Lost the ability to login

Hi,

I changed the default KDF iterations from 50,000 to 200,001 after reading that 50K wasn’t very secure.
Previously to this i would log into the app on my mobile phone and on my computer via the chrome extension. I also have 2FA setup on my mobile phone if it helps.

Once i changed the value i was logged out and now when I try to log into the app on the phone OR the website I now see

“An error has occurred.
Username or password is incorrect. Try again.”

I’ve lost access to the account and all the passwords, I’ve tried a master password reset but thats not worked as it tells me i dont have a password hint set. I 100% know the previous password as i used it almost daily.

Feeling like i’ve made a massive mistake here and really hope I’ve not lost the vault. What can I do to fix this?

do have any backup of your logins? you should always back it up.

i think you cant do much about it.

I stupidly didnt back anything up, assumed as its linked to my email AND i have 2FA i should be able to prove its me :frowning:

Are you still logged in anywhere? If so, stay logged in and disconnect that device from the Internet. You might be able to recover from data locally cached on your device.

it kicked me out of everywhere unfortunately.

I had my phone setup to use biometrics but that’s no longer an option, when i start the app it wants the master password but putting it in doesn’t work.

I know the correct master password as its drilled into my brain after using it daily.

I believe you. It is very rare, but this has happened before:

I think you should contact support immediately:

1 Like

if you remember old password try to access the vault

I do remember the password but loging in via the chrome extension or the Android app is no longer working.

@MrKhan Welcome to the forum, and sorry to hear you are having trouble.

The error message that you received (“An error has occurred. Username or password is incorrect. Try again.”) does not necessarily mean that the username or master password were incorrect. You will get the same message if the login process fails for other reasons, including the inability of your device to compute the specified number of KDF iterations.

Thus, one possible explanation is that the devices you are using to log in are incapable of handling the new setting for the KDF iterations. If you have access to a more powerful computer, you could try to log in to the web vault again using that computer.

As @RogerDodger said, you also should contact Tech Support a.s.a.p., to see if this is related to a rare error that recently affected another forum user. That condition was reportedly patched, so it would be important for Bitwarden to determine if the same problem is still occurring:

1 Like

I’ve contacted support, hopefully they’ll respond.

As for powerful machine, this is what I have tried and can’t login with

Desktop

Windows 10
i7-5820K (running 4Ghz)
64GB RAM

Phone
OnePlus 10 Pro
12GB RAM
Snapdragon 8
Android 12

I’ll see if there is a desktop app that i can try, rather than the chrome extension.

Desktop also fails

Lets’s see what support find.

Your devices especially your Desktop sound more than powerful enough for the number of KDF iterations you selected. Here is where you can find the Windows Desktop app:

1 Like

Oh my God I dodged a bullet…

I just remembered I use my tablet for BW. Turned wifi off before I started BW, logged in without issue and exported vault into a JSON file. It’s all there.

Other than exporting into a JSON file, is there anything else I can export save ?

That is great news! In addition to what you have already done, you might want to do capture the data.JSON temporary file @grb described here:

The data.json file provides a more complete backup.

1 Like

I feel like we should try and trace down what caused this.

Does this sound similar to this thread?

That would be a job for tech support, whom @MrKhan has already notified. Hopefully, @bw-admin can coordinate to ensure that they connect the dots to @BostonPete’s case and check whether there is a common denominator.

@MrKhan: If possible, please do not delete your original (inaccessible) vault until tech support has had an opportunity to examine it. In the meantime, you can set up a new vault under a different email address; later (after the original vault is deleted), you have the ability change the email address on your new vault to the preferred address.

I’ll leave it alone. I’m planning to self host in the meantime so I can get back up and running ASAP by importing that JSON file.

That’s all, it looks like the team already has the info but I’ve looped them in as well.

So this was resolved and I thought I’d update the ticket so other people who have the same issue know what the resolution was in my case.

Support restored a backup of my vault. I was able to log back into the vault, and they asked me to once gain increase the same value as before, but this time it worked without a hitch.

Massive thumbs up to the Bitwarden community and support staff for getting me back up and running.

also increasing the KDF iterations have caused no noticeable degradation in speed on any of the devices I use, tablet, phone or computer.

2 Likes