“Unofficial Community Guide”
– from a user to other users, as I’m not a Bitwarden employee!
This post is a collection of considerations and tips around the issue of “login problems”. As a collection of various possibilities, it is a general list, though some cases are “individual” – and “everything” is too much in many cases.
So, go through that list, take your time, and you certainly don’t have to “study” everything in detail. But be careful with everything you do now, as with login problems, you may be already in the “danger zone”.
Info: This post is mainly for individual, families or Teams accounts. Enterprise accounts have some different set ups (SSO, account recovery…) that are not part of this post (and in general, contact your Enterprise organization administrator if you encounter problems).
And some repetitions are intentional, as some important topics - like mentioning exports/backups - belong to more than one “point”…
1. Before you proceed, know these…
2. To prevent misunderstandings, make sure of these for the following…
3. Possible tests in the beginning…
4. Things you can try (always with caution!)…
6. If it turns out, your master password is truly “lost” / forgotten…
7. Prevent it from happening (again)…
1. Before you proceed, know these…
-
Depending on what exactly has happened, you may be in danger of losing access to your vault
– so proceed very carefully with everything you try and do – even the things that are suggested here. (the critical things in this post do have a warning message…) -
If you are still logged in (whether “locked” or “unlocked”) in one or more Bitwarden apps: stay logged in there (!), disconnect the device from the internet, and try to make an export of your data ASAP - with the export function, or manually if necessary. – If something goes wrong in the following, with an export, you are able to restore your data, hopefully.
-
When you use the export function (only possible if you still have access to that function in at least one of the Bitwarden apps):
-
Be aware, that all exports don’t contain file attachments, Sends and items in the trash.
-
And CSV exports furthermore don’t contain cards, identities and passkeys.
-
Therefore, JSON exports are recommended – usually the encrypted: password-protected ones, but unencrypted JSON exports are also fine, when you now have other problems.
-
Everything, that isn’t contained in an export file, you’d have to export manually.
-
For using the export function, you need your master password – so if it turns out your login problems are due to “master password problems”, unfortunately you won’t be able to use the export function. Then, you would have to export everything manually. (and again, that would be only possible if you still have access to at least one Bitwarden app, otherwise you are at an impasse here…)
One exception: in the web vault, it can also be that you need an email verification code instead for creating an export.
-
If you have an organization/collections, you have to export those separately via the admin console in the web vault.
-
2. To prevent misunderstandings, make sure of these for the following…
-
Make sure, if you are locked or logged out in your app (what’s the difference between locking/unlocking and log in?).
-
If you’re locked, you must just unlock with your chosen method(s) (Unlock with PIN, Unlock with Biometrics or even unlock with you master password)
-
If you’re logged out, you must log in (usually with your master password and 2FA or new-device-verification-code… or per Log in with device, or via Passkey, …)
-
We focus on login problems in this post! (and not on unlocking problems)
-
-
Make sure if you are asked for your master password (possible for unlocking and login) or for your PIN (only possible for unlocking). (as both are not interchangeable, the PIN won’t work when you’re asked for your master password (and vice versa) – and login with your PIN never works, as there is no “login with PIN” with the Bitwarden apps!).
3. Possible tests in the beginning…
-
If you can’t login in one of the Bitwarden apps, …
-
Try to login to the web vault (vault.bitwarden.com for the US server region or vault.bitwarden.eu for the EU server region)
-
Additionally: try to login with different browsers and also maybe via a private/incognito browser session.
-
You can also try to delete the browser cache. –
Be careful with deleting the browser cookies, as it may lead for the Bitwarden web vault to “forget” the status of a “known device”, so that you are subject to the new email login protection / device verification, if you don’t use 2FA for your account. (see here for more info to the new device verification)
-
-
And/or try to login in other Bitwarden app(s) (and possibly on other devices as well)
-
-
That way you can check whether it is a general login problem (= when you can’t login anywhere), or a problem with (“only”) one app or device.
- If it’s a general problem you probably should focus on things that have a kind of “general approach” – and if it’s a problem with one app and/or device, you probably can focus on more “narrow” measures regarding that app and/or device.
-
When trying to login “too often”: Be aware, that the Bitwarden servers e.g. “[…] will require CAPTCHA verification after 9 failed login attempts from an unknown device”, so be careful with your attempts.
4. Things you can try (always with caution!)…
-
Some basic measures are described in the previous section “3. Possible tests in the beginning…” (so please look there now, if you haven’t already done that…)
-
Check whether the Bitwarden (US/EU) servers are temporarily down, e.g. during a planned server update: Bitwarden Status Page
-
If there’s a server outage, wait until it is fixed, and then try to login again.
-
If you’re self-hosting, check, whether your own server works as expected (login problems due to problems or misconfigurations of your self-hosted Bitwarden server are out of the scope of this guide). - And check, whether you have the latest server version installed. (“new” client versions and “old” server versions do get incompatible eventually)
-
-
Did you choose the right server region – US/.com or EU/.eu ? (those are distinct server regions and you can only login to the server region, your Bitwarden account was created and is located on)
- If you are not sure, on which server region your account was created on: try logging in to both server regions.
-
Did you check, you type in the correct email address and/or master password? Check with your emergency sheet! And/or get your master password hint, if you have one. (though, probably not recommended to set one up, or at least with caution - some people put hints about the whereabouts of their emergency sheet(s) as their master password hint…)
-
Did you ever change your email address and/or master password? (and maybe didn’t update that on your emergency sheet?)
-
Did you check for any typos in your email address and/or master password? even silly ones… or more obvious ones like confuse 0 (zero) with O (capital letter “o”), l (minuscule “L”) with I (capital letter “i”) or | (special character “vertical bar”) etc.
- Also watch out for spaces at any place: leading spaces, trailing spaces or spaces within your master password
-
Addition to the previous point: for the email address, it doesn’t make a difference whether you use lower case letters or upper-case letters, so whether you try to login with
[email protected]or[email protected]– both should work exactly the same (whereas obviously the same isn’t true for the master password!!) -
Do you have problematic special characters in your master password? Non-ASCII / Unicode characters may work on one system, but not on other systems.
-
We recommend only to use the 95-character ASCII set (or “less”) for master passwords to stay on the safe side, or rather to guarantee “cross-system-wide” compatibility:
-
a-z
-
A-Z
-
0-9
-
The following special characters: !"#$%&'()*+,-./:;<=>?@`[~]^_{}| including the (invisible) “space” special character
-
-
If you can login to your web vault, but not to another one of the Bitwarden apps - and you have a potentially problematic special character in your master password: maybe try to change your master password to one, that only consists of the 95-character ASCII set (see above).
But make sure, to export your vault, before you change your master password! – More info to exports: see in the first section here.- … And while we’re at it: we recommend an at least 4-random-words passphrase for a Bitwarden master password, as passphrases are easy to memorize and to type → example passphrase (don’t use it!), generated by the Bitwarden passphrase generator, to get an idea:
polka-fame-curled-either-passover
- … And while we’re at it: we recommend an at least 4-random-words passphrase for a Bitwarden master password, as passphrases are easy to memorize and to type → example passphrase (don’t use it!), generated by the Bitwarden passphrase generator, to get an idea:
-
-
Watch out for auto-corrections by your keyboard(s)/app/device – you maybe even don’t notice it, especially when the input is obscured! (and even if you just use the 95-character ASCII set, as recommended above, some characters may get auto-corrected by your keyboard/app/device)
-
E.g. replacing straight-quotes with curly-quotes (i.e., “smart-quotes”), or inserting a
.(period/full stop) and/or invisible spaces after pressing the “space-bar”… or automatically changing a typed lower-case letter into an upper-case letter (or vice versa)… -
In general, especially all kinds of apostrophes and quotation marks (
',",`,´,‘,’,‛,“,”,‟) may be auto-corrected into a different form preferred by the device you are typing on. -
Turn off auto-correct if possible, try to change your (virtual or physical) keyboard, make your keyboard input visible if possible, make sure you input the exact character – if those things don’t help, change your master password in the web vault to one that contains only (max.) the 95-character ASCII set, or maybe an at least 4-random-words-passphrase without any special characters (see the tips for a Bitwarden master password above –
and again, make an export/backup before changing the master password).- More info to exports: see in the first section here.
-
On iOS: try to deactivate smart punctuation, as that potentially also “auto-corrects” characters you type in.
-
-
On mobile devices: Try turning off WiFi temporarily, i.e. changing to cellular. (–> this might “solve” some network and/or IP address problems)
-
For all devices in your local network: restart the router. (–> this might also “solve” some network and/or IP address problems)
-
If you use a VPN: turn it off. (at least temporarily…)
-
Did you ever change the KDF settings? If yes, do you use default settings for Argon2 or PBKDF2? If not, maybe try to set your KDF settings to the default values. (
Make an export before you change the KDF settings!)-
Especially on iOS, the Argon2 settings can be “too high” → change them to the default values (at least for “memory”) (
make an export before you change the KDF settings!)- Comment in the Bitwarden Help Sites to this: “iOS limits app memory for autofill. Increasing memory from the default 64 MB may result in errors while unlocking the vault with autofill.”
-
-
If your Bitwarden app has a “hiccup” or something:
-
But proceed with caution, make a backup/export if you still can – more info to exports: see in the first section here.
-
And before proceeding: uninstalling the Bitwarden mobile app, desktop app and browser extension make those apps “unknown devices” for Bitwarden again, requiring the email login verification code due to the new device verification / login protection (mainly, if you’re not using 2FA for your Bitwarden account/vault!) – so make sure, you have access to your email account, where you might get the email verification codes.
