Missing API endpoint verify-password #810

New Issue

Closed

opened 2026-02-04 22:46:31 +03:00 by OVERLORD · 0 comments

OVERLORD commented 2026-02-04 22:46:31 +03:00

Owner

Copy Link

Originally created by @BlackDex on GitHub (Sep 25, 2020).

Missing API endpoint verify-password

First reported here: https://bitwardenrs.discourse.group/t/safari-plugin-calling-api-accounts-verify-password/319

It could happen that the stored password hash from a client (mobile, desktop, browser-extension) is lost or cleaned.
When this happens, and your vault is locked, it will try to send a request /api/verify-password which bitwarden_rs does not have.
Because of this you can't unlock the vault. You need to "Log Out" and "Log In" again to access the vault.

Your environment

• Bitwarden_rs version: 1.16.3-2f3e18ca
• Install method: docker
• Clients used: Firefox Extension
• Reverse proxy and version: nginx
• Version of mysql/postgresql: sqlite3

Steps to reproduce

1. Start Firefox
2. Open the extension in a separate window by clicking on the Pop Out icon in the top left.
3. In the main browser URL Bar type about:debugging and press enter
4. On the left click on This Firefox
5. Scroll until you see the Bitwarden - Free Password Manager and click on inspect
6. Go to the storage tab and select Extension Storage
7. Filter for hash, and there should appear one entry.
8. Make sure you lock the vault in the Pop Out window.
9. Delete the hashKey entry
10. Try to unlock the vault

The last action will trigger the request.

Expected behaviour

Vault unlocks.

Actual behaviour

An error occurs and i need to log out, and back in again.

Relevant logs

[2020-09-25 15:48:46.041][request][INFO] POST /api/accounts/verify-password
[2020-09-25 15:48:46.041][response][INFO] 404 Not Found

Originally created by @BlackDex on GitHub (Sep 25, 2020). ### Missing API endpoint verify-password First reported here: https://bitwardenrs.discourse.group/t/safari-plugin-calling-api-accounts-verify-password/319 It could happen that the stored password hash from a client (mobile, desktop, browser-extension) is lost or cleaned. When this happens, and your vault is locked, it will try to send a request /api/verify-password which bitwarden_rs does not have. Because of this you can't unlock the vault. You need to "Log Out" and "Log In" again to access the vault. ### Your environment * Bitwarden_rs version: 1.16.3-2f3e18ca * Install method: docker * Clients used: Firefox Extension * Reverse proxy and version: nginx * Version of mysql/postgresql: sqlite3 ### Steps to reproduce 1. Start Firefox 2. Open the extension in a separate window by clicking on the **Pop Out** icon in the top left. 3. In the main browser URL Bar type `about:debugging` and press enter 4. On the left click on **This Firefox** 5. Scroll until you see the **Bitwarden - Free Password Manager** and click on `inspect` 6. Go to the `storage` tab and select `Extension Storage` 7. Filter for hash, and there should appear one entry. 8. Make sure you lock the vault in the Pop Out window. 9. Delete the `hashKey` entry 10. Try to unlock the vault The last action will trigger the request. ### Expected behaviour Vault unlocks. ### Actual behaviour An error occurs and i need to log out, and back in again. ### Relevant logs ```logs [2020-09-25 15:48:46.041][request][INFO] POST /api/accounts/verify-password [2020-09-25 15:48:46.041][response][INFO] 404 Not Found ```

OVERLORD closed this issue 2026-02-04 22:46:37 +03:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#810