Hey @dwbit, thanks. It’s probably better if we move this to another thread but, yes, I need to login on the desktop app before I am ever able to use biometrics in-browser.
Thanks, very valuable information. I’ll give the old version a try—giving Bitwarden one last chance.
I was reading this thread now for a while and my impression, and don’t get me wrong, is somehow Bitwarden vs. Community. I realy appreciate the work of the Team, so it only feels like this.
On the one hand:
- Security by Design, so do everything to be secure!
On the other hand:
- Easy and effortless Workflow!
So, what is best for our all security:
- Guess depends from person to person but having the weakest behaviour in mind.
In Detail, we all know, people are lazy and lazyness was always the most critical issue in security (phishing is one of the best example or even creation of master passwords I guess).
So changing the behaviour of the people and telling them it is just an little change more or less not mentionable change, is the solution … wait, realy?
By this point I think most of us know reaction of people who feel kind of betrayed (removing a function working for years) or even being forced to do it different now (Losing so much comfort), probably will not work.
So final decision is on Bitwarden developers team, or isn’t it (who is using Bitwarden…)?
Only wanted to mention this even if I’ve read the team is again thinking about the topic.
At least I’d like to have the oportunity to overrule an extrem strong security by some lazy workflow with a real present Warning while enabling this.
Finally, keep going on the good work, thanks for all the effort and trying to give us the best product possible!
Hey @indiana the team added more context regarding exploring ways to bring the functionality back both reliably and securely as there were multiple reasons the change was made, but most importantly we hear the feedback and we will share updates on progress made (for exploring restoring functionality or alert etc..), thanks for your patience!
4 Likes
@Anthony_Marchese I must say I am in complete agreeance with you here. Using a local PIN or Biometrics is a passwordless login method that is essential to account security when on the road. A good example is being at an airport where there are people everywhere, cameras all over the place, and having to type your full password in could be captured by all kinds of watching devices or just an observant person who’s in close proximity.
I really like Bitwarden, and I have been pushing for this to become my company’s default recommendation to clients for password management. However, this change undoes all of my faith in what has been an awesome product until now. Forcing this kind of change without giving the end user the choice to decide on their “risk” status based on their workflow is both an ignorant and arrogant standpoint that needs to be corrected asap.
3 Likes
Thanks for clarification of that matter. I wonder is it legit that bitwarden windows desktop app won’t ask any password again after Hybernation → Resume back? Like shouldn’t it require to type master password again then? Or that vulnerability works only after “cold wakeup” ?
The issue is that certain encryption keys required for unlocking the vault are only stored in the app’s process memory, so those keys are lost when the app is closed; thus, on app-restart, the keys must be re-derived from an entered master password or PIN. In contrast, when a computer sleeps or hibernates, the memory contents will remain fully preserved; therefore, there is no need to re-derive any encryption keys when the computer wakes up (as the required keys are still available in process memory).
1 Like
ELECTRON_NO_UPDATER = 1, set this as a system variable, roll back to version 2025.07.0
I don’t understand the recent change that forces users to always enter their master password (or a local PIN) when starting Bitwarden on desktop, even if biometrics (Windows Hello / fingerprint / face unlock) are enabled.
This creates a bad security trade-off:
-
The master password is supposed to be extremely long and complex. Forcing users to type it constantly will inevitably push them to make it weaker, reuse it, or even store it in an insecure text file.
-
A short PIN is objectively less secure than a fingerprint or face scan bound to the device’s TPM and secure enclave. Why should PIN be accepted as “secure enough,” but biometrics not?
-
On mobile devices, biometrics are already considered strong enough to unlock password managers and even banking apps. If it’s good enough for banking on an iPhone, why isn’t it good enough for Bitwarden desktop on Windows with TPM and Secure Boot?
The new approach reduces usability without providing meaningful security benefits. In fact, it may reduce security in practice, because users will choose weaker master passwords just to cope with the constant requests.
Please consider:
-
Restoring the option to allow biometric-only unlock on startup.
-
Or at least adding a user-controlled setting so advanced users can accept this trade-off themselves.
Security is not only about theoretical models — it’s also about practical human behavior. Biometrics are already a proven, strong authentication factor. For many of us, forcing master password entry every time is a step backwards.
2 Likes
Hi @MikAnd, the team is exploring ways to bring back ‘biometrics on app restart’ on Windows in a reliable and secure way, stay tuned for updates!
In the meantime, you can also enable unlock with pin (which logs out after 5 failed attempts), and then use biometrics as usual.
@MikAnd I moved your post into the corresponding discussion.
Have a look into this post: Unable to unlock Bitwarden desktop app on app start using Windows Hello - #21 by Quexten
And here is the latest update from Micah: Unable to unlock Bitwarden desktop app on app start using Windows Hello - #117 by Micah_Edelblut
PS: … oh, Sorry… I totally forgot… @MikAnd Welcome to the forum!
