Vault Timeout to "Never" + Biometrics = always locks itself after closing the browser

What happens with biometrics disabled:

  1. Set Vault Timeout to “Never”.
  2. Reboot the browser.
  3. Bitwarden is unlocked. :tada:

What happens with biometrics enabled:

  1. Set Vault Timeout to “Never”
  2. Tick to enable unlock with biometrics.
  3. Reboot the browser.
  4. Bitwarden is locked. :x:

The Bitwarden Help Vault Timeout explanation does not mention any conditions on biometrics. Notably, this warning below is 100% incorrect, as ticking “never” + disabling biometrics allows Bitwarden to remain unlocked even after browser restarts.

Regardless of Vault Timeout settings, closing the Browser or Browser Tab will end your Web Vault or Browser Extension session, meaning you’ll be required to log in to access your Vault.

Why does enabling biometrics change any of this? Bitwarden’s Vault Timeout settings are likely one of the most confusing settings throughout the extension and I’ve been using Bitwarden for 24+ months.

What exactly is happening and, well, I’d also like to ask why does Bitwarden offer options that either are incompatible and/or don’t work?

I don’t have biometrics so I can’t verify, but it’s likely that since you have biometrics, you could just unlock with a touch of sensor so the never settings is disabled.

You’ve described what happens, but does Bitwarden allow incompatible options? That is, how are users to understand, “Ah, so combination A+B+Z will work, but not combination A+B+C” in terms of toggles / settings / preferences?

If Bitwarden has backend limitations, then the UI / Help article should probably note the limitations at the minimum, if not disable / gray them out.

The use case (i.e., why have it unlock with biometrics if it’s set to never lock) is more geared once…

Require master password “re-prompt” for some items - Feature Requests - Bitwarden Community Forums

…finally ships.

This could be relevant: I found the same exact behavior on the Android mobile app.