[PM-26115] Exiting the app doesn't lock the vault #2357

New Issue

Closed

opened 2025-11-26 23:16:40 -06:00 by GiteaMirror · 3 comments

GiteaMirror commented 2025-11-26 23:16:40 -06:00

Owner

Copy Link

Originally created by @jasttw on GitHub (Sep 23, 2025).

Steps To Reproduce

1. Install a recent bitwarden version (it wasn't like this before a recent update)
2. Exit the app from the menu
3. Confirm exiting the app
4. Open the app again before the timeout period

Expected Result

I would expect the vault to lock after explicitly exiting the app. Similar behaviour to windows app and probably every other app that ends the process when exiting

Actual Result

The app opens with the vault unlocked

Screenshots or Videos

No response

Additional Context

Currently, it gives a false impression of security when exiting and confirming exiting when all it does is just send the app to the background. It was locking with the old app, then stopped working when the app was rebuilt, then worked again, then stopped working in a recent update.

Build Version

2025.9.0 (20692)

What server are you connecting to?

US

Self-host Server Version

No response

Environment Details

Android on Samsung Galaxy

Issue Tracking Info

• I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

Originally created by @jasttw on GitHub (Sep 23, 2025). ### Steps To Reproduce 1. Install a recent bitwarden version (it wasn't like this before a recent update) 2. Exit the app from the menu 3. Confirm exiting the app 4. Open the app again before the timeout period ### Expected Result I would expect the vault to lock after explicitly exiting the app. Similar behaviour to windows app and probably every other app that ends the process when exiting ### Actual Result The app opens with the vault unlocked ### Screenshots or Videos _No response_ ### Additional Context Currently, it gives a false impression of security when exiting and confirming exiting when all it does is just send the app to the background. It was locking with the old app, then stopped working when the app was rebuilt, then worked again, then stopped working in a recent update. ### Build Version 2025.9.0 (20692) ### What server are you connecting to? US ### Self-host Server Version _No response_ ### Environment Details Android on Samsung Galaxy ### Issue Tracking Info - [x] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

GiteaMirror added the app:password-managerbug labels 2025-11-26 23:16:40 -06:00

GiteaMirror closed this issue 2025-11-26 23:16:40 -06:00

GiteaMirror commented 2025-11-26 23:16:41 -06:00

Author

Owner

Copy Link

@bitwarden-bot commented on GitHub (Sep 23, 2025):

Thank you for your report! We've added this to our internal board for review.
ID: PM-26115

@bitwarden-bot commented on GitHub (Sep 23, 2025): Thank you for your report! We've added this to our internal board for review. ID: PM-26115

GiteaMirror commented 2025-11-26 23:16:41 -06:00

Author

Owner

Copy Link

@cbw23 commented on GitHub (Sep 29, 2025):

Hi there,

Your issue appears to be describing the intended behavior of the software. If you want this to be changed, it would be a feature request. We recommend selecting "lock" to immediately lock your vault.

We use GitHub issues as a place to track bugs and other development related issues. The Bitwarden Community Forums has a Feature Requests section for submitting, voting for, and discussing requests like this one: https://community.bitwarden.com/c/feature-requests/

Please sign up on our forums (https://community.bitwarden.com/signup) and search to see if this request already exists. If so, you can vote for it and contribute to any discussions about it. If not, you can re-create the request there so that it can be properly tracked.

This issue will now be closed.

@cbw23 commented on GitHub (Sep 29, 2025): Hi there, Your issue appears to be describing the intended behavior of the software. If you want this to be changed, it would be a feature request. We recommend selecting "lock" to immediately lock your vault. We use GitHub issues as a place to track bugs and other development related issues. The Bitwarden Community Forums has a Feature Requests section for submitting, voting for, and discussing requests like this one: https://community.bitwarden.com/c/feature-requests/ Please sign up on our forums (https://community.bitwarden.com/signup) and search to see if this request already exists. If so, you can vote for it and contribute to any discussions about it. If not, you can re-create the request there so that it can be properly tracked. This issue will now be closed.

GiteaMirror commented 2025-11-26 23:16:41 -06:00

Author

Owner

Copy Link

@jasttw commented on GitHub (Sep 29, 2025):

Thank you @cbw23 for your response.

Can you please explain the rationale of calling it exit and require confirmation to exit when all it does is send the app to the background? I feel it provides a false sense of security.

