URGENT: I received this email with subject “Failed login attempts detected” below from Bitwarden.
Should this be a concern and what next action to take now? Why do you think happened?:
“Additional security has been placed on your Bitwarden account. We’ve detected several failed attempts to log into your Bitwarden account. Future login attempts for your account will be protected by a captcha. Account: [email protected]
Date: Saturday, October 28, 2023 at 2:08 PM UTC
IP Address: 109.194.243.199
If this was you, you can remove the captcha requirement by successfully logging in. If this was not you, don’t worry. The login attempt was not successful and your account has been given additional protection.”
@userbit Welcome to the forum!
Assuming that you have 2FA enabled on your Bitwarden account, and that your master password is unique (never re-used) and strong (a randomly generated 4-word passphrase), then you don’t need to worry, and you don’t need to take any action to safeguard your vault.*
Nonetheless, if you are annoyed/inconvenienced/stressed because you repeatedly keep getting such messages, or because you now need to complete a Captcha to log in to your account (a security measure deployed by Bitwarden when a large number of failed login attempts are detected), then you can stop this from occurring by changing the email address associated with your Bitwarden account. If you only have one email account, then check if you email provider supports “plus” addressing (which allows you to receive emails in your [email protected] inbox using email addresses of the form [email protected]).
*Even though your Bitwarden vault should be safe (with the proviso given above), you may have other accounts that are in jeopardy. If you still have any online accounts that have a re-used password, then it is possible that the attackers currently probing your Bitwarden account may be able to gain access to those accounts (or they may already have done so). You should run the Re-Used Passwords Report and immediately update the passwords for any vulnerable accounts to a unique, random password (13 or more random characters).