-
deinstall the app,
-
delete the local storage of the app,
-
reboot your device,
-
reinstall the app,
-
try to log in again.
- Sidenote: To log out before the first step is usually neither necessary nor possible - as “I can’t login” should be the problem, anyway…
-
5. If nothing helps so far…
-
You can also have a look into this older post to the same topic: How To: Master Password Problems and Best Practices.
-
You can also open a separate “Ask the Community”-post in this forum to get further help - then try to describe the problem as detailed as possible, what exact error message you get (ideally with a screenshot, but make sure to blur any personal and sensitive data), maybe what you already tried (and didn’t work) etc.
-
And you can always contact Bitwarden support.
-
If you have the impression, you could experience a technical bug - and/or get “other” or “weird” error messages: you can also report it on GitHub (here for the browser extension, desktop app, web vault and CLI - and here for the Android mobile app and Android Authenticator app and here for the iOS mobile app and iOS Authenticator app…)
-
Another consideration: Did you get also login- / “attempted-login”-emails from Bitwarden you can’t explain? If yes - and it wasn’t you yourself who logged in or tried to login - … in combination with login problems - and when nothing else resolves those - you should take into consideration, your account may be compromised. Though, make sure those mails aren’t “fake Bitwarden” or even phishing mails – and still, most login problems are probably not due to compromise.
-
If you truly had lost your Bitwarden account: you can delete your Bitwarden account as long as you have access to the email address you used (
but make sure you exported your data before that, if still possible – account-deletion is not reversible!) - before that or after that, you can create a new account, and hopefully import/restore your most recent backup/export for that- More info to exports: see in the first section here.
6. If it turns out, your master password is truly “lost” / forgotten…
-
… Then – unfortunately – there is no way around that… Bitwarden can neither reset your master password nor “circumvent” it in any other way.
- Simplified explanation: the Bitwarden master password does not only “authenticate” you, but is also a major factor in the encryption of your vault. Without the master password – and Bitwarden doesn’t have your master password due to it’s zero-knowledge-architecture – your vault can’t be decrypted… And that’s also why, as long as your master password isn’t there, it can’t be resetted or changed for another on.
-
Your only chance that remains would be to remember the master password again – or to “guess it”… If you think, there may be a chance of remembering or “guessing” it, then take your time. Even a few days… maybe you remember it. Sometimes it is good to sit down and focus on it, and sometimes it is good to stop thinking about it for a few days…
- But, when you try to login “too often”: Be aware, that the Bitwarden servers e.g. “[…] will require CAPTCHA verification after 9 failed login attempts from an unknown device”, so be careful (and as “accurately” as possible") with your attempts, before getting “slowed down”…
-
If it doesn’t come back to you, then eventually it’s time to delete the account you have lost access to… (see the previous section for details about that).
7. Prevent it from happening (again)…
-
Create one (or more) emergency sheet(s) with all login information for your Bitwarden account - and store that in (a) secure location(s)… also make sure to keep the emergency sheet(s) up-to-date when you change something. – Here is one template for an emergency sheet and what it should contain: Bitwarden Security Readiness Kit
-
Schedule regular exports of your vault. That won’t prevent a “lockout scenario” per se – but if you ever had a login problem / a “lockout” from your Bitwarden account, then you still have most or all of your important data, to be able to restore them.
-
… Set a timer / task / reminder to at least every six or three months, to make an export of the vault.
-
More info to exports: see in the first section here.
-
-
One basic measure to avoid a potential “lockout” due to the new device verification / login protection is, to at least store your Bitwarden email login credentials (password, 2FA (!), URL, …) also outside of your Bitwarden vault, ideally e.g. on your Bitwarden emergency sheet(s)!
-
You could also think about setting up Emergency Access for trusted persons (but unfortunately, this is not possible when you have a “free” account).
-
An additional login-“backup-method” for the Bitwarden account/vault may be to set up “login-with-passkey”-passkeys, ideally “with encryption” which makes it possible to login without entering the master password and without your 2FA or “new device verification”-OTP code. Those login-passkeys with encryption depend on PRF, and the browser, the “passkey-wallet” (i.e. where you store that passkey) and the OS must support the creation of those. And currently “login-with-passkey” is still in Beta and only possible for login to the web vault.
- But, as nice as additional login-passkeys to your Bitwarden account/vault are: currently, those Bitwarden-login-passkeys don’t replace your master password, as some critical actions still need a master password confirmation (like changing the master password and exporting the vault). So don’t rely solely on Bitwarden-login-passkeys (for now).
Thanks to @grb, @DenBesten, @Neuron5569 and @dh024 whose contributions on the forum have served as inspirations for this post!