I am thankful that I am allowed to set the Timeout to Never as a temporary measure to this ridiculous change.
But I must say I find the reasoning behind it unbelievably narrow-minded. So the two reasons I can gather are:
- Windows Hello has a reliable API which Bitwarden will not use because it is not secure enough.
My solution? Disable Bitwardens security until this feature is restored. - Windows Hello does not work reliably for all users in all usecases.
Did a solution space exist for this? Yes. Allow users to disable using Windows Hello. It was always an option…
I wonder how many other people chose to disable Timeout like myself.
Last week a colleague asked me if I could recommend Bitwarden and I immediately answered “Up until a couple weeks ago I could, but they just let me down massively” and had to explain this topic. They decided to keep using 1Password.
I’m not sure why you are doing this, as you can still use biometrics to unlock all day long. Only the first unlock (and only) of the desktop app doesn’t work with biometrics - after that first unlock, biometrics work as before.
1 Like
Let me tell you why I do this by quoting @MikAnd for you:
The master password is supposed to be extremely long and complex. Forcing users to type it constantly will inevitably push them to make it weaker, reuse it, or even store it in an insecure text file.
Your insessant need to defend this decision paints a picture that you don’t understand or respect the importance in allowing different users to use the product differently. It’s not like I am the first person to point out the hypocrisy in removing a feature that worked for some because it worked inelegantly for others.
2 Likes
Hi @pmarnason, please remember this is primarily a community supported space, and our volunteer moderators are providing alternative work arounds after we’ve already shared the following:
Hi there, the team is exploring ways to bring back ‘biometrics on app restart’ on Windows in a reliable and secure way, stay tuned for updates!
Thanks for your patience!
2 Likes
In fact, I do hope that this gets resolved soon for everyone.
I just wondered – let’s say you use your computer for about 7-10 hours straight: then you only once have to use the master password or PIN to unlock the desktop app. After that you can use biometrics to unlock as long as you wish (and as long as you don’t close the desktop app). – Setting the vault timeout to “never” only prevents using biometrics then – and it doesn’t help with the first unlock either.
But of course – again – I agree that this first unlock should also be possible again with biometrics.
(personally, I really long for Unlock with FIDO2/"passkeys as an additional unlocking option…)
@MikAnd and you are mistaken about this. The master password is supposed to be something that can be memorized and manually typed with a modest amount of effort (while still having sufficient entropy to withstand any realistically foreseeable attempt at brute force cracking). For this reason, the best practice for master passwords is to use a randomly generated 4-word passphrase (e.g., recline-curly-convict-offing).
In addition, you misunderstood @Nail1684’s recommended work-around, which was to set an unlock PIN for unlocking Bitwarden on app restart. The PIN is in effect an alternative password (on non-mobile apps, it can contain non-numeric characters), which would be shorter than the master password — and hence, even easier to type. If you use this work-around, you are not required to type your master password on app restart (only the PIN).
Never locking your vault is certainly a risk that is yours to accept. All @Nail1684 was attempting to point out is that there are more middle-ground options available too.
“Forcing users to type it constantly” is a gross overstatement. Those who need their master password “constantly” are missing a few friction-reducing configuration options. As things stand today, the master password is only required when the desktop app is launched. Since it can run locked and minimized in the background, master password (or PIN) use can be minimized to once per windows login. For most people, that is once per day or once per month (if using “sleep”).
None of us (including myself) likes that biometrics can no longer be used at app start. But at the same time I also accept the fact that Bitwarden gets to set the baseline security standard because ultimately, it is their reputation at stake.
My reaction to this regression was to vote for “Add: Unlock with Device” so that I could use my phone camera when my PC camera is not an option. You might consider placing a similar vote.
Well, allow me to disagree, having some experience in the field.
Nevertheless, bitwarden, will allow me to disable the lock altogether, use a 4 digit pin like 1234, but it won’t allow me to choose fingerprint as a security option? For security reasons? And you are proposing that I should use a simple password for the master password of all my passwords?
Is this making any sense to you?
As for the device unlock I’m one hundred percent supporting this (I think phones are using biometrics? 
). I think is somehow implemented already but It’s not working every time
1 Like
My suspicion is that “false sense of security” was the driving factor behind this decision. In your two examples, the sense of risk is clear. Biometric unlock implies a much higher security posture. But the developers and staff state this is not the case: “You might as well use the ‘never’ lock option.” and “would leave Windows Hello to provide a false sense of security”.
Login with device is implemented; unlock with device is not (login and unlock are two different things).
Thanks for mentioning this. Hadn’t thought about it, but I suppose one could set the desktop app’s timeout action to “logout”, which means that the initial authentication could use “login with device” and then the subsequent unlocks could use the inbuilt biometrics.