On windows and Linux, exiting the app locks the vault. So I doubt this is the intended behavior.

Thanks again for your response and attention to the issue

@jasttw commented on GitHub (Sep 29, 2025): Thank you @cbw23 for your response. Can you please explain the rationale of calling it exit and require confirmation to exit when all it does is send the app to the background? I feel it provides a false sense of security. On windows and Linux, exiting the app locks the vault. So I doubt this is the intended behavior. Thanks again for your response and attention to the issue

GiteaMirror referenced this issue 2025-11-26 23:33:53 -06:00

[PR #2357] [MERGED] [SG-1056] Fix login prompt loop for added accounts #3521

GiteaMirror referenced this issue 2025-11-26 23:33:59 -06:00

[PR #2374] [MERGED] Bump version to 2023.2.0 #3529

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

gh-readonly-queue/main/pr-6618-6473d54f16ae71d459ce94d4a57b6d317031a18b

remove-remember-viewmodel

sdlc/sdk-update

update-protobufs

PM-33266-crashlytics-bug

PM-32123/cookie-sync-error-message

PM-29861-update-overflow-content-description

PM-33227/clear-cookies-debug-button

update-agp

PM-26059-remove-cipher-key-encryption-flag

PM-29871-external-links

PM-29673/flight-recorder-export-header-info

renovate/lock-file-maintenance

release/2026.3-rc48

PM-24380/flight-recorder-redact-hostname

release/2026.2-rc47

PM-32714/fallback-to-web-vault-host

pr-6572

PM-28834/setting-app-layout-horizonos

PM-26896-autofill-fix

vvolkgang/process-release-notes-v2

PM-26577-app-links-support

release/2026.2-rc46

release/2026.1-rc45

PM-30644/added-logs-for-debug

PM-30644/quicktile-nav-not-showing-migration

minor-gradle-updates

release/2026.1-rc42

release/2026.1-rc44

release/2026.1-rc43

PM-28834/set-landscape-on-horizonos-devices

context-rules

devclarity/update-code-review-command

PM-20026/force-ltr-passwords-and-codes

release/2025.12-rc41

cmcg/testCoverage

claude-skill/creating-feature-flags

PM-29014/talkback-support-for-passwords

release/2025.12-rc40

BRE-1305/publish_test

accept-user-certs

autofill-permissions

release/2025.11-rc39

PM-22479/check-all-certificates-validate-asset-links

release/2025.10-rc38

agalles/android-latest

optimize-test-workflows

tier2-test-sharding

retro-agent

PM-27001/skip-account-selection-only-one-exists-cxp

release/2025.10-rc37

agalles/test-1118

release/2025.10-rc36

PM-20593-token-refresh

QA-1126b/adding-native-sanity-test

release/2025.9-rc35

pm-25933/sdk-update-password

release/2025.9-rc34

release/2025.8-rc33

agalles/20250821-release

debug-release-issues

pm-24249-allow-automated-prs-for-sdk-updates

release/2025.8-rc32

release/WORKFLOW-TEST-2025.8-rc28

agalles/20250807release

release/2025.07-rc25

release/hotfix-v2025.7.0-bwa

pm-23311/export-vault-policy-bypass

release/2025.07-rc24

authenticator-pm-sync-flags-issue

ps/implement-sdk-repository-example

release/hotfix-v2025.6.0-bwpm

release/2025.06-rc21

agalles/automate-android-fastlane-patch

release/2025.05-rc20

release/2025.04-rc19

languages/basque

release/2025.03-rc19

update-readme

qrcode/feature

innovation/archive/pm-19153-archive-items

qrcode/2-ui-fields

qrcode/1-page

hold-on-biometric-prompt-alternative

release-notes-process

release/2025.02-rc16

bwa-monorepo

PM-8223/new-device-verification-ux-improvements

pm-18451/exempt-from-policies

test-bwa

cs-workaround-linked-0-copy

release/2025.01-rc15

release/2025.01-rc14

release/2024.12-rc13

pm-16670/sync-leave-notice

821

PM-16695/backport-lean-more-new-device-verification

km/15084-testing

release/hotfix-v2024.11.7

release/2024.11-rc1

pm-11304/collection-add-item-button

PM-14241/disabling-logs-app-crash

poc/offline-editing

new-version-calc

pm-11649/expired-link-services

pm-6702/add-feature-flag

pm-6702/email-verification-feature

pm-9933/marketing-copy-update

pm-6702/registration-flows

update-templates

pm-6701/email-verification-selfhost-registration

v2026.2.1-bwpm

v2026.2.1-bwa

v2026.2.0-bwpm

v2026.2.0-bwa

v2026.1.1-bwa

v2026.1.1-bwpm

temp-test

v2026.1.0-bwpm

v2026.1.0-bwa

v2025.12.1-bwa

v2025.12.1-bwpm

v2025.12.0-bwa

v2025.12.0-bwpm

v2025.11.1-bwpm

v2025.11.1-bwa

v2025.11.0-bwpm

v2025.11.0-bwa

v2025.10.1-bwa

v2025.10.1-bwpm

v2025.10.0-bwa

v2025.10.0-bwpm

v2025.9.1-bwa

v2025.9.1-bwpm

v2025.9.0-bwa

v2025.9.0-bwpm

v2025.8.1-bwa

v2025.8.1-bwpm

v2025.8.0-bwa

v2025.8.0-bwpm

v2025.7.2-bwa

v2025.7.2-bwpm

v2025.7.1-bwa

v2025.7.1-bwpm

v2025.7.0-bwa

v2025.7.0-bwpm

v2025.6.1-bwpm

v2025.6.0-bwa

v2025.6.0-bwpm

v2025.1.0-bwa

v2025.5.0-bwa

v2025.5.0-bwpm

v2025.5.999

2025.4.0

v2025.4.0

untagged-4731eaadac73f3dfbbb8

v2025.3.0

v2025.2.0

untagged-815a165c5d70ffe75bc7

v2025.1.2

v2025.1.1

v2025.1.0

v2024.12.0

untagged-5a76b6392a4c8998c63a

v2024.11.7

v2024.11.6

v2024.11.5

v2024.11.4

v2024.11.3

v2024.11.2

v2024.11.1

v2024.11.0

v2024.10.2

v2024.10.1

v2024.10.0

v2024.9.0

v2024.8.1

v2024.8.0

v2024.7.3

v2024.7.2

v2024.7.1

v2024.7.0

v2024.6.1

v2024.6.0

v2024.5.1

v2024.4.1

v2024.4.2

v2024.4.0

v2024.3.3

v2024.3.1

v2024.3.0

v2024.2.1

v2024.2.0

v2024.1.1

v2024.1.0

v2023.12.0

v2023.10.0

v2023.9.2

maui-single-project-android

v2023.9.1

v2023.9.0

v2023.8.0

v2023.7.0

v2023.5.0

v2023.4.0

v2023.3.2

v2023.3.1

v2023.3.0

v2023.2.0

v2023.1.0

v2022.11.0

v2022.10.0

v2022.9.1

v2022.9.0

v2022.8.0

v2022.6.2

v2022.6.1

v2022.6.0

v2022.05.0

v2.18.0

v2.17.0

v2.16.4

v2.16.3

v2.16.2

v2.16.1

v2.15.0

v2.14.2

v2.14.1

v2.14.0

v2.13.0

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.0

v2.9.1

v2.9.0

v2.8.2

v2.8.1

v2.8.0

v2.7.2

v2.7.0

v2.6.1

v2.6.0

v2.5.6

v.2.5.5

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.1

v2.3.0

v2.2.8

v2.2.7

v2.2.6

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.0

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.22.1

v1.22.0

v1.21.0

v1.20.0

v1.19.0

v1.18.1

v1.18.0

v1.17.0

v1.16.0

v1.15.2

v1.15.1

v1.15.0

v1.14.4

v1.14.1

v1.14.0

v1.13.0

v1.12.2

v1.12.1

v1.12.0

v1.11.1

v1.11.0

v1.10.0

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.5

v1.6.1

v1.6.0

v1.5.1

v1.5.0

v1.4.4

v1.4.3

v1.4.0

v1.3.0

v1.2.1

v1.2.0

v1.1.0

v1.0.0

v0.0.6

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels

app:authenticator

app:password-manager

bug

bug-passkey

customer-support

duplicate

enhancement

good first issue

help wanted

needs-reply

needs-response

pull-request

Mirrored from GitHub Pull Request

question

No Label app:password-manager bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/android#2357