When I attempt to sign into Bitwarden using the ‘Login With Device’ from either the Edge or Firefox browsers on two separate systems the ‘Login requested’ notification on my mobile indicates the correct fingerprint phrase but the IP address is NOT the same as the IP of the network I am connecting from.
In the same browser going to whatsmyip.com shows the correct IP address for the network I am on, but anytime I ‘Login with device’ I get completely different IP’s in the 167.82.x.x range. What is the extension doing? Is this IP range familiar to Bitwarden? How can I trust the ‘Login with device’ feature if the IP the connection purports to come from is not the same as my actual network?
I have not logged in yet and I have also deauthorized any existing sessions as a precationary measure.
What is the native behaviour of the extension? Does it connect from some kind of isolated/built-in VPN?
I always get the same IP as the one seen by an external website I check, from all the clients. The other info I check is the random passphrase the client generates. It’s hard to imagine somebody coming up with that in so short a time unless it’s a very sophisticated malware on my system.
