github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-05-11 10:54:26 -05:00
Code Issues 1.1k Packages Projects Releases 124 Wiki Activity

[GH-ISSUE #2445] [Bug] Bitwarden autofills passwords after "Vault timeout" expires #38592

New Issue
Closed
opened 2026-04-23 16:36:16 -05:00 by GiteaMirror · 3 comments
GiteaMirror commented 2026-04-23 16:36:16 -05:00
Owner
Copy Link

Originally created by @MahdiNazemi on GitHub (Mar 25, 2023).
Original GitHub issue: https://github.com/bitwarden/android/issues/2445

Steps To Reproduce

  1. Set "Vault timeout" to "4 hours"
  2. Set "Vault timeout action" to "Log out"
  3. Set "Unlock with Face ID" to "On"
  4. Use password autofill in an app
  5. Wait for the "Vault timeout" to expire
  6. Use password autofill in an app

Expected Result

Bitwarden is expected to ask for the master password and TOTP key.

Actual Result

While using the Priority Pass app, Bitwarden showed a number of autocomplete options and filled in my password. It did not ask me to log in to Bitwarden although my last login was the day before.

I was surprised to see this behavior, so I immediately opened Bitwarden. I was then asked to log in to unlock my vault.

Screenshots or Videos

No response

Additional Context

No response

Operating System

iOS

Operating System Version

16.3.1

Device

iPhone XS

Build Version

2023.3.1

Beta

  • Using a pre-release version of the application.
Originally created by @MahdiNazemi on GitHub (Mar 25, 2023). Original GitHub issue: https://github.com/bitwarden/android/issues/2445 ### Steps To Reproduce 1. Set "Vault timeout" to "4 hours" 2. Set "Vault timeout action" to "Log out" 3. Set "Unlock with Face ID" to "On" 4. Use password autofill in an app 5. Wait for the "Vault timeout" to expire 6. Use password autofill in an app ### Expected Result Bitwarden is expected to ask for the master password and TOTP key. ### Actual Result While using the Priority Pass app, Bitwarden showed a number of autocomplete options and filled in my password. It did not ask me to log in to Bitwarden although my last login was the day before. I was surprised to see this behavior, so I immediately opened Bitwarden. I was then asked to log in to unlock my vault. ### Screenshots or Videos _No response_ ### Additional Context _No response_ ### Operating System iOS ### Operating System Version 16.3.1 ### Device iPhone XS ### Build Version 2023.3.1 ### Beta - [ ] Using a pre-release version of the application.
GiteaMirror added the bug label 2026-04-23 16:36:16 -05:00
GiteaMirror commented 2026-04-23 16:36:17 -05:00
Author
Owner
Copy Link

@SergeantConfused commented on GitHub (Mar 27, 2023):

Hi @MahdiNazemi,

Thank you for your report. I attempted to reproduce your issue and was unable to do so. I tested this on iOS 16.3.1 with Bitwarden 2023.3.1, with the Vault Timeout set to 5 minutes; Once 5 minutes passed, I was asked to log into the account whilst attempting to perform Auto-Fill or when opening the Bitwarden client. I would recommend that you start with a fresh installation; Please uninstall Bitwarden off your iOS device, turn your device off (long press) and back on, install Bitwarden anew from the Apple App Store, and test that once more.

If this persists, please write us back using our contact form, so we can continue troubleshooting: https://bitwarden.com/contact/ and you can include a link to this issue in the body of your message.

Alternatively, you can get assistance from other Bitwarden users on our community forums (https://community.bitwarden.com/c/support/).

We use GitHub issues as a place to track bugs and other development related issues; This issue will be now closed.

Thank you again,

<!-- gh-comment-id:1485045096 --> @SergeantConfused commented on GitHub (Mar 27, 2023): Hi @MahdiNazemi, Thank you for your report. I attempted to reproduce your issue and was unable to do so. I tested this on iOS 16.3.1 with Bitwarden 2023.3.1, with the Vault Timeout set to 5 minutes; Once 5 minutes passed, I was asked to log into the account whilst attempting to perform Auto-Fill or when opening the Bitwarden client. I would recommend that you start with a fresh installation; Please uninstall Bitwarden off your iOS device, turn your device off (long press) and back on, install Bitwarden anew from the Apple App Store, and test that once more. If this persists, please write us back using our contact form, so we can continue troubleshooting: https://bitwarden.com/contact/ and you can include a link to this issue in the body of your message. Alternatively, you can get assistance from other Bitwarden users on our community forums (https://community.bitwarden.com/c/support/). We use GitHub issues as a place to track bugs and other development related issues; This issue will be now closed. Thank you again,
GiteaMirror commented 2026-04-23 16:36:17 -05:00
Author
Owner
Copy Link

@MahdiNazemi commented on GitHub (Apr 17, 2023):

@SergeantConfused, I faced this bug again when I was trying to autofill in Safari. I will try to take screenshots next time to share them with your support team.

This bug essentially allows access to the vault when access should be denied.

<!-- gh-comment-id:1511737786 --> @MahdiNazemi commented on GitHub (Apr 17, 2023): @SergeantConfused, I faced this bug again when I was trying to autofill in Safari. I will try to take screenshots next time to share them with your support team. This bug essentially allows access to the vault when access should be denied.
GiteaMirror commented 2026-04-23 16:36:18 -05:00
Author
Owner
Copy Link

@MahdiNazemi commented on GitHub (Sep 21, 2023):

I have encountered this bug repeatedly since installing Bitwarden. I am uncertain as to what distinguishes my configuration from yours, resulting in this problem.

@SergeantConfused, Is there a way to log the app's behavior to help identify the issue and fix it? Can you retry with 4 hours please?

I suspect that the majority of users opt for the "lock vault on timeout" option instead of the "log out" option, hence explaining the scarcity of individuals experiencing this issue.

<!-- gh-comment-id:1729914455 --> @MahdiNazemi commented on GitHub (Sep 21, 2023): I have encountered this bug repeatedly since installing Bitwarden. I am uncertain as to what distinguishes my configuration from yours, resulting in this problem. @SergeantConfused, Is there a way to log the app's behavior to help identify the issue and fix it? Can you retry with 4 hours please? I suspect that the majority of users opt for the "lock vault on timeout" option instead of the "log out" option, hence explaining the scarcity of individuals experiencing this issue.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#38592
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?