Hello together,
i use Librewolf a firefox fork as the web browser. In this browser i use the bitwarden extension. So far so good. In the preferences there is “vault-timeout: on browser restart” and “action on timeout: lock”. To unlock i check the box “unlock with Pin-Code”. After a browser restart i’m always asked for the master password and not for the pin-code. I don’t understand why?
Can someone help me?
Thanx so far… Mosconi
Welcome to the forum!
This is expected behavior. When you enable Unlock with PIN, an option for Lock with Master Password on Browser Restart is revealed (to see this option after a PIN has been set, you’ll have to disable your PIN and then set it up again). This option is enabled (
) by default (for security reasons), and this is the reason why you are asked for the master password when restarting the browser.
You can disable the option to Lock with Master Password on Browser Restart, but this puts your vault at risk if your device is lost or stolen, or if an unauthorized individual gains temporary access to your device (either in person, or via malware). In such a scenario, the attacker can create a copy of your encrypted vault cache, and use brute-force guessing to crack the PIN, to then decrypt the stolen vault data (assuming that your PIN is significantly weaker than your Master Password). This can be done very quickly using modern GPUs and specialized software (e.g., hashcat). There was a blog article published earlier this year, demonstrating that a 4-digit numeric PIN could be cracked in under 4 seconds, for example.
Thank you very much for this detailed answer. Now it works fine!