Anyone know if the local device apps or the web vault will lock the account if a login attempt fails a set number of times?
I am thinking of the extraordinary power of GPUs to brute force a login.
I’m not sure about auto lockout but this is why you need 2FA. Even with your master password, they’re not getting in!
Point taken. However, given that I have not only the desktop app, plus also the app as browser extension for Chrome Firefox Opera Safari Brave and I use the browsers according to how much privacy I want and tracking I wish to avoid, I probably login into Bitwarden 6-10 times a day (after time outs), so 2FA is an inconvenience.
But always a trade-off, non?
Once you’ve logged in using 2FA, it won’t ask you for the second authentication factor on that device unless you explicitly log out.
Interesting…, you are saying that behind all the different “representations” of BW in the computer, that is: desktop version, the various browser extensions among the number of browsers I have, BW recognizes the state of being logged in? Puzzling though, as clearly I have to log into BW on each browser (if I wish to use the functionality of the extension on the web pages opened in said browser). Having BW active in Chrome browser has no influence on, say, BW in Firefox.
And…, when you say, log out, I suppose that is a different action than merely locking the extension, correct??
Each instance of BW is separate, so you’d need to log into each one of them. However, as per your last point, once logged in you won’t need 2FA again unless you explicitly log out. Locking your account just requires the password to unlock.