Vault timeout option not respected on iOS

[3JRok3qBTRjKvEhxtgv3R0E9sDwYkY1t1mF5Ai1]

Steps To Reproduce

• Set "Vault timeout" to "Never".
• Quit Bitwarden from the App Switcher.
• Visit site and log in.
• Get prompted for master password.

Expected Result

Bitwarden would respect the Vault Timeout setting.

Actual Result

Bitwarden ignores Vault Timeout and prompts for master password for all interactions.

Screenshots or Videos

No response

Additional Context

No response

Operating System

iOS

Operating System Version

16.6.1

Device

iPhone SE 2020

Build Version

2023.9.1

Beta

• [ ] Using a pre-release version of the application.

[0ZAVh444t2IO0ICOgYfNzKI0cQYe0cYz6l8Gaza]

Yeah @justindbaur why wait all the way to the end of the month for a fix that could be implemented in less than a day? Seems pretty clear this is greatly inconveniencing people. It's not a feature, it's a fix to bug that has been unresolved for a month..

[djsmith85]

Closing this now.

As previously mentioned a fix will be included in the upcoming 2023.10-release, which is currently targeted to be released next week.

[m0zjW07bSdk8h0msKbuJPPG7emv1gvdaap6NHJL]

Just curious as what happens/happened to passwords of new accounts (on websites/apps we browsed, vault locked) created while this bug is/was present? Not remembered and lost forever?

[gJlNqJ7hVKvo43STLt5Z6tNnukcOectGCkr1zF5]

Well a fix was supposed to be out the end of October with 2023.10 . Well today is the end of October and still no fix. What gives ? Am I going to have to move to another password manager again ?

[0ZAVh444t2IO0ICOgYfNzKI0cQYe0cYz6l8Gaza]

In my opinion, they're probably working on it and will release within a few days, probably first week of November.

However, I just don't understand why wait & put such a prevalent bug fix in a major release. It's a bug that is clearly impacting several people. Seems like it would make more sense to just release the bug fix ahead of the release.

Love the open source part of Bitwarden, but in terms of improving customer satisfaction there could definitely be more transparency to do with the bug and feature request process. It seems status updates are seldom in bug reports and feature requests, and it can be very frustrating seeing how slow things move.

Just trying to explain what I think could be done better. No disrespect meant towards the Bitwarden team.

[umrTzdU8mXou25Bobxbw98zjVg897Q10F39rJ6Y]

@Voykimmer

Well a fix was supposed to be out the end of October with 2023.10 . Well today is the end of October and still no fix. What gives ? Am I going to have to move to another password manager again ?

@wnelson03

just don't understand why wait & put such a prevalent bug fix in a major release.

The release process is more than just merging a fix PR and running a build. There are multiple engineering teams involved, multiple platforms (Safari/Chrome/Firefox x iOS/Windows x Desktop/Mobile, etc), and multiple AppStores (Google Play, AppStore, etc), marketing, coms, etc that all need to be coordinated.

[0ZAVh444t2IO0ICOgYfNzKI0cQYe0cYz6l8Gaza]

The release process is more than just merging a fix PR and running a build. There are multiple engineering teams involved, multiple platforms (Safari/Chrome/Firefox x iOS/Windows x Desktop/Mobile, etc), and multiple AppStores (Google Play, AppStore, etc), marketing, coms, etc that all need to be coordinated.

@0xadada I get that, though they're intentionally holding off on the production release of the bug fix until they have finished other features and likely less important bugs. This bug report has been open for 1+ month(s), rolling out solely a bug fix does not take 1 month.

So yes, I understand why a whole release in its entirety would take a while. I wish they spent more time testing their last release so this bug didn't even get introduced. However, once you have a bug that is showing to affect several dozens of people on Reddit & GitHub, it seems to make sense to roll that out on its own rather than waiting until the next big release.

[kBhNWxrhwng8b5bHzgY6gMi0uckf4V7bHG6Mrsp]

I just don't understand why wait & put such a prevalent bug fix in a major release.

