Running BW on W10 but do not run the W10 desktop app. I have BW extensions installed in each (4) of my W10 browsers. Each time I recycle a given browser (for whatever reason) it requires that I re-enable (unlock) the BW vault by entering my BW master password. This is very annoying and as I recall, I did not have to do that with LastPass. Is there a setting in BW that will allow BW vault to not require unlocking every time I recycle the browser? If not, then I would request that the feature be added.
You can change the vault timeout to ‘never’ and accomplish this - you can also use the shortcut CTRL+SHIFT+N to lock the vault manually.
More on vault timeout options here: Vault Timeout Options | Bitwarden Help & Support
There is a feature request here to have a ‘central’ desktop session more or less: Login to browser extensions when logging into desktop app and vice versa
I have set the timeout value to 4 hours but when I close and then re-open the browser - the vault is already locked and I have to re-enter my master password to unlock it. I am wishing that the vault would stay unlocked when I shutdown and then the relaunch the browser as it did with LastPass. No way?
I changed the value to “Never” and it kept vault unlocked. Then I changed it again to 4 hours and it also kept the vault unlocked. No clue… but thanks
Setting the timeout to ‘never’ writes the key to the disk, which is the way it persists when the browser is closed.
Timeouts can be thought of as 'X hours, or until you close your browser/application" - because your key is stored in the memory session for that browser - and when the browser is closed, the key is erased.
OK - I did this for Brave, Edge, and Firefox browsers. In each case, when BW initially set to 4 hours, the vault was re-locked when browsers restarted. When I set each browser to “Never”, the vault remained unlocked thru browser re-cycle. When I subsequently set the timeout to 4 hours, all of the browsers kept the vault unlocked. Maybe setting to “Never” puts the key on the disk and subsequently setting the value to “4 hours” does nothing to remove the key from the disk - so the vault remains unlocked. What would remove the key from the disk?
By default, closing the browser will require you to unlock your BW vault with your master password, unless you setup a PIN to unlock the vault AND you disable the option to require master password to unlock after a browser restart. If you do this, then you only have to enter a short PIN code to unlock after you close your browser.
Just looking into using Bitwarden and it has a lot of great features. But so many user interface flaws. This is just one prime example, setting a timeout to x hours should respect users request of X hours. Not X hours OR until browser is closed. Just bad UX design from the team. Then forcing to use Never to keep the vault unlocked is just a security hack which bitwarden is supposed to make safe for storing password. Just horrible, this is just 1 issue I have run into in using this tool for nearly an hour, I found at least 3 other UX design flaws. I would never pay for a product this poor in user features. I hope the community of developers are paying attention to these type of post and prioritizing fixes for unhappy users.