Bitwarden beta app completely broke entire vaultwarden backend #1999

New Issue

Closed

opened 2026-02-05 02:31:08 +03:00 by OVERLORD · 3 comments

OVERLORD commented 2026-02-05 02:31:08 +03:00

Owner

Copy Link

Originally created by @PartyingChair on GitHub (Aug 15, 2024).

Subject of the issue

I created a new login item in the bitwarden beta iOS app. (TO BE CLEAR: I'M AWARE IT IS A BETA, BUT THIS MIGHT BE SOMETHING ON VAULTWARDENS BACK END THAT CAUSED IT - NOT SURE). I changed the Owner to an organization, and then set the collection. I hit save, and got an error that ready: Cryptography error, The cipger's MAC doesn't match the expected value. Now I cannot log into vaultwarden. Tried on the web, windows app, mac app, beta ios app, and non-beta ios app. All either load infinitely, say wrong user/pass, or crash.

Deployment environment

• Install method:
  Unraid, docker

• Clients used:
  iOS app, Windows app, mac app.

• Reverse proxy and version:
  Cloudflare tunnels

• MySQL/MariaDB or PostgreSQL version:

• Other relevant details:

Steps to reproduce

Create login using bitwardens beta app on iOS (note; I did this in the app, not in the passwords autofill pop up). Set organization. Set collection. Save, and that is when I got the error

Expected behaviour

To save the new item to the collection/organization

Actual behaviour

App crashed, and broke database so I cannot get it back up. Had to delete account and start from scratch (again, I know it's a beta, I have backups of all data)

Troubleshooting data

Originally created by @PartyingChair on GitHub (Aug 15, 2024). <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### Subject of the issue I created a new login item in the bitwarden beta iOS app. (TO BE CLEAR: I'M AWARE IT IS A BETA, BUT THIS MIGHT BE SOMETHING ON VAULTWARDENS BACK END THAT CAUSED IT - NOT SURE). I changed the Owner to an organization, and then set the collection. I hit save, and got an error that ready: Cryptography error, The cipger's MAC doesn't match the expected value. Now I cannot log into vaultwarden. Tried on the web, windows app, mac app, beta ios app, and non-beta ios app. All either load infinitely, say wrong user/pass, or crash. ### Deployment environment <!-- ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.31.0 * Web-vault version: v2024.5.1b * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Environment settings overridden: true * Uses a reverse proxy: true * IP Header check: false (X-Forwarded-For) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.45.0 * Clients used: * Reverse proxy and version: * Other relevant information: ### Config (Generated via diagnostics page) <details><summary>Show Running Config</summary> **Environment settings which are overridden:** SIGNUPS_ALLOWED, INVITATIONS_ALLOWED ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": false, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_smtp_img_src": "cid:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://***********************", "domain_origin": "*****://***********************", "domain_path": "", "domain_set": true, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "fido2-vault-credentials", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "Info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 600000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "******************************", "smtp_from_name": "Bazan's Passwords Admin", "smtp_host": "*****************", "smtp_password": "***", "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "*****************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> <!-- How the server was installed: Docker image, OS package, built from source, etc. --> * Install method: Unraid, docker * Clients used: <!-- web vault, desktop, Android, iOS, etc. (if applicable) --> iOS app, Windows app, mac app. * Reverse proxy and version: <!-- if applicable --> Cloudflare tunnels * MySQL/MariaDB or PostgreSQL version: <!-- if applicable --> * Other relevant details: ### Steps to reproduce Create login using bitwardens beta app on iOS (note; I did this in the app, not in the passwords autofill pop up). Set organization. Set collection. Save, and that is when I got the error ### Expected behaviour To save the new item to the collection/organization ### Actual behaviour App crashed, and broke database so I cannot get it back up. Had to delete account and start from scratch (again, I know it's a beta, I have backups of all data) ### Troubleshooting data 

OVERLORD closed this issue 2026-02-05 02:31:11 +03:00

OVERLORD commented 2026-02-05 02:32:27 +03:00

Author

Owner

Copy Link

@stefan0xC commented on GitHub (Aug 15, 2024):

What vaultwarden version did you use? Because the issue sounds like the one that has been fixed by #4800

@stefan0xC commented on GitHub (Aug 15, 2024): What vaultwarden version did you use? Because the issue sounds like the one that has been fixed by #4800

OVERLORD commented 2026-02-05 02:33:38 +03:00

Author

Owner

Copy Link

@PartyingChair commented on GitHub (Aug 15, 2024):

Yeah... that might be my bad. I let auto update do its thing so have a habit of assuming I'm on the latest. I'm on 1.31.0 which appears not to be the latest. I'll update it.

@PartyingChair commented on GitHub (Aug 15, 2024): Yeah... that might be my bad. I let auto update do its thing so have a habit of assuming I'm on the latest. I'm on 1.31.0 which appears not to be the latest. I'll update it.

OVERLORD commented 2026-02-05 02:34:14 +03:00

Author

Owner

Copy Link

@PartyingChair commented on GitHub (Aug 15, 2024):

And yup, I'm just dumb for not checking the update. Fixed. I'll mark as closed.

@PartyingChair commented on GitHub (Aug 15, 2024): And yup, I'm just dumb for not checking the update. Fixed. I'll mark as closed.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1999