Vault Timeout - "On system lock" not working?

Hello everyone! New user here, just moved over from years of using Lastpass. I’m trying to find my way around BW and get it set up how I want.

I have set Vault Timeout to “On System Lock”, and Vault Timeout Action set to Lock, but every time I close my browser (Chrome) - it locks me out anyway. Is this to be expected?

The behaviour I am trying to get is that the BW vault stays open permanently, until I lock the computer, logoff or reboot. I cannot keep entering my ridiculously complex password every single time I launch Chrome. And I don’t want to set a timer for many hours, because I do want the vault to lock when I lock the computer.

Please can anyone help me understand if what I want is possible, and how to do it?

Thanks!

EDIT: Just found out if I set Vault Timeout to (e.g.) 4 hours, then it still locks me out immediately I close Chrome. How do I keep the Vault open after Chrome is closed and then restarted? But lock it when I logout?

1 Like

I’m not 100% sure but I think the options you can choose from for the timeout are listed in order of magnitude. So if you pick one of the lower options, and an event higher up the list occurs, it is also triggered. In your case closing the browser is higher in the list than logging out? Then it makes sense what happens, not?

Thanks for your comments, but that doesn’t really follow. Were that the case, the only option that would ever work would be “Immediately” and there would be no point in having the other options.

In BW, Vault timeout options are (in order):

  • Immediately
  • 1 minute
  • 5 minutes
  • 15 minutes
  • 30 minutes
  • 1 hour
  • 4 hours
  • On system lock
  • On browser restart
  • Never

I cannot see why when I select “On system lock”, the vault is locked on browser restart??? Or when I set it to “4 hours”, again, I am locked out on browser restart. Seems to me that whenever I quit Chrome, the vault gets locked no matter what I do.

Does anyone know if it is possible to set BW to lock the vault ONLY when locking the computer (Windows 10), logging off the computer or rebooting?

If I cannot do this, then I may have to rethink whether I want to use BW at all. I cannot have to enter my long and complex password multiple times a day and I do not like the security implications of being able to access with a short pin.

Thanks

1 Like

Just a hunch. Have you set Chrome to delete cookies at close?

Just wanted to make sure you are aware of how the PIN feature works around here. I set my PIN at 8 characters that are all random numbers. After a 5th incorrect attempt by a bad actor BW will always automatically log you out. At that point you would need a master password AND any 2FA that you set up for BW. What do you think the odds are of hitting my random 8 character PIN in only 5 attempts. Basically, zero. Something to think about!

Thanks for the suggestion, but no.

@OpSec: Thanks to you also. If I set a PIN, does that mean anyone can log in with the PIN anywhere? Or only on my PC? If the latter, then I suppose that is OK. But it’s still a pain having to key a pin every single time I start Chrome. I really wish BW would just do what it says it will do and lock only on system lock, not on browser close.

@RonWeasley the PIN/Logout/Lock/etc settings are currently all set up individually. You can have a PIN + 4 hour timeout on your desktop browser, and an immediate lock on your phone if you’d like.

We don’t write your encryption key to disk unless you set the timeout to “never” - so when you close the browser, it kills all references to your encryption key in memory, locking your vault.

2 Likes

Hello,

Same for me, each time I exit chrome the vault is locked, doesnt matter the option i put.

I’m on system lock or even timeout if I close chrome the vault will be lock.

Can u help on this ?

Chrome version
84.0.4147.125
Extension version :
1.45.0

hi @ash0x48 - that’s expected, since closing Chrome eliminates your encryption key being stored in memory.

mmmmh but I always close chrome to not use memory but i’m still here, is there a way to store the key outside the chrome memory?

Why there is an option system lock and an option browser restart then?

Thanks

2 Likes

Whilst I appreciate now that what I describe in my opening post is “expected behaviour”, I do think on balance this is shortcoming of BW.

I cannot imagine I am alone in wanting BW to remain unlocked whilst I use my computer, and to lock when the computer is locked, logged off or shutdown.

Furthermore, this is how I have LastPass working, so it’s disappointing I cannot replicate same with BW. Surely the encryption key could be stored somewhere in memory (not disk) to be re-used on reopening the browser during the same logged on session?

Perhaps this is a product enhancement which could be considered? FYI, the PIN lock/unlock option suggested really does not provide a viable alternative, since PIN unlock remains available even after system lock or logoff.

1 Like

I agree with @RonWeasley. I am also coming over from LastPass and really missing this functionality. Would be great if we had the option to stay logged in for the duration of the desktop session regardless of whether the browser is running or not.

Just to update the thread in case anyone is interested, I found a perfect solution to my challenge. There is a Chrome extension called “Lightning Reopen” which enables Chrome to keep running in the background after you close it with the “X” button. So when you reopen it again, BW is still unlocked! And when you log off, then BW is either locked or logged out, as per your BW preferences,

i.e. Perfect and exactly the behaviour required.

So my suggestion to BW is why not enable this as a BW feature? Chrome already has the capability of remaining running in the background after closing. (Settings > Advanced > System > Continue running…) It is a shame that I need to load another extension to make this work. BW could easily ask Chrome to keep running, and provide this as user-selectable option.

How about it BW?

2 Likes

+1 to @RonWeasley !
Same problem here, this option is necessary for users of the company where I’m working. Unfortunately without this I should delete BW from Edge Chromium.

@tgreer No changes planned?

It’s a great alternative!

RonWeasley

Brilliant! I have been getting so frustrated I have considered switching to something else.

Aggravating not getting clear direction from BW for questions like this. Of course they find the answers sooo obvious it must be another dumb user error.

A possible solution that occurred to me is to allow the browser to check if the Windows app is running and logged-in, and if so, allow the BW extension to login with the same credentials. Personally, I automatically (manually) open the BW app and login when I fire up my workstation in the morning. Many times I use BW to launch the site I want and complete the login process at the same time.

Again, brilliant! Thanks!

I’m not sure that is a fair comment. Bitwarden and their staff are not perfect, just like everything/everybody else, but I think that goes too ar.

BW

Perhaps my comment was too strong and I apologize.

RonWeasley

Unfortunately, Lightning ReOpen does not work for me.
Wondering how and where BW saves this in Windows when NEVER is selected.
Is it saved in encrypted format, embedded in some encrypted hard to find file?
Assuming your laptop is secured with a strong passphrase, is that good enough?

Thinking now about buying BlueTooth keychain dongle which locks and unlocks your laptop when you move out of range. (Like your car key fob does.)

The likelyhood of forgeting my laptop on the train is high but leaving behind my keys in addition is wicked low.

Peace,

Unfortunately, Lightning ReOpen does not work for me.

I don’t know why that should be? It works with Chrome, and works for me. Have you enabled Settings > Advanced > System > “Continue running background apps when Google Chrome is closed”?

RonWeasley,

That worked!

Thanks!