I have just started to use the “Log in with Device” option in the Bitwarden extension in Edge. But I have an issue.
When I click to “Log in with Device” in the extension, on my unlocked Android phone I receive a notification “Login Requested: Confirm logon …” When I click on this notfication Bitwarden will open on the phone, but if Bitwarden is not already unlocked, it will prompt for my fingerprint as usual. If I present my fingerprint, Bitwarden unlocks but now I am just at the vault screen and don’t get taken to the “Are you trying to log in” page with the “Confirm Login” button. I can resend the notification a second time and approve at the second attempt.
If I DON’T provide my fingerprint and click in the background of Bitwarden, I get taken to the “Are you trying to login” page and can approve, but now Bitwarden on the phone doesn’t ask me for my fingerprint and I can only unlock Bitwarden on the phone by entering the master password.
I think I have quite a low vault timeout (about 15 mins) so often get asked for my fingerprint on the phone
I see this same behavior on Chrome while using Android. The “Confirm Login” screen is so fast that sometimes I can’t get to it before it times out. I don’t know of any way to adjust the timeout. This seems like something that Bitwarden should improve.
I’m not exactly sure what you are describing. Are you saying that you ignore the Android notification and then bring up Bitwarden that is already running in the background? It would help if you could provide more detailed instructions for this.
I click on the Android notification. This opens the Bitwarden app. If the Bitwarden app is locked, it will request my fingerprint. Behind the fingerprint popup I can see the “confirm login” screen.
If I provide my fingerprint, the “confirm login” screen disappears and I have to then send a second request from the edge extension which pops up on the, now, unlocked Bitwarden app
If I don’t provide my fingerprint and instead click on the “confirm login” screen which is sitting behind the fingerprint popup, I can confirm login on the first attempt.
However, this causes issues in that the Bitwarden app on the phone will no longer request my fingerprint until I unlock Bitwarden with the master password.
I think I understand now, but I haven’t been able to duplicate the issue. I never see the “confirm login” screen behind the fingerprint popup.
I’m using a Google Pixel 5a running Android 13. My Bitwarden version on Android is 2023.2.0. The device I’m logging into is the Chrome Extension on a Linux Desktop.
So as of today (2/3/22) the sign in flow for me has changed.
“Sign in with Device” from Edge Browser extension
Notification appears on phone (Pixel 6A, Android 13)
Notification launches Bitwarden app on phone
Bitwarden requests fingerprint, but NO “Log in requested” screen now appears behind it
Provide fingerprint
Get taken to My Vault screen briefly
“Login Requested” screen then pops up on phone and I can confirm logon.
This is how I would expect it to behave.
To be able to bypass the fingerprint request and skip straight to providing the “confirm request” action, as has been happening this week, didn’t strike me as being very secure.