Unlock with Device

Bitwarden already has a feature called “Log in with device”. What I am proposing is identical functionality but for unlocking your vault. This would provide a great alternative to manually typing in master password/pin and where biometric unlocks are unavailable - not every desktop machine has a camera or fingerprint reader, but most people will have their phone easily accessible at all times.

  • Similar to “Log in with device” feature, provide an “Unlock with device” button under the empty Master Password field.

  • To make things smoother, add a “Default unlock method” option in the app/extension settings where you can choose e.g. “Unlock with device” or “Master Password”. With “Unlock with device” option selected pressing a keyboard shortcut to auto-fill a password when the vault is locked would automatically send an unlock push notification request to a mobile device that is authorized to approve unlock requests.

Relevant topics:

7 Likes

I have faced the unlock screen and noted that it is easier to log out then log back in again rather than unlock which just seems wrong.

4 Likes

Agreed, not sure if its an oversight or hasn’t been implemented on purpose but it is needed.

1 Like

When the vault becomes locked and requires you to verify your identity, it should present “Log in with device” as an option, since you can just click “Log out” and the “Log in with device” anyways.

Chrome Extension

Web

Sorry about the above noise. It was posted automatically when my original post was merged.

Thanks all, this feedback has been passed along to the team :+1:

6 Likes

Just to mention, it is true that re-logging in with device is faster than unlocking with PIN, but not so if you have two factor turned on for login.

2 Likes

I am waiting for this feature SOOO much. Do we know if it’s going to be implemented? Unlock with the phone that I have available at all times would really help usability.

Without it “log in with a device” is pretty much useless, as I either need to type a full password, or even worse find an authenticator app and copy 6 digit number.

For me typing my passphrase is no great difficulty.

It is long enough and has a few quirks to make automated attacks take a long time.

I look at new wonder-features with interest, evaluate them and if I like it will use it,

Any progress on this one? Thanks

Please update us @bw-admin

This would be great.

This would be a huge security improvement. When my browser extension is not in use I want it to automatically lock and require bio-metrics to unlock it. Since biometrics are not supported on ubuntu, it should push a biometric unlock request to an authorized device (my phone) and allow me to unlock the browser extension from that device. Been waiting years for this.

1 Like

Just rolling Bitwarden out to me team. This would be the “killer” feature that would make Bitwarden use completely seamless.

This should also work for master password re-prompts

2 Likes

I would just like to chime in that this would indeed be very helpful for many. In my case, it is because biometrics are disabled by my organization, so having the authentication request forwarded to my phone would be a good security improvement for me.

Until this feature implemented, you can use the following workaround:

  • click “log out”
  • tick “remember email”, then click “continue” to login
  • click “log in with device”

Somewhat troublesome, hope this feature can be implemented soon.

I think another option is to set the vault timeout action to Log out instead of Lock.

I find it so odd that “unlock with device” is missing.
My guess is that it would be easy to do with just the existing code, so it must have been intentionally left out but I can’t think why?
Login with device transfers the accounts master key and I can’t see any reason why this key can’t be used to unlock the client.

This, yes please, this! As I use my personal Bitwarden vault at work (despite me proposing they roll it out in their corporate environment), this option would prevent me having to type my master password into a work computer that is potentially monitored. Having to log out and log in to unlock my vault with my device is just clunky.

You are right, we can just
Goto Settings → Vault timeout action → tick “log out”
tick “remember email”, then click “continue” to login
click “log in with device”