Ios vault timeout is not honored

Feature name

  • ios vault timeout

Feature function

  • What will this feature do differently?
    don’t ask for pin or password for every autofill
  • What benefits will this feature bring?
    increase usability
  • Remember to add a tag for each client application that will be affected

Currently in the iOS app, the only option is to always enter a pin/master password for every auto-fill. Unfortunately when using the pin, the reduced security persists across time or reboots or phone looks. Ideally there would be multiple levels, e.g. ask for master password after reboot/timeout and not ask for any pin for autofills when vault is unlocked.

https://www.reddit.com/r/Bitwarden/comments/cbgypq/ios_bitwarden_not_remaining_locked_with_autofill/ mentions that this is not possible, however, shouldn’t it be possible to have some shared app state that is not encrypted, i.e. outside of the vault?

Alternatively, if there was an option to ask for the master password after restarts or phone looks that would work too. But currently, the only way to achieve that is using automatic logout which then also logs out for each autofill (and doesn’t actually work at all, as the extension immediately restarts after logging in)