bitwarden / ios

Bitwarden mobile app for iOS.
https://bitwarden.com
GNU General Public License v3.0
223 stars 28 forks source link

Autofill with Face ID not working #820

Open cronhan opened 3 months ago

cronhan commented 3 months ago

Bitwarden Beta

Steps To Reproduce

  1. Go to (iOS) Settings -> Passwords -> Password Options
  2. Try to change "autofill provider" from Legacy Bitwarden (working) to Beta Bitwarden
  3. Observe that, unlike legacy Bitwarden, Face ID unlock is not "triggered" and I am presented with my master password dialog. Entering my master password here gives a "unlocking may fail" message even mentioning I should use Face ID (which works fine when just opening the beta App)
  4. Go to another app and try to use autofill -> master password prompt and nothing is filled in.
  5. Setting it back to legacy Bitwarden unlocks with Face ID and everything works again.

Now, after some digging I found that my Argon2id settings may be a bit excessive (128MB/4/4) and after reducing them to 64/4/4 I got it working, however these work fine with the legacy app, so I guess it should be possible to support that?

Expected Result

Autofill should work with the same KDF settings as the legacy application.

Actual Result

I had to halve my KDF memory to get it working properly. Note that it is only autofill that is affected, normal app operation is fine.

Screenshots or Videos

No response

Additional Context

No response

Build Version

2024.8.0 (284)

Environment Details

Issue Tracking Info

grandpares commented 3 months ago

Face ID issue also present when PBKDF2 is used (600000 iterations), however entering master password or PIN allows autofill

Krychaz commented 3 months ago

Hi there,

Thank you for your report!

I was able to reproduce this issue, and I have flagged this to our engineering team.

If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time - our engineering team will be happy to review these.

Thanks once again!

cronhan commented 3 months ago

I don't have anything to add, but please feel free to ask if you need any more information 😊

Nicnl commented 2 months ago

The official stable app was just released worldwide in the AppStore.
Mine was updated to 2024.8.1 (1052), and this issue is still present.

It's a PITA because some websites separates the email and password in two different steps.
It means that I have to type my long master password two times, one for auto-filling the email, and one for auto-filling the password.

Why did you release it worldwide on the AppStore, while those known bugs are still not fixed???

mlnbk commented 2 months ago

Same issue a month later, autofill doesn't work with Face ID, each time master password is required. Version: 2024.8.1 (1052) Phone: iPhone 12 iOS: 16.6