So this is a new one. Today I helped my mum set up Bitwarden. Later on, I wanted to log in to Bitwarden’s Webvault myself via Firefox. However, I found myself greeted by a “Rate limit exceeded. Try again later” error. Even hours later, still the same error. A page on Bitwarden’s policies initially lead me to believe that this might be, because while setting up her account with my mom, we logged into her account a lot on different devices, and this might’ve triggered some sort of IP ban for our modem. However now, hours later still, I’m in a completely different location and getting the same error on my laptop. Was my MAC address banned somehow? Although this would make it a very jumpy protection mechanism. Or could this be a different issue?
Interestingly enough, every now and then when reloading the login page and trying again, a “wrong password or username” error is sprinkled in, even when my login details are very clearly correct. This has never happened in the past to my knowledge and I can usually log into Bitwarden’s Webvault just fine, so I can’t see this being a suddenly appearing browser/plugin issue either. Any help would be appreciated.
According to (*) the issue was solved for someone by switching over to a different network (WiFi vs. mobile network). If this is not possible for you try again after rebooting both the device that showed that issue and your router
(*) Unable to access Android App (Rate limit exceeded)
Thanks for the reply! Tried my mobile network and tried a reboot, neither worked
In the past (and especially when starting with Bitwarden) I logged out and back in a lot of times (also within a short period of time) without encountering any issue.
However, after downloading some Bitwarden source code and searching it for the error message I found this sub-routine (see below marked in bold):
public ErrorResponse(JObject response, HttpStatusCode status, bool identityResponse = false)
JObject errorModel = null;
if (response != null)
var responseErrorModel = response.GetValue(“ErrorModel”, StringComparison.OrdinalIgnoreCase);
if (responseErrorModel != null && identityResponse)
errorModel = responseErrorModel.Value(); ;
errorModel = response;
if (errorModel != null)
var model = errorModel.ToObject();
Message = model.Message;
ValidationErrors = model.ValidationErrors ?? new Dictionary<string, List>();
CaptchaSiteKey = ValidationErrors.ContainsKey(“HCaptcha_SiteKey”) ?
CaptchaRequired = !string.IsNullOrWhiteSpace(CaptchaSiteKey);
if ((int)status == 429)
Message = “Rate limit exceeded. Try again later.”;
StatusCode = status;
The related “HTTP response status code” 429 led me to this page: 429 Too Many Requests - HTTP | MDN
So you are right: This is caused by “too many requests in a given amount of time”. And the solution to this is given in the error message: “Try again later”.
There is a bug regarding this? I getting this error and I haven’t logged in anywhere anytime soon, browsers, mobile and desktop app all have been logged in since several months, I just tried accessing vault.bitwarden.com and I’m getting that error, haven’t got any email either regarding multiple attempts to access my account, either way it has 2FA so… I don’t see why I’m getting that error.
@1024 I would check to see if you have any browser extensions interfering, perhaps with things like the captcha. If you have the Bitwarden mobile app installed on a phone or tablet, you might try it instead to help narrow down the sourslce of the issue.
Hey there, are you using a VPN? Have you tried pausing it or switching to a new connection to ensure no interference? Are you seeing a 403 status in the console?