search

bitwarden / mobile

Retired Bitwarden mobile app for iOS and Android (MAUI/Xamarin).
https://bitwarden.com
GNU General Public License v3.0
123 stars 19 forks source link

Option to bypass app lock in specific case #903

Closed SyjljWQFgOIzW4SEV90kdTEEBoNLvKelMNWIjuB closed 4 years ago

SyjljWQFgOIzW4SEV90kdTEEBoNLvKelMNWIjuB commented 4 years ago

Describe the Bug

I found option how to bypass app lock to get credentials in specific case

Steps To Reproduce

  1. Open app with immediately lock time option (it's the easiest way to reproduce and see bug)
  2. Scroll to any list of entries (you should see 3 dots on the right)
  3. Click on 3 dots to see window with options like view, edit, copy username etc.
  4. Lock and unlock phone
  5. Options to copy username, password, OTP code etc work. This window is above app lock screen.

    Expected Result

    App should be locked. I should't see window to manage entry.

    Actual Result

    I can copy username, password, TOTP code, card number, CCV code or note of entry

    Environment

    • Device: OnePlus 5T
    • Operating system: Android 9
    • Build Version: 2.3.1 (2257)
    • Is this a Beta release? No
pPmnBRRYhIemiuiy3VBYULJIzQyZaEvWMbCPH1P commented 4 years ago

@mportune-bw didn't we address something similar to this in a recent fix that was mentioning iOS?

mpbw2 commented 4 years ago

Fixed in #857 and available in beta