Because usually when developers fix a bug, they will first implement the fix at the current developing branch. That fix usually can't be simply copy-pasted to older releases because there are code differences between them. Only when an issue is serious enough or the developing force is just too rich will it be back-ported to a previous release, and effectively doubles the time needed for Quality Assessment.

Just for the reference, here is an even more annoying Firefox bug currently in Firefox 119 release, but Mozilla didn't choose to back-port the fix to 119, either.

[0ZAVh444t2IO0ICOgYfNzKI0cQYe0cYz6l8Gaza]

Just for the reference, here is an even more annoying Firefox bug currently in Firefox 119 release, but Mozilla didn't choose to back-port the fix to 119, either.

This is an important usability issue that has impacted dozens of people here and on Reddit. Sure, it might be somewhat of an inconvenience to have to separately merge in code to fix a bug, though this bug is entirely dependent on Bitwarden publishing a release without enough testing. Not a user error or something that can really be fixed by a user behavior.

I'm not sure how you could say that Firefox bug is "even more annoying". It looks to me to be a minor appearance flaw. And Mozilla might not even be entirely responsible. That Tesla website in the GitHub issue is probably at fault for setting a custom HTML background rather than letting the browser default take precedence. Not sure though. Regardless, you're comparing an issue with Bitwarden that at best case wastes a lot of time when we're out somewhere needing to login to a website quickly, and at worse case could cause someone to not be able to access their account at all for the moment if they don't remember their entire passphrase if it's very long.

Comparing that to Firefox showing a color you don't particularly like.. Apples to Oranges.

[kBhNWxrhwng8b5bHzgY6gMi0uckf4V7bHG6Mrsp]

The annoyance of the white flash even with dark reader and dark theme is described in this thread https://github.com/darkreader/darkreader/issues/11190#issuecomment-1737877948

[0ZAVh444t2IO0ICOgYfNzKI0cQYe0cYz6l8Gaza]

The annoyance of the white flash even with dark reader and dark theme is described in this thread darkreader/darkreader#11190 (comment)

Yeah you're seriously comparing getting logged out after every single unlock to an undesirable color on your screen..

The open-source side of Bitwarden is awesome. But that doesn't mean they're a super small company. In case you aren't aware, Bitwarden is a very large company with supposedly 108 employees. They've also raised $100 million in funding from just one funding round.

So, they certainly have the resources to respond quicker, have people that provide the customers with status updates, and people who get paid to deal with the inconvenience of separately merging code to fix a problem they created themselves.

I just haven't quite been satisfied with:

1) The long duration of time it takes for a reported bug or feature request to be completed 2) The lack of status updates given to the customers in between the time the bug report or feature request was made

I understand that the subscription isn't pricey at all and that they probably make most of their money from enterprise business customers and must delegate the majority of their resources to that. But c'mon it has taken notifying 4-5 Bitwarden employees on Pull Requests before there is ever a response from one of them. It's very frustrating and kind of diminishes the point of making pull requests or other contributions knowing that they sit in limbo for months, sometimes years with some of the Pull Requests I've seen before getting merged.

[SG2miaypK6S8MjNlZTElEujllRbBzfyiK0VSZHx]

2023.10.0 release hasn't fixed. this issue when using auto fill feature, it asks to enter master password every time. iOS 16.7.2

[0ZAVh444t2IO0ICOgYfNzKI0cQYe0cYz6l8Gaza]

2023.10.0 release hasn't fixed. this issue when using auto fill feature, it asks to enter master password every time. iOS 16.7.2

So far working well for me. It seems that it reset my vault timeout settings for some reason though. So you should probably go into the Bitwarden app, go to settings tab, and set vault timeout to Never. Then it worked.

[KtNg6w7WcAU6vkVxAsYEbnMAkZs41FCN0PZjnD4]

Not updated for Android yet. Reminder to check each place you have Bitwarden: extensions on each browser, app on phone.

[MIe1vsFM9mIPHCDGQVkBaEZWCKiqB571Thotpy4]

when will the android version be out?

