Maybe I misunderstood something but for some reason the web vault locks my account immediately and every time on browser refresh. This happens even though I have selected “1 hour” as the setting for Vault Timeout. And the selected Vault Timeout action is “Lock”.
This is on Chrome 86/macOS.
I’ve actually noticed that the Android app keeps locking my account, no matter what settings I use. I’ve even tried “Never” just as a test but it’s still locked almost every time I try to autofill in a browser.
Still not working. Does not work if I disable adblocker. Behaves the same on Firefox too. So is it intentional that:
No matter what settings you have, the web vault will always lock on browser refresh and requires entering the master password?
The web vault locks automatically on refresh even if the timeout is set.
The desktop client does not lock itself even after refreshing it. (Timeout set to never)
So this should be bug.
@tgreer can you confirm this?
If this is a bug, file an issue on
Edit:
When never is set for the timeout in the desktop app, the vault is not locked on refresh. But if a time like 30 minutes is set, the vault willl automatically lock itself on refresh Ctrl+Shift+ R
The web vault doesn’t have a never option for timeout. If a time value is set, the vault will automatically lock on browser refresh.
Not a bug, fortunately. When you select “never” for the desktop app / browser extension, your key is written to disk, and can thus be retrieved, and your vault stays unlocked.
The web vault doesn’t write the key to disk (hence no “never” option) and refreshing the vault via the browser refresh button will indeed trigger a lock. Navigating through the web vault will refresh the data when you change tabs/pages.
- Lock (default).Locking your Vault will maintain Vault data on the device. You will only be prompted to enter your Master Password to decrypt your Vault, however no Two-step Login method will be required to unlock your Vault.Bitwarden client applications don’t need to be online to unlock.
https://bitwarden.com/help/article/vault-timeout/#vault-timeout-action
I think this article should be updated.
Using the Android app, it locks very quickly no matter what timeout settings I have. It’s quite frustrating!
That’s really weird. I have no problem with my app. I just tried it out.
Device specifications?
One more thing.
Try restarting your device
or
Rollback to the previous version of the app and see if the problem is still there.
I’m currently using a Pixel 4a running the latest official Android 11 release. Prior to this, I had a Pixel 3 XL for around 2 years, always running the latest Android OS. I had exactly the same issues on that device.
I have tried disabling battery optimisation to make sure the app doesn’t keep getting closed. I’ve tried setting different timeout lengths, including “on app restart” and “never”. Still, almost every time I try to enter a password, I’m taken to the app to unlock it with my fingerprint before I’m presented with a list of available passwords.
I don’t know if it’s a totally unrelated issue but I also find that, quite often, I won’t get a Bitwarden popup using Chrome on Android. I have to open the app, search for the site in question and manually copy and paste the password. This isn’t as big a problem on Firefox for Android, though I occasionally see this behaviour. Using the addon for Firefox is much more reliable.
File an issue on Github. Someone will help you there. I don’t know any solution.
@danmullen very strange indeed! Github is for sure the best place for us to collect information and track with engineering.
@vachan fair point, article update with a note about the web vault will be out shortly.