Require master password after __ time

I would like a security feature implemented: “Require master password after __ time”.

This addition would greatly enhance security. Apps like 1Password have this implemented, which makes that app convenient and secure.

The main benefit of this feature would be with biometrics. I don’t think anyone wants their app accessible that way 24/7.

You can already use the settings in Bitwarden to Log Out of your vault after a Vault Timeout period has passed, or are you asking for something beyond what is already provided in the software?

Perhaps I didn’t explain my idea well in my post.

Currently (from what I can tell) there is no option to use biometrics (FaceID in my case) to unlock the app only for a specific amount of time.

If I enable FaceID, I can use my face to unlock the app no matter what. Wait for hours, restart my phone, makes no difference.

What I would like is to have a new option to require the master password after a period of inactivity. As a former 1Password user, this is a feature I really do miss.

In addition, the app timeout for iOS only works if the app isn’t closed in the app drawer.

If I set timeout for 1 hour, the app will only respect that timeout if the app stays open in the background. If I reset it, it immediately locks.

So, are you asking for BOTH the ability to unlock with FaceID AND the ability to logout, based on different timeout periods? That is, if you haven’t unlocked in a few hours, log out? Otherwise, just unlock? Just trying to understand what it is you are asking for.

If you just want to logout after a few hours and force a new login with the master password, you can do that already by setting the Vault Timeout period and then set the Vault Timeout Action to Log Out. Full details are in the link I posted above. Cheers!

Regarding app timeouts with iOS, yes, it is an annoying Apple policy. I’m not sure if or how other password managers get around this issue, if at all. Sorry!

I think this is covered here:

The reason the app locks when you close it, is the reference to your decryption key (in memory only) is removed when the app is closed, requiring the use of biometrics to get back to that key and unlock your vault :+1: