stuck in login loop trying to deauthorize session

i received an email about a login attempt on a machine i do not own.

i followed the link in the email to the web vault where i should be able to deauthorize the session, however when i click “deauthorize sessions” i’m prompted for the master pass, which i provide, then immediately taken to a login. after logging in i’m redirected to the home page, and the loop starts over.

@shindagger Welcome to the forum!

  1. If your account is hosted on bitwarden.com, log in at vault.bitwarden.com (otherwise, at vault.bitwarden.eu).
  2. Go to Settings > My Account > Danger Zone.
  3. Click Deauthorize Sessions.
  4. At the prompt, enter master password, and click Deauthorize Sessions.

thanks for your reply.

i’m in the latest version of chrome. when i do #4 i’m taken to a login screen, and then after logging in i’m taken back to #1. this happens over and over.

i will try firefox now.

Deauthorize sessions logs you out of all sessions, including the web session that you are using to click the button.

oh it deauthorizes all sessions… gotcha. i was expecting to be able to remove devices.

There is a feature request for that. Feel free to add your vote to it.

@shindagger As it turns out, that “login loop” is perfectly normal…

However, I would like to point out another thing:

Did you check, whether this was a legitimate email from Bitwarden? It might - in other cases - also be a fake email / phishing email, and though Bitwarden’s emails contain a link to the web vault, and rightfully so, I would always advise against clicking the link, but

  • either typing in the web vault address yourself in the browser (vault.bitwarden.com or vault.bitwarden.eu), when you remember it already
  • or make a “favourite” in your Browser with the web vault address

I hope in this case, it was the legitimate web vault, you entered your master password etc. :wink: (Sorry, if I might scare you afterwards - but phishing emails are a real threat…)