Unlock this user in the desktop application and try again

Hi everyone, I use bitwarden on my Windows 11 Pro computer. I can’t use my fingerprint correctly to unlock bitwarden on browsers, I always get the message
“User blocked or logged out
Unblock this user in the desktop application and try again.”

Do I always have to unlock the program to make it work?
Because when the program is unlocked the fingerprint works but once you block bitwarden desktop it doesn’t work again the fingerprint via browsers.

I have these options enabled on bitwarden desktop

-Unlock with Windows Hello
-Allow browser integration

I don’t know what to do anymore :frowning:

2 Likes

Hello and welcome to the community!

This is the intended behavior for the time being to correct a vulnerability problem. If you can’t stand the double unlock, maybe use PIN + “Login with Device” until Bitwarden finds a better way to fix the problem. Bitwarden desktop can be used to approve “Login with Device” requests.

See this comment:

https://www.reddit.com/r/Bitwarden/comments/1d729we/how_to_log_in_with_biometrics_in_bw_chrome/l6wvprj/

So from what I understand this thing does it with the latest version.
Because on my second computer with the older version it works fine.
To unlock bitwarden on chrome I use fingerprints which is much more convenient and faster.
I hope it gets resolved soon

Edit:I was wondering is it not possible to download the previous version? so I can use fingerprints again to unlock bitwarden on browsers?

It seems illogical to me to try to mitigate a vulnerability by leaving the option to still be able to use the fingerprint by leaving the Bitwarden app without automatic locking.

For that they would have been better off disabling the fingerprint option while resolving the vulnerability.

I was wondering is it not possible to download the previous version? so I can use fingerprints again to unlock bitwarden on browsers?**

Yeah, it’s a new behavior introduced by the new updates. But what you are thinking are not recommended, because they introduce the new behavior to fix a vulnerability problem. I would recommend you use PIN until they sort this out.

I am on Desktop 2024.4.1 and FF extension 2024.4.1, and the Biometric unlock still works as before, although I have disabled browser extension integration and shifted to PIN unlocking anyway.

@luisfalvarez

Welcome to the community!

For that they would have been better off disabling the fingerprint option while resolving the vulnerability.

Although we don’t know the details about the vulnerability yet, I suspect this is technically true, and it would be easier to tell people (to just turn off biometrics) too. OTH, I think there are people who have always left their desktop app unlocked (until restart), or they are still willing to do the double unlock.

I understand, so let’s wait for it to be resolved

Thanks @Neuron5569 for clearly setting out the root cause, normally it takes ages to get to the bottom of these types of changes.
I’m 100% behind changing the default behaviour were a vulnerability exists and you need to take action.
One of the key reasons for paying for Bitwarden was how slick it’s biometric integration was - all the other password managers were painful compared to it.
This double unlock is driving me mad. I have a 15 min auto-lock on the vault, and the time between needing to use Bitwarden is… Almost always more than 15 mins :smile:
I hate PIN unlocks, because I don’t think it really adds any security (controversial I know) - but the mitigation to use PIN + another device unlock does make it very secure.
Do you know if the vulnerability is so bad compared to other actions users might take (e.g. turning off auto-lock)?

1 Like

AFAIK, the details haven’t been posted, but BW staff did mention leaving the key available. Available to app/extension? Unknown. Available to an app/extension communicating/connecting with the desktop app, or something else? Unknown.

There are BW configurations that the key is persisted to storage, leaving it available to other apps too. At least BW has warnings for these scenarios, whereas people expect the commonly-used biometric to be more secure.

ps: my favorite theory is that the desktop can’t authenticate with whom it’s talking.

1 Like

Facing the same problem this is such a nuisance it used to work fine by just pressing ctrl shift L and then it would automatically ask for biometrics and log in with the fingerprint but now it keeps telling you that the desktop app is logged out and you need to go login there first

truly broken and will get people to become lazy and expose their passwords to make it “quick”

Hello Allwyn, and welcome to the community!

I feel you pain, since I was using Biometric too. You can reduce the pain and still retain some security by using PIN and “Login with Device” feature now: