way to verify login identity.
Bitwardan fix an issue, asap…
Ravi
This is exactly what happened to me when I opened my account a few days ago. That was strange and surprise to me because I didn’t do any strange things on my network, nothing out of the ordinary. And when opening my new account on the Bitwarden vault, I got ERROR CODE 7. After a little research on the net and on the Bitwarden forum, I concluded that the only thing worth trying is to wait a few days and hope that after a few days my ISP number will be removed from the blacklist. And it was taken down. I waited 2 days and tried to log in again and it worked. without a hitch.
I don’t know how my ISP number got blacklisted, I don’t understand. But here it is.