Login is too much hassle

Dear Bitwarden team,

This is getting long in the tooth… bitwarden browser plugin asks for password often. My master password is long. I have more than one computer and I use 2 browser. This quickly adds to up 4 instances of login in…

What can I do? Thanks.

@haraldl Hi!

Just some first ideas:

  1. You could “login with device” (Log in with Device | Bitwarden Help Center) - I used it quite regularly and it avoids a very long master password. [PS: Same goes for “login with passkeys” (Log in with Passkeys | Bitwarden Help Center), which I personally like very much - but it still is only useable for the web vault.]

  2. You could set up a lock/unlock-routine (instead of logging out/logging in) - e.g. via PIN (Unlock with PIN | Bitwarden Help Center) or biometrics (Unlock with Biometrics | Bitwarden Help Center). But be aware of the fact, that by locking, you are still logged in and then there is vault data locally stored - if e.g. you use the non-biometric PIN, it then will be encrypted as strong as that PIN is.

Of course these topics are connected to: Vault Timeout Options | Bitwarden Help Center

BTW: I know, it’s already bothering you enough - but I didn’t read something about 2FA. If you didn’t set it up already, you should do so. (and that doesn’t have to be much of an additional annoyance, as e.g. you can set it to “remember me” on devices/apps, if you wish)

2 Likes

Three questions:

  1. Which browser are you using?
  2. Which version of the Bitwarden browser extension is installed?
  3. When it asks for your master password, does the button say Unlock or does it say Log in with master password?

I am of the opinion that you should force yourself to type in your password somewhat often to either log into or unlock your vault, as a way to get that password ingrained in your memory.

But to answer your question, if your PC is kept locked or logged out unless you are using it, then setting your BW browser extension to simply Lock after 15 minutes should be plenty safe. This also, again, forces you to type your password in periodically.

1 Like

Though I agree in general with that, I have a few “but’s”:

  • you shouldn’t rely solely on memory - the master password must be on some kind of emergency sheet, because no matter how hard you try “ingrain it in memory” - human memory is not 100% reliable

  • with “login with passkeys” and “login with device”, the master password is not that important as it was (before I create a misunderstanding here: I only mean not that important to remember and to constantly type in - of course the master password itself is still important)… these days I’m seldom in need of entering my master password (and have it stored in multiple ways), so that I don’t need to have it in my human memory any more