[0ZAVh444t2IO0ICOgYfNzKI0cQYe0cYz6l8Gaza]

@andreacpowers @sinamics Google may still be reviewing the play store release.

"App review times may fluctuate, and may take 7 days or longer in exceptional cases" https://support.google.com/googleplay/android-developer/thread/207283574/the-app-is-taking-long-time-in-review?hl=en

Strange thing is that the Play store website shows that it was updated yesterday on November 1st but then the version is still outdated. Perhaps that means the release was submitted for review yesterday but it will stay on the old version until the employees at Google approve the release of the new version.

[gJlNqJ7hVKvo43STLt5Z6tNnukcOectGCkr1zF5]

my iPad and iPhone still at Version: 2023.9.2 (5102) and no update available yet and Bitwarden is still broken.

[0ZAVh444t2IO0ICOgYfNzKI0cQYe0cYz6l8Gaza]

my iPad and iPhone still at Version: 2023.9.2 (5102) and no update available yet and Bitwarden is still broken.

Interesting, I'm on iOS 16.6.1 with iPhone 13 and I saw the Update button in the app store and updated. Then I had to change vault timeout to Never again since for some reason that setting was reset. Then it worked.

[gJlNqJ7hVKvo43STLt5Z6tNnukcOectGCkr1zF5]

I’m at IOS 16.7.2 on both my iPhone 8 and my iPad (6th generation) and no update has been pushed to either yet .

[SG2miaypK6S8MjNlZTElEujllRbBzfyiK0VSZHx]

video proof

[RX5ulL6nKunJz88UkudvsdCkM5jkiNQA74LKKeP]

video proof

Can you turn off the option “ unlock with Face ID” and keep vault time out set to never again.

My issue has been resolved.

[n87KPKkoKxYxwrVWqhVzfnFZXYlS9uXHPmdLL2Z]

Update to 2023.10.0 fixed the issue for me on Android 5.1

Thanks Devs

[gJlNqJ7hVKvo43STLt5Z6tNnukcOectGCkr1zF5]

I deleted the Bitwarden app and downloaded and reinstalled from the App Store and I got 2023-10 and now everything works great. You do have to go in the settings and change timeout to never again tho.

[m0zjW07bSdk8h0msKbuJPPG7emv1gvdaap6NHJL]

No update if you are an Android beta tester. Beta update arrived 2023/11/09 . Good.

[zkne5IrkLVMQHKaeWqr5nrS1H3MXcLNxgxKTz5q]

Fixed as of yesterday on Android.

[cFatC9VJjevFaSeTiVydTmKg2cnwCnIOlOxhFYs]

This issue has been bugging me for quite a while now, happy to report both opening the app AND autofill behaviour returned to normal. but I had to disable Unlock with Face ID in order for vault timeout option to be respected. Perhaps the toggle should be disabled when the timeout is set to Never?

[8hFfOSdBGJ8olH5VjAJ3EQet2sY3pNlgU92ROnT]

This is still occurring for me with 2023.10.0 on Android. I completely uninstalled the app to be sure there were no old configurations messing it up. The frequency of needing to unlock has decreased but I still see it at least once a day. Should I report this as a new bug or continue investigating/providing logs here?

[kBhNWxrhwng8b5bHzgY6gMi0uckf4V7bHG6Mrsp]

This is still occurring for me with 2023.10.0 on Android. I completely uninstalled the app to be sure there were no old configurations messing it up. The frequency of needing to unlock has decreased but I still see it at least once a day. Should I report this as a new bug or continue investigating/providing logs here?

Turn off biometric unlock and try again.

[8hFfOSdBGJ8olH5VjAJ3EQet2sY3pNlgU92ROnT]

This is still occurring for me with 2023.10.0 on Android. I completely uninstalled the app to be sure there were no old configurations messing it up. The frequency of needing to unlock has decreased but I still see it at least once a day. Should I report this as a new bug or continue investigating/providing logs here?

Turn off biometric unlock and try again.

Thanks for tip! I guess that follows the same mechanism as the noted Face ID comment above mine. Just disabled the biometric unlock - will see how it goes 🤞.