'Login With Device' not the right IP

VanDrayThon · June 18, 2024, 3:23am

Hi everyone,

When I attempt to sign into Bitwarden using the ‘Login With Device’ from either the Edge or Firefox browsers on two separate systems the ‘Login requested’ notification on my mobile indicates the correct fingerprint phrase but the IP address is NOT the same as the IP of the network I am connecting from.

In the same browser going to whatsmyip.com shows the correct IP address for the network I am on, but anytime I ‘Login with device’ I get completely different IP’s in the 167.82.x.x range. What is the extension doing? Is this IP range familiar to Bitwarden? How can I trust the ‘Login with device’ feature if the IP the connection purports to come from is not the same as my actual network?

I have not logged in yet and I have also deauthorized any existing sessions as a precationary measure.

What is the native behaviour of the extension? Does it connect from some kind of isolated/built-in VPN?

Neuron5569 · June 18, 2024, 5:13am

Hi and welcome to the community:

I always get the same IP as the one seen by an external website I check, from all the clients. The other info I check is the random passphrase the client generates. It’s hard to imagine somebody coming up with that in so short a time unless it’s a very sophisticated malware on my system.

Do you get the same IP results with this: https://www.whatismyip.com/ ?

For the website that you use, it doesn’t list IPv4 address for me at all, and the geolocation is less accurate.

bumblebee · June 18, 2024, 5:21am

Hey I got logged out again because of the ongoing firefox issue and I usually login with device cause it’s quick.

I’ve also noticed that the IP didn’t match just today a moment ago and came here. Using any other website reports my usual IP that hasn’t changed.

The IP it reports for me is: 157.52.69.77
https://whatismyipaddress.com/ip/157.52.69.77 says it is owned by Fastly.

And trying out 167.82.1.1 from your example also happens to show it from Fastly but from a different area.
https://whatismyipaddress.com/ip/167.82.1.1

I assume that it’s an error from Bitwarden using Fastly. I probably won’t login still till they fix it though. Hope this helps

pik256 · June 20, 2024, 10:02am

Same here, Firefox plugin, my Android device says I am trying to log in from 167.82.173.29 (Fastly).

limbokid · March 1, 2025, 11:35am

i had this issue on a freshly installed chrome on a Linux mint device,
i received the wrong IP address 104.156.93.35 in the login notification email, it says it’s from fastly in Los Angeles
i checked the logged in devices and found no other devices than my devices, then logged out of all devices and tried to replicate it but it gave the correct address in the emails,
i really hope it wasn’t some man-in-the-middle attack or something

DenBesten · March 1, 2025, 3:09pm

Yes, that would exactly be a “man in the middle”, but I doubt it was an adversary and I doubt it was an attack.

Fastly is a “content delivery network”. These attempt to improve website responsiveness by serving simple web pages from a server near the customer and forwarding complex things, such as API calls back to Bitwarden’s servers.

Most likely, bitwarden is asking the question “what IP connected to me”, and they are getting the one belonging to their own CDN instead of getting the customer’s. If you report this to [email protected], they may be able to fix it.

Swilky · March 3, 2025, 7:52am

This just happened to me on a freshly installed OS and Firefox.

If I login via the webpage I get my current routers public IP.

When I login via the bitwarden extension I get 157.52.96.29 which belongs to fastly.

This is absolutely terrifying.