Browser: Vault unlock via masterpassword not working

Same for Chrome.

• Operating system: MacOS 10.15.7
• Browser: Google Chrome 86.0.4240.193 (Official Build) (x86_64)
• Build Version : 1.46.2

Same for Firefox on Windows 10.

• Operating System: Windows 10 Version 10.0.19042 Build 19042
• Browser: Firefox 82.0.3 (64-Bit)
• Build Version: 1.46.2

Can confirm this in Windows 10 as well for:

• Edge (Extension version 1.47.0)
• Chrome (Extension version 1.47.0)
• Firefox (Extension version 1.46.2)

I started noticing it after switching Vault Timeout to "On System Lock", but the Firefox extension doesn't seem to support this setting, and I'm seeing it in Firefox too when using "On Browser Restart".

I am seeing this as well on

• MacOs 10.15.7
• Firefox 82.0.3
• Bitwarden Plugin version: Version: 1.46.2

same here, Firefox 85.01a - Bitwarden extension 1.47.0

except it’s never working, I have to log out and log in again every time, unlock never accepts the password

Yeah, mine's switched from occasionally to every time as well (or maybe I'm just more annoyed as time goes on)

Hello, the same issue here. I have extension in Edge (chromium), Chrome, Opera and everywhere the same behaviour as described above. I have to log off and log in every time. Could it be a server problem or is there an error in the extension?

mine's switched from occasionally to every time as well

It was every time right from the beginning. Every single screen lock -.-

Could it be a server problem or is there an error in the extension?

I'm running my own server and the broken behaviour started right with the extension update.
Same setup on another Mac with an older extension was not affected .. until I updated the extension, too.

I'd say that's an extension bug.

I'm running my own server and the broken behaviour started right with the extension update.
Same setup on another Mac with an older extension was not affected .. until I updated the extension, too

Agreed, I am running my own server as well and am experiencing this issue without rolling out any updates to my server instance

I'm running my own server and the broken behaviour started right with the extension update.
Same setup on another Mac with an older extension was not affected .. until I updated the extension, too

Agreed, I am running my own server as well and am experiencing this issue without rolling out any updates to my server instance

Same here

@Chetic Dito

+1

Opera (72.0.3815.378) and Bitwarden extension (1.46.2) force me to log off.

Edge (87.0.664.47) with Bitwarden extension (1.47.0) is working as expected.

Google Chrome Version 87.0.4280.67 (Official Build) (x86_64) with Bitwarden extension version: 1.47.0 on macOS BigSur Version 11.0.1 still forces me to log off.

Bug persists with Extension 1.47.0

I can confirm this Problem on following Platforms:

• Firefox 84 on Windows
• Firefox 84 on Linux
• Google Chrome 87 on Linux

This bug makes the extension so much less convenient to the point where I just use the Bitwarden webapp because it takes less time.

If any of you are running my old Rubywarden server, I've fixed/worked around this in a commit just now.

I found the problem to be that upon logging in, the browser extension stored a null KDF iteration count, so once locked, LockComponent called cryptoService.makeKey with a null kdfIterations which then ends up using the old default of 5,000 which is not correct for most accounts (which use the new default of 100,000). Rubywarden was already supplying the KDF type and iterations in the prelogin API request, which has worked for the browser extension until recently (and appears to still satisfy the macOS desktop client).

The fix for Rubywarden was to return Kdf and KdfIterations in the login response so that they are stored properly by UserService. bitwarden_rs appears to also do this since August.

If any of you are running my old Rubywarden server, I've fixed/worked around this in a commit just now.

I found the problem to be that upon logging in, the browser extension stored a null KDF iteration count, so once locked, LockComponent called cryptoService.makeKey with a null kdfIterations which then ends up using the old default of 5,000 which is not correct for most accounts (which use the new default of 100,000). Rubywarden was already supplying the KDF type and iterations in the prelogin API request, which has worked for the browser extension until recently (and appears to still satisfy the macOS desktop client).

The fix for Rubywarden was to return Kdf and KdfIterations in the login response so that they are stored properly by UserService. bitwarden_rs appears to also do this since August.

I'm running bitwardenrs on my Raspberry Pi 4. Turns out in my case I was pointing to an old Docker project "mprasil/bitwarden:raspberry" which has been moved to "bitwardenrs/server:raspberry" which in its turn is now part of "bitwardenrs/server:latest". Maybe this helps someone else in my seat.

So now I'm running the latest bitwardenrs (1.17.0) and I still have the same problem. The error message is so instant it would surprise me if it's a problem with the server and not the extension.
Edit: Hang on! After restarting the browser, logging out and in of the extension and then lock it, it does seem like I can type my password right away! Problem solved?

Hi all,

This issue, as described by Joshua above (https://github.com/bitwarden/browser/issues/1456#issuecomment-749255136) is due to older server versions or alternate servers which were not up to date with client expectations, including the browser extension. If you are still experiencing this issue please update to the latest version of your server and it should resolve it. If you are using an alternate server and still running into issues please contact that alternate server repo's owner and open an issue accordingly there.

Closing this issue.