[SOLVED] 2 questions about vault session unlock

Ask the Community Password Manager
1

Okay, these are more suggestions rather than questions. But let me spit it out.

I know BW development requires a lot of programming knowledge and software engineering, but I’ve been asking myself a few days now if this could be possible:

  1. Any chances to use the Android/iPhone device as a desktop vault unlocking method?

Let me explain this better. Currently, I’ve been using a very handy piece of software called Rohos Logon Key. I really like it because it eases the way I can access my Windows laptop via mobile auth.

So I’ve been doubtful if it’s even possible to use BW mobile app to unlock the extension’s vault by a single touch on the fingerprint sensor or unlock pattern on the same network (or even on mobile data, in specific cases [very complicated to implement]).

I know this sounds like a crazy idea, but it would really come in handy for certain cases.
Duo 2FA app could enable me to do that (although I believe it’s only for log in, not session unlocking), but I’m just asking if it could be possible via BW’s native app.

Striked text, more details inside. Will you add a PIN unlock method for users that are already logged in on the browser extensions? Much better to do that, or the 1st question's idea, than re-entering the master password in case it re-locks. That is, if it's even possible to lock a current session on desktop.

Found what I was looking for here:

  1. Some questions - #2 by Doomsday
  2. Unlock vault with PIN
  1. Something like push notifications on the mobile device would also do the job.

I had something else to ask, but I think these are the enough for now. I’m a very forgetful person. :sweat_smile:

EDIT: That would also be useful to authenticate in case the master password is re-prompted for some items (like “Please re-enter your master password/PIN or, optionally, check your mobile device to see/unlock this item/login/secure note”). I know it’s hard to do, but it’s just an idea.

1 Like
2

It may be possible, but I do not know enough about whatever technologies that method of unlocking may be using. One thing you have to keep in mind is that unlocking in Bitwarden is more than just authentication. When you unlock the app you are providing the master password key used to decrypt the information in your vault. So that always has to come from somewhere, so a simple binary true/false to allow access to the application will not be sufficient.

1 Like
4

Rohos Logon Key

Hey, @kspearrin. I know it’s been a while. I just came by to say that I’ve been messing around with my laptop and I figured out that Rohos Logon Key has its source code available for anyone who wants to see it.

Please don’t hesitate to check it here:

I hope it can be of help to you for future purposes.