starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-02-05 00:29:40 +03:00
Code Issues 32 Packages Projects Releases 10 Wiki Activity

No MasterPassword login after increase KDF #1947

New Issue
Closed
opened 2026-02-05 02:19:12 +03:00 by OVERLORD · 8 comments
OVERLORD commented 2026-02-05 02:19:12 +03:00
Owner
Copy Link

Originally created by @matze939939 on GitHub (Jun 27, 2024).

Subject of the issue

Username or password is incorrect after incredase KDF

Deployment environment

  • vaultwarden version: 1.30.5

  • Install method: Docker image

  • Clients used: web vault, chrome extension, android

  • Reverse proxy and version:

  • MySQL/MariaDB or PostgreSQL version: SQLite: 3.44.0

  • Other relevant details:

Steps to reproduce

After increase the kdf i logged out and cant login again

Expected behaviour

login with masterpassword

Actual behaviour

Username or password is incorrect

Troubleshooting data

Originally created by @matze939939 on GitHub (Jun 27, 2024). <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### Subject of the issue <!-- Describe your issue here. --> Username or password is incorrect after incredase KDF ### Deployment environment <!-- ========================================================================================= Preferably, use the `Generate Support String` button on the admin page's Diagnostics tab. That will auto-generate most of the info requested in this section. ========================================================================================= --> <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * vaultwarden version: 1.30.5 <!-- How the server was installed: Docker image, OS package, built from source, etc. --> * Install method: Docker image * Clients used: <!-- web vault, desktop, Android, iOS, etc. (if applicable) --> web vault, chrome extension, android * Reverse proxy and version: <!-- if applicable --> * MySQL/MariaDB or PostgreSQL version: <!-- if applicable --> SQLite: 3.44.0 * Other relevant details: ### Steps to reproduce <!-- Tell us how to reproduce this issue. What parameters did you set (differently from the defaults) and how did you start vaultwarden? --> After increase the kdf i logged out and cant login again ### Expected behaviour <!-- Tell us what you expected to happen --> login with masterpassword ### Actual behaviour <!-- Tell us what actually happened --> Username or password is incorrect ### Troubleshooting data <!-- Share any log files, screenshots, or other relevant troubleshooting data -->
OVERLORD commented 2026-02-05 02:19:15 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Jun 27, 2024):

What did the logs reported? Were there errors visible during the kdf change in the browser?

@BlackDex commented on GitHub (Jun 27, 2024): What did the logs reported? Were there errors visible during the kdf change in the browser?
OVERLORD commented 2026-02-05 02:19:19 +03:00
Author
Owner
Copy Link

@matze939939 commented on GitHub (Jun 27, 2024):

Here are the Logs:

--------------------------------------------------------------------
| Starting Vaultwarden |

Version 1.30.5
This is an unofficial Bitwarden implementation, DO NOT use the
official channels to report bugs/features, regardless of client.
Send usage/configuration questions or feature requests to:
https://github.com/dani-garcia/vaultwarden/discussions or
https://vaultwarden.discourse.group/
Report suspected bugs/issues in the software itself at:
https://github.com/dani-garcia/vaultwarden/issues/new
--------------------------------------------------------------------/
[INFO] Using saved config from data/config.json for configuration.
[WARNING] The following environment variables are being overridden by the config.json file.
[WARNING] Please use the admin panel to make changes to them:
[WARNING] SIGNUPS_ALLOWED, ADMIN_TOKEN
[2024-06-27 17:58:51.374][request][INFO] POST /identity/connect/token
[2024-06-27 17:58:51.504][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: 192.168.xx.xx. Username: matze939@online.de.
[2024-06-27 17:58:51.505][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
[2024-06-27 17:58:54.001][request][INFO] POST /api/auth-requests/
[2024-06-27 17:58:54.002][response][INFO] (post_auth_request) POST /api/auth-requests => 200 OK
[2024-06-27 17:58:54.024][request][INFO] GET /notifications/anonymous-hub?Token=cd69bb23-4cbb-4c55-948e-
[2024-06-27 17:58:54.025][vaultwarden::api::notifications][INFO] Accepting Anonymous Rocket WS connection from 192.168.xx.xx
[2024-06-27 17:58:54.025][response][INFO] (anonymous_websockets_hub) GET /notifications/anonymous-hub?<token..> => 200 OK
[2024-06-27 17:59:01.710][request][INFO] GET /api/config
[2024-06-27 17:59:01.710][response][INFO] (config) GET /api/config => 200 OK
[2024-06-27 17:59:13.751][request][INFO] POST /api/auth-requests/
[2024-06-27 17:59:13.752][response][INFO] (post_auth_request) POST /api/auth-requests => 200 OK
[2024-06-27 17:59:13.825][request][INFO] GET /notifications/anonymous-hub?Token=a35d2fbc-1032-45fa-abc2-
[2024-06-27 17:59:13.825][vaultwarden::api::notifications][INFO] Accepting Anonymous Rocket WS connection from 192.168.xx.xx
[2024-06-27 17:59:13.826][response][INFO] (anonymous_websockets_hub) GET /notifications/anonymous-hub?<token..> => 200 OK
[2024-06-27 18:00:09.506][vaultwarden::api::notifications][INFO] Closing WS connection from 192.168.xx.xx
[2024-06-27 18:00:19.003][request][INFO] GET /api/devices/knowndevice
[2024-06-27 18:00:19.005][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK
[2024-06-27 18:00:29.500][request][INFO] POST /identity/accounts/prelogin
[2024-06-27 18:00:29.501][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK
[2024-06-27 18:00:29.840][request][INFO] POST /identity/connect/token
[2024-06-27 18:00:29.964][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: 192.168.xx.xx. Username: xxx@xxx.com.
[2024-06-27 18:00:29.965][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
[2024-06-27 18:01:41.286][request][INFO] GET /api/config
[2024-06-27 18:01:41.286][response][INFO] (config) GET /api/config => 200 OK
[2024-06-27 18:01:46.348][request][INFO] GET /api/devices/knowndevice
[2024-06-27 18:01:46.349][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK
[2024-06-27 18:01:57.394][request][INFO] POST /identity/accounts/prelogin
[2024-06-27 18:01:57.397][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK
[2024-06-27 18:01:58.158][request][INFO] POST /identity/connect/token
[2024-06-27 18:01:58.282][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: 192.168.25.34. Username: xxx@xxx.com.
[2024-06-27 18:01:58.283][response][INFO] (login) POST /identity/connect/token => 400 Bad Request`

There are 5 Users, two of them increase the KDF and cant login via Masterpassword. While increasing the KDF there are no errors visible.
The other User can still login via Masterpassword.

@matze939939 commented on GitHub (Jun 27, 2024): Here are the Logs: > --------------------------------------------------------------------\ | Starting Vaultwarden | | Version 1.30.5 | |--------------------------------------------------------------------| | This is an *unofficial* Bitwarden implementation, DO NOT use the | | official channels to report bugs/features, regardless of client. | | Send usage/configuration questions or feature requests to: | | https://github.com/dani-garcia/vaultwarden/discussions or | | https://vaultwarden.discourse.group/ | | Report suspected bugs/issues in the software itself at: | | https://github.com/dani-garcia/vaultwarden/issues/new | \--------------------------------------------------------------------/ [INFO] Using saved config from `data/config.json` for configuration. [WARNING] The following environment variables are being overridden by the config.json file. [WARNING] Please use the admin panel to make changes to them: [WARNING] SIGNUPS_ALLOWED, ADMIN_TOKEN [2024-06-27 17:58:51.374][request][INFO] POST /identity/connect/token [2024-06-27 17:58:51.504][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: 192.168.xx.xx. Username: matze939@online.de. [2024-06-27 17:58:51.505][response][INFO] (login) POST /identity/connect/token => 400 Bad Request [2024-06-27 17:58:54.001][request][INFO] POST /api/auth-requests/ [2024-06-27 17:58:54.002][response][INFO] (post_auth_request) POST /api/auth-requests => 200 OK [2024-06-27 17:58:54.024][request][INFO] GET /notifications/anonymous-hub?Token=cd69bb23-4cbb-4c55-948e- [2024-06-27 17:58:54.025][vaultwarden::api::notifications][INFO] Accepting Anonymous Rocket WS connection from 192.168.xx.xx [2024-06-27 17:58:54.025][response][INFO] (anonymous_websockets_hub) GET /notifications/anonymous-hub?<token..> => 200 OK [2024-06-27 17:59:01.710][request][INFO] GET /api/config [2024-06-27 17:59:01.710][response][INFO] (config) GET /api/config => 200 OK [2024-06-27 17:59:13.751][request][INFO] POST /api/auth-requests/ [2024-06-27 17:59:13.752][response][INFO] (post_auth_request) POST /api/auth-requests => 200 OK [2024-06-27 17:59:13.825][request][INFO] GET /notifications/anonymous-hub?Token=a35d2fbc-1032-45fa-abc2- [2024-06-27 17:59:13.825][vaultwarden::api::notifications][INFO] Accepting Anonymous Rocket WS connection from 192.168.xx.xx [2024-06-27 17:59:13.826][response][INFO] (anonymous_websockets_hub) GET /notifications/anonymous-hub?<token..> => 200 OK [2024-06-27 18:00:09.506][vaultwarden::api::notifications][INFO] Closing WS connection from 192.168.xx.xx [2024-06-27 18:00:19.003][request][INFO] GET /api/devices/knowndevice [2024-06-27 18:00:19.005][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK [2024-06-27 18:00:29.500][request][INFO] POST /identity/accounts/prelogin [2024-06-27 18:00:29.501][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK [2024-06-27 18:00:29.840][request][INFO] POST /identity/connect/token [2024-06-27 18:00:29.964][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: 192.168.xx.xx. Username: xxx@xxx.com. [2024-06-27 18:00:29.965][response][INFO] (login) POST /identity/connect/token => 400 Bad Request [2024-06-27 18:01:41.286][request][INFO] GET /api/config [2024-06-27 18:01:41.286][response][INFO] (config) GET /api/config => 200 OK [2024-06-27 18:01:46.348][request][INFO] GET /api/devices/knowndevice [2024-06-27 18:01:46.349][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK [2024-06-27 18:01:57.394][request][INFO] POST /identity/accounts/prelogin [2024-06-27 18:01:57.397][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK [2024-06-27 18:01:58.158][request][INFO] POST /identity/connect/token [2024-06-27 18:01:58.282][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: 192.168.25.34. Username: xxx@xxx.com. [2024-06-27 18:01:58.283][response][INFO] (login) POST /identity/connect/token => 400 Bad Request` There are 5 Users, two of them increase the KDF and cant login via Masterpassword. While increasing the KDF there are no errors visible. The other User can still login via Masterpassword.
OVERLORD commented 2026-02-05 02:19:21 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Jun 27, 2024):

That is strange. If there were no errors, they should be able to login using there password.

Only thing i can say is to restore a backup and see of it happens again.

@BlackDex commented on GitHub (Jun 27, 2024): That is strange. If there were no errors, they should be able to login using there password. Only thing i can say is to restore a backup and see of it happens again.
OVERLORD commented 2026-02-05 02:19:27 +03:00
Author
Owner
Copy Link

@mrclschstr commented on GitHub (Jun 28, 2024):

Somehow related https://github.com/dani-garcia/vaultwarden/issues/4059#issuecomment-1821906881?

@mrclschstr commented on GitHub (Jun 28, 2024): Somehow related https://github.com/dani-garcia/vaultwarden/issues/4059#issuecomment-1821906881?
OVERLORD commented 2026-02-05 02:19:30 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Jun 28, 2024):

That could be the case. There were other reports like this, be we are unable to reproduce this in any way our self. Also, several people looked at the code, and couldn't find anything which should trigger this kind of behavior.

That is why i wonder, if you restore the backup, and do the same actions again, if you can reproduce this. If not, then it must be some weird kind of issues when some planets align with a comet or whatever.

@BlackDex commented on GitHub (Jun 28, 2024): That could be the case. There were other reports like this, be we are unable to reproduce this in any way our self. Also, several people looked at the code, and couldn't find anything which should trigger this kind of behavior. That is why i wonder, if you restore the backup, and do the same actions again, if you can reproduce this. If not, then it must be some weird kind of issues when some planets align with a comet or whatever.
OVERLORD commented 2026-02-05 02:19:32 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Jul 8, 2024):

Any update on this? As we can't reproduce this in any way, and tried by multiple people, and no clear indication from the users who had the issue on how to re-create this in any way, I'm going to move this issue to a discussion in a few days.

This same behavior also happens at Bitwarden from time to time, and they also have no clue looking at there forum posts.
The only thing i can say is that Vaultwarden only stores what is being sent. So it's hard for us to troubleshoot this at all if this is a client-side issue.

@BlackDex commented on GitHub (Jul 8, 2024): Any update on this? As we can't reproduce this in any way, and tried by multiple people, and no clear indication from the users who had the issue on how to re-create this in any way, I'm going to move this issue to a discussion in a few days. This same behavior also happens at Bitwarden from time to time, and they also have no clue looking at there forum posts. The only thing i can say is that Vaultwarden only stores what is being sent. So it's hard for us to troubleshoot this at all if this is a client-side issue.
OVERLORD commented 2026-02-05 02:19:34 +03:00
Author
Owner
Copy Link

@matze939939 commented on GitHub (Jul 8, 2024):

Update: First I imported a backup. The two users were still unable to log in with their master password. You then manually transferred the passwords from still active sessions to a new account. I haven't been able to reproduce the problem since. Maybe it was due to the activated 2FA when changing the KDF?

@matze939939 commented on GitHub (Jul 8, 2024): Update: First I imported a backup. The two users were still unable to log in with their master password. You then manually transferred the passwords from still active sessions to a new account. I haven't been able to reproduce the problem since. Maybe it was due to the activated 2FA when changing the KDF?
OVERLORD commented 2026-02-05 02:19:36 +03:00
Author
Owner
Copy Link

@matze939939 commented on GitHub (Jul 8, 2024):

Thanks for your Support!

@matze939939 commented on GitHub (Jul 8, 2024): Thanks for your Support!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
troubleshooting
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#1947
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?