"rate limit exceeded" error when trying to log in

Hi there,

So this is a new one. Today I helped my mum set up Bitwarden. Later on, I wanted to log in to Bitwarden’s Webvault myself via Firefox. However, I found myself greeted by a “Rate limit exceeded. Try again later” error. Even hours later, still the same error. A page on Bitwarden’s policies initially lead me to believe that this might be, because while setting up her account with my mom, we logged into her account a lot on different devices, and this might’ve triggered some sort of IP ban for our modem. However now, hours later still, I’m in a completely different location and getting the same error on my laptop. Was my MAC address banned somehow? Although this would make it a very jumpy protection mechanism. Or could this be a different issue?

Interestingly enough, every now and then when reloading the login page and trying again, a “wrong password or username” error is sprinkled in, even when my login details are very clearly correct. This has never happened in the past to my knowledge and I can usually log into Bitwarden’s Webvault just fine, so I can’t see this being a suddenly appearing browser/plugin issue either. Any help would be appreciated.

According to (*) the issue was solved for someone by switching over to a different network (WiFi vs. mobile network). If this is not possible for you try again after rebooting both the device that showed that issue and your router

(*) Unable to access Android App (Rate limit exceeded)

Thanks for the reply! Tried my mobile network and tried a reboot, neither worked :confused:

In the past (and especially when starting with Bitwarden) I logged out and back in a lot of times (also within a short period of time) without encountering any issue.
However, after downloading some Bitwarden source code and searching it for the error message I found this sub-routine (see below marked in bold):

public ErrorResponse(JObject response, HttpStatusCode status, bool identityResponse = false)
{
JObject errorModel = null;
if (response != null)
{
var responseErrorModel = response.GetValue(“ErrorModel”, StringComparison.OrdinalIgnoreCase);
if (responseErrorModel != null && identityResponse)
{
errorModel = responseErrorModel.Value(); ;
}
else
{
errorModel = response;
}
}
if (errorModel != null)
{
var model = errorModel.ToObject();
Message = model.Message;
ValidationErrors = model.ValidationErrors ?? new Dictionary<string, List>();
CaptchaSiteKey = ValidationErrors.ContainsKey(“HCaptcha_SiteKey”) ?
ValidationErrors[“HCaptcha_SiteKey”]?.FirstOrDefault() :
null;
CaptchaRequired = !string.IsNullOrWhiteSpace(CaptchaSiteKey);
}
else
{
if ((int)status == 429)
{
Message = “Rate limit exceeded. Try again later.”;
}
}
StatusCode = status;
}

Source: mobile-master\src\Core\Models\Response\ErrorResponse.cs

The related “HTTP response status code” 429 led me to this page: 429 Too Many Requests - HTTP | MDN

So you are right: This is caused by “too many requests in a given amount of time”. And the solution to this is given in the error message: “Try again later”.