Locked out of my vault: "Error: Must provide key"

Hi,

I can’t access my vault, I am getting “Error: Must provide key” on the bitwarden web page, on the CLI (both Mac and Windows) and all my browser extensions (Chrome, Brave, Edge) just shows a spinning indicator.

What I did before this started was:

  • Reset my master password with key rotation and signing out of all sessions
  • Installed the Desktop app on both Mac and Windows
  • Enabled browser integration, TouchID on Mac and Windows Hello on Windows
  • Enabled login with TouchID (Mac) Windows Hello (Windows)
    Since then , I am getting this error.
    I have tried to revert back the browser integration and biometric security, but that didn’t help. Still locked out with this error.

Does anybody have any ideas what the problem can be?

(Filed issue on Github)

Edit: Found someone else with the same problem. But I’m not using Vaultwarden)
Thx

Hello and welcome to the community!

  1. Do you still have any client that is still logged in not having this error? If you do, you may want to disconnect that machine from the internet and do a backup export.
  2. Once you change your password / rotate your key, have you ever logged in successfully through the web? How about clearing the cookie/cache, restart the browser, and then try again?
  3. Do you have backup exports?

Rotating the key, changing the password, or changing the KDF can corrupt the vault. If you can’t export from a still logged in client and don’t have a backup, the only way may be to contact Bitwarden support to see if they will restore your vault to the previous state, but you have to do this in 7 days; after this, your data is gone.

@InsomniacGeek Welcome to the forum!

I would suggest that you immediately contact Bitwarden Support, explain the problem, and request that your vault be restored from their backups. Bitwarden only keeps backup data for 7 days, and it may take some time to convince the support team to take action, so it is important that you start this process right away.

I am concerned that something went awry when you rotated your account encryption key — this can cause your vault to become corrupted and unusable.


P.S. @Neuron5569 I see now that you provided this same advice in your last paragraph — I had only read your first paragraphs when I started my own response. Anyhow, it can’t hurt for @InsomniacGeek to hear this twice!

1 Like

Thanks for your feedback, much appreciated. I have initiated a support ticket and a conversation with them.
I do have a 1 day old backup, luckily, which I can restore.

But, I’m not sure what state my Vault is in, and I’m a bit hesitant to restore into it. I will wait for their suggestions.
/M

2 Likes

This not looking good.

Bitwarden support has not been able to help me or fix their problem for 3 days now.
And they have stopped responding to my questions.
It’s not the level of support what I expected from a paid subscription.

I can’t import/restore my backup, and I can’t create new items either.
My account and/or vault seems completely broken.

You can delete the account, and create a new one importing a plaintext .json export file, or a non-account specific encrypted .json. If you only have an account-specific encrypted file, you probably can’t import into your account in the current state, and you can’t import into a new account either.

https://vault.bitwarden.com/#/recover-delete

If you still would like to continue talking to Bitwarden about your existing account, you can create another account in the other cloud (.com or .eu) and import you backup there.

Sorry to hear about that, although I don’t think that the support team works on weekends, so that may in part explain some of the delay.

I’m pinging some of the forum admins (@bw-admin, @sj-bitwarden, @AK3L4) to see if they may be able to rouse customer support on your behalf. If you can post your Ticket Number ( a 12-digit number at the bottom of their emails, in the format 123456:098765), doing so may help them identify your case if they see this thread.

I hope you can sort it out with BW. There were some fixes for “key rotation” in the version being released. I am not sure if it relates to your problem, but maybe it would be more attention-grabbing.

(Look at the July 17 commits):

@Neuron5569 I don’t think it is related. I (and some other auth team members at Bitwarden) have been looking into key rotation issues recently, and have closed a number of rare cases where key-rotation could cause vault access issues, or even vault corruption. But the above was a hotfixed cherry picked onto the release candidate last minute because during one of those fixes that put further guardrails and checks in place on every rotation, the key rotation process was accidentally broken entirely, not in the sense that it would corrupt the vault, but in the sense that it would block key rotation. There was no chance of the issue fixed in the commits you linked above leading to such an error that the @InsomniacGeek is experiencing.

That said, this issue is being looked into. Vault access / (corruption) issues are high priority. However, these are often incredibly hard to reproduce, and thus fix, since there are often no clear reproduction steps, and for obvious reasons no developer can just access the unlocked vault to see what’s going on.

2 Likes

It seems like rolling back time would be the first step to “reproduce” this issue. Perhaps make one of the earliest master password and/or key rotation steps be to create an online backup of the vault which users can self-restore.

Hi @InsomniacGeek, I’ve escalated your ticket and someone from the Support team should be reaching back out via email shortly. Any restoration or troubleshooting would need to be done by that team, but we’ll do our best to address the issue for you as quickly as possible. :+1:

I can confirm that this is an unusual issue you’ve encountered and the team is discussing it internally. They will likely request a bit more information from you to help ensure the error is resolved properly.

2 Likes

The issue over there is from using the new iOS beta app which caused a corruption. This was due to the code language that iOS beta uses. I’m not at an advanced level to speak about root cause but something with camelcase vs pascalcase or some other form. organizationID vs organizations. As mentioned it is a separate project and not associated with BW

Well, the relevant backup data from Bitwarden’s cloud databases should be expired and expunged by now, so hopefully @InsomniacGeek was able to resolve the issue with the help of the Support team in the past few days.

1 Like

@InsomniacGeek any update on your issue?

I faced the same issue, yesterday. And I created a ticket today and gave them the details of the app version, error i saw at the console etc, and within a day, the team was able to retrieve my account.

Any insight as to what the root cause was?

I was actually using multiple accounts in a same bitwarden android app. And, post closing the app abruptly, by clearing all recent apps, without logging out and exiting properly, I started to see this issue. But, have asked the team on what has caused this issue. Will keep posted.