Manual logout is not the same as vault time-out logout

Feature name

Manual logout and vault time-out logout = twins

This is specifically in reference to the chrome web extension functionality

Feature function

  • Currently, when you manually press logout, upon attempting to log back in you will be asked for 2fa if you have it set. However, if you have your vault set to auto logout upon browser restart, you will not be asked for 2fa upon attempting to log back in. This suggests that manual logout and vault time-out logout do not log you out of your account in the same way.

  • By making vault time-out logout function as the manual logout does you will be asked for 2fa upon each login.

Hi, I believe there’s already a solution to your problem. Pressing “Log Out” in the browser extension setting menu will require you to complete 2FA upon logging back in as you mentioned.

If you instead want 2FA not to be required after you log out manually, you should click “Lock Now”, which will only require your password (or biometric unlock if enabled) when you go to log back in. It’s in the section above the logout button.

This really sounds like a bug. Why would an auto-logout result in different behavior from a manual logout? I certainly hope this wasn’t done on purpose.

Pretty sure this user wants the 2FA to be required for the auto logout scenario.

1 Like

In that case, he should set the Vault Timeout Action setting to Log Out instead of Lock

Hello, my problem is that I do have the vault set to auto logout after browser restart, and I do have 2fa enabled. Yet still I am not asked for 2fa unless I manually log out. I would like to be asked for 2fa on auto logout as well so that I do not need to remember to manually press log out each time.

Again, to clarify, I Do have 2fa enabled and I Do have my vault set to auto logout (Not auto lock) upon browser restart.

I tried this on my system and get the proper behavior of 2FA request upon browser restart.
My setup info is:

  • macOS 11.2.3
  • Bitwarden extension 1.49.1
  • Tried on both Brave Browser 1.22.70 (uses chrome extension) and Firefox 87.0
  • 2FA via U2F

You might want to provide your own setup info so that someone else can try to reproduce what you are experiencing.

Based on @NextDoorTech replies, I assume they are seeing the correct behavior too.

Got it thanks for trying it out yourself!

Sorry I’m not at home for the night so I’m not aware of the specific version numbers, at the time of writing this I am using;

The newest version of windows 10

The newest version of brave browser

The newest version of Bitwarden chrome extension

2fa through yubikey 5 NFC

When I arrive at my home tomorrow I will update this comment and the main post with the actual version numbers