Hi,
I’m trying to log into the web using the “use my device” option. But I never get a notification on my device, and the fingerprint phrase that the web page tells me to expect doesn’t match what my device says it is. Moreover, every time I “retry” on the webpage, it changes the fingerprint phrase to expect, which is even more odd because I thought it’s supposed to be immutable for a given account.
Am I doing something wrong?
Thanks!
Hi,
same issue here.
Firefox 118.0.2 (64bit)
Bitwarden 2023.9.2 extension
Fingerprint phrase doesn’t match but ip etc it’s ok. Notification sometimes appear sometimes no.
It works perfect with Bitwarden application for Windows
The fingerprint phrase shown when logging in with device has nothing to do with the account’s fingerprint phrase.
Although they have the same name, they are completely unrelated.
The login with device fingerprint phrase’s only purpose is to verify that the words shown on the device where you are trying to log in are the same on the device where you are approving that login.
So that you don’t approve an illegitimate login attempt.
I, for one, would have done it in a different way: for example I prefer the way duo implements the verified duo push: you get a 3 or 4 digit code on the webpge where you are trying to login and you have to enter that code on the device approving the login.
This way, the risk of approving a rogue login request is minimized.
Thank you, Kiko, for the clarification, but I was actually referring to the message displayed during login when using the “login with device” option. It matches if I use the Windows app, but it doesn’t match if I use the Firefox extension. I also found that it matches when I use the Chrome extension, so it seems to be an issue with the Firefox extension.
this is still a problem. created an issue in the client repo: login with device fingerprint phrases dont match between firefox extension and android app · Issue #2940 · bitwarden/mobile · GitHub in my case it was firefox desktop browser extension to android app.