20 comments

[ 3.3 ms ] story [ 60.7 ms ] thread
The page linked to says the website is down. Not being a Bitwarden user I can't verify what is meant by the headline "local access is blocked". Certainly the Bitwarden website being down shouldn't block local access to a user's passwords, right?
It doesn't. I can access my passwords locally.
I can access my passwords and sync with their server.
I've just logged in on my Android phone and can see all my user creds.
FF extension lets me fill in my passwords. I am not brave enough to trigger a sync tho.
Don't trigger a sync, my account logged out automatically, now I cannot access to the local copy because the identity service is offline.
It's times like these when I rejoice in the fact that my instance is self-hosted.
We juuuust migrated our org to Bitwarden last week… but self-hosted. Looks like we dodged a bullet here.

(And my private Vaultwarden instance is also doing fine.)

Why not Vaultwarden for the Org?
Typically the answer for this is somewhere in the mix of:

- paid support availability

- trusting a third-party audited codebase vs a third-party unaudited github repo

- having to pay someone for their time to manage self-hosted services

The website may be down, but I can access all of my passwords on the Mac and iOS apps.
The page says nothing about local access being blocked, and as a bitwarden user, I can access my password fine.
According to other comments if you were to sync during the outage you would have had your auth invalidated and local wouldn't work apparently.
Not very informative status page...
I was about to say it doesnt say why or what precisely is happening
The latest update says:

> 1 minute ago

> The team has been tuning the system, and we believe we have addressed the issue.

> If you are still encountering any issue, please make sure to log out from your account completely and log back in.

I hope a detailed post comes up with what went wrong and how this is unlikely to happen again. An application like this needs to be offline enabled and also consider a failure at syncing as a transient error that mustn’t block other local operations (like lookup, autofill, additions, deletions, modifications).

It was available offline for our whole corp the title is misleading.
If it has two-factor, then I think it'll depend on how long they want to sessions to be valid for.
I stuck to KeePass instead of migrating to web services but Bitwarden was and is my top choice otherwise. This type of situation always worried me. If anyone is looking for alternatives, I’m a longtime KeePass user that utilizes the main KeePass Password Safe app on Windows and Strongbox Pro on iOS.