Password Generator - Capitalize and Include number grayed out and disabled.

[monteroman]

Subject of the issue

Using the Windows Bitwarden client (v 2024.1.0) to talk to Vaultwarden, when you use View > Generator some options are grayed out. It is also happening on the WebUI and Browser Extensions.

Deployment environment

• Vaultwarden version: v1.30.2
• Web-vault version: v2024.1.2
• OS/Arch: linux/x86_64
• Running within Docker: true (Base: Debian)
• Environment settings overridden: true
• Uses a reverse proxy: false
• Internet access: true
• Internet access via a proxy: false
• DNS Check: true
• Browser/Server Time Check: true
• Server/NTP Time Check: true
• Domain Configuration Check: true
• HTTPS Check: true
• Database type: SQLite
• Database version: 3.44.0
• Clients used:
• Reverse proxy and version:
• Other relevant information:

Config (Generated via diagnostics page)

Show Running Config

**Environment settings which are overridden:** ADMIN_TOKEN ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_smtp_img_src": "cid:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://******************", "domain_origin": "*****://******************", "domain_path": "", "domain_set": true, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "fido2-vault-credentials", "extended_logging": true, "helo_name": null, "hibp_api_key": "***", "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "Info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 100000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": true, "signups_allowed": true, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "***************************", "smtp_from_name": "Vaultwarden", "smtp_host": "*************", "smtp_password": null, "smtp_port": 25, "smtp_security": "off", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": null, "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": 360, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "websocket_address": "0.0.0.0", "websocket_enabled": false, "websocket_port": 3012, "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ```

• vaultwarden version: 1.30.2

• Install method: Docker image

• Clients used: Web Vault, Desktop Client, Browser Extension

• Reverse proxy and version: None

• MySQL/MariaDB or PostgreSQL version:

• Other relevant details:

Steps to reproduce

No special settings with the startup of vaultwarden. It is happening globally across the platform. Launch the password generator and try to include CAPS and Numbers in the password. The options are unavailable and disabled.

Expected behaviour

Ability to set the options when generating passwords. They used to work before the last Windows desktop client update and the WebUI was working fine until the latest update.

Actual behaviour

The options are disabled and grayed out so you can't change them.

Troubleshooting data

When switching to the Bitwarden.com servers, These options work fine. The Vaultwarden WebUI appears to be also affected.

[stefan0xC]

"One or more organization policies are affecting your generator settings."

Not sure what those are on your systems but you should probably check them.

[monteroman]

That's the thing. I can't enable them. They are grayed out so I am unable to turn them on.

[monteroman]

Also, the policy is to have them turned on.

[stefan0xC]

Check your Organizations -> Settings -> Policies if you have enabled the "Password generator" policy

[stefan0xC]

Also, the policy is to have them turned on.

Also in Vaultwarden?

[monteroman]

Yes. The policy in Vaultwarden is to have them turned on, but the Vaultwarden web UI isn't showing them enabled and are not working.

Essentially, the policy is enabled, but Vaultwarden's webUI isn't abiding by the policy.

[stefan0xC]

Thanks. I'll take a look.

[monteroman]

Thanks. I did also try to turn the policy off, but that still left the options grayed out and unable to turn on manually.

[BlackDex]

Did you fully logged out and back in again?

[monteroman]

The web client was logged out fully. I logged back in and it is still grayed out and disabled. I also tried it on a different browser (Chrome) that was not previously launched today and it is not allowing caps/numbers. I tried it from the Windows client, logged out fully and exited the client. I went back in and authenticated and it is still grayed out and disabled.

[BlackDex]

I did some testing, and it seems to be an issue with the clients. I tested this on a self-hosted instance and it does exactly the same.

And, there already are two tickets open which report exactly the same as here.

• https://github.com/bitwarden/clients/issues/7572
• https://github.com/bitwarden/clients/issues/7604

With that in mind, I'm going to close/move this, since it is not something we can fix on the server side except for updating the web-vault. All other clients are not something we have control of.