Why does cloud BW require me to unlock BW vault if it's already open in another tab of same browser?

and I have the custom timeout set to 72 hours?

I get this behavior on Chrome beta, Edge beta on Win 11 standard release and early release. Several different PC’s.

Have cleared everything from each of the browsers on each machine. Rebooted.

1 Like

Not entirely sure with this one, but I would imagine it is a browser level security feature to not allow sharing of memory resources between tabs, or it could be how Bitwarden is coded.

Similarly to how if you had installed a malicious extension or visited a sketchy website, you wouldn’t want this to be able to read data from your password manager.
So I would imagine trying to share the Vault encryption key in memory would be something difficult/near impossible to do securely.

1 Like

The web interface is counted as a different device, I believe. This is probably for security reasons.

Why not install the browser extension instead of using he web vault? Then you just need to unlock once, and the vault will be available in all browser tabs (and even in different browser windows).

After someone else on this site explained to me how to change the settings for each browser extension, for each windows pc, I set timeout to “never” because they’re all secure desktop pcs with other security.

That reduced need to enter my master pw by about 90 pct.

Don’t understand what the extension setting for “Unlock with PIN” does, because when I have to lock seems I still have to input my master pw.

(I have the other PIN setting Vault timeout action

Unlock with PIN and input a PIN.

Does that PIN get wiped out every time I logout?

Should i uncheck “Lock w master pw on browser restart” or is that redundant

Regardless, I’m never getting prompted to input the PIN I input. Prompted for master pw.

Yes, the PIN is reset every time you log out. Most users stay logged in all the time, and just use vault locking to secure their passwords.

That is up to you. If you never want to type in your master password and just use your PIN, then you should disable it. Some people prefer to keep it checked, to provide additional security, or just to ensure that they will remember their master password by having to type it in at least once a day.

got it. I’ll ignore that kinda useless setting and just input my master pw when needed. Thank you.