Before this evening, I was able to logon to Bitwarden for the past two months:
–using (bitwarden.com)
–in ‘personal’ (not guest) chrome extension on desktop
–in firefox extension on desktop
–on iPhone in Bitwarden app
–using (Bitwarden Web Vault)
–in ‘personal’ (not guest) chrome browser on desktop
–in ‘guest’ chrome browser on desktop
–in firefox browser on desktop
Now, I’m still logged in via my ‘personal’ (not guest) chrome extension, but can no longer do a new logon:
–in firefox extension
–on iPhone in Bitwarden app
–in ‘personal’ (not guest) chrome browser
–in ‘guest’ chrome browser
–in firefox browser
The only change I made this afternoon was that I was in the Apple Store and another customer showed me how on my iPhone to go to Settings > Passwords > Password Options and select ‘Bitwarden’ in addition to iCloud Keychain. That’s when I started getting “Username or password is incorrect. Try again.” on every attempt above. I’ve tried unselecting ‘Bitwarden’ on my iPhone in Settings > Passwords > Password Options, but still cannot do a new logon.
I’m afraid to close the one Chrome browser in which I’m successfully logged on to the Chrome browser extension, for fear I’ll lose access to the 67 logins stored in my vault. Any ideas?
Make sure you have the server at the 3rd line from the bottom selected right (if you have been using BW more than a year, most likely Bitwarden.com). Bitwarden has two clouds, and they don’t interchange.
Login normally
You can also export your vault just in case from the chrome extension:
Setting → Export vault
You may just want to select the plaintext .json for now. Normally, this file should be manually encrypted before kept as a backup.
Would you try selecting the Bitwarden.eu just in case? Normally, this is the most common problem people have with logging in.
The second most common problem people have is they mistype/misremember their password.
Yes, if you don’t have access to your account via your password+2FA, the only way to get the information out is to copy + paste each individual credential. Drag and drop also works (depending on the destination).
Another thing you can also try is to use another web browser, making sure you clear the cache on the bitwarden.com domain, and try to log in.
You can delete the old account later, as long as you can access your BW email, even without the password. After that, you can also change the email of the new account to the old email.
Once the old account is deleted, you can log into your new account and change the email there.
Caution: this is one of the operations you want to export your vault first before you do it, just in case. Once you change the email successfully, you may want to encrypt this and keep it as a backup.
@larynlee To me it sounds like you forgot your master password (have an emergency sheet where you can compare?), so please make sure to write it down and store it safely when you create a new master password for your new account. BTW recommended: use an at least 4-word passphrase, randomly created.
I have a photo of my master password consisting of 3 words w/ upper, lower, numbers and symbols and have been comparing it to what I type in and also what I copy and paste from Notepad - appears to be the same. Since I have the original vault still active via the BW extension in chrome, I have it set with Vault Timeout ‘Never’ so as long as my browser is open I’m still logged into this original vault and have been copying and pasting from the original vault to the new vault in a newly created account in the chrome browser. I now have 77 logins in both vaults. I will export my newly created vault first, before I delete the old account then log into my new account and change the email in the new account.
@larynlee Well, if you 1. can’t login, 2. can’t make the export because you get the error message “… invalid master password” and 3. login with your new account seems to work with all (?) same devices/Bitwarden apps, then the most likely thing, I think, is that your master password was not right. I don’t mean to offend you - just want to make you aware of the importance of storing the master password (–> emergency sheet), so that this doesn’t happen again to you.
@Neuron5569@Nail1684 You are both absolutely correct. My daughter just compared the master password she had stored for me to what I had texted her that I was using and found one letter was uppercase and I had been keying it in lowercase.
…and then possibly, you didn’t mean “logon” here in your first post, but I guess you were logged on the whole time and just locked/unlocked you vault? Or did you type in the master password for two months correctly? - Anyway, not that important now… but it was a bit confusing, how logging in suddenly seemed to be not possible for you…
Just two remarks for your current situation:
I think you can decide now if you keep the old account and delete the new one - or the other way round.
I hope you compared the master password with your daughter via a secure channel (e.g. not encrypted emails would be not secure). Best would be, to create a new master password, I think. (so, maybe keep the new account with the new master password then, because there is already a new master password in place?! )
@larynlee , this happens, and frequently enough because our memory is fickle. That’s why @Nail1684 and others stress the importance of having an emergency sheet.
I’d like to make suggestions that you can choose to make, probably having seen why they might be valuable.
Keep your master passphrase in lower letter, separated by spaces, without any capital letters, numbers, or symbols. Add one more randomly generated word to it; this will add more security even while removing the said complexity. This will make your passphrase easier to type and remember, without complications, in the long run. Passphrase is specifically designed for this: easy to type, “easy” to remember, and more secure than the password from the length perspective.
Make an emergency sheet, sharing the entire or partial copy with your daughter. It’s better to share the physical copy (when you go see her at her place), and not by electronic transmission.
Make regular exports of your vault (perhaps once a month). I mentioned encryption before, but you can trade this with physical security, e.g. keep an unencrypted export on a USB drive kept in your safe. If you have a safe, you can keep this with your emergency sheet. The expert would tell you that you need to keep another vault copy, perhaps an encrypted copy given to your daughter.
Bitwarden has “Login with Device” feature, which allows you to pretty much forgo remembering the master password altogether, using your phone to approve logins. If you can keep physical copies of your master passphrase reliably accessible and safe, keep your phone locked, keep BW on the phone locked, this is a very viable method.
In the web vault password change page, you have the option to put in password hints. You can put in the location where you keep the emergency sheets. You don’t want to put anything about the password in there (this info is “not” encrypted). You can request that Bitwarden email you the information on the web vault login page. Changing this information is almost like changing the password, so you will want to export the vault before you make changes.
I am happy you’ve figured things out. You get to see what are important, in actions! Be safe and happy.
