starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-12-10 01:10:09 +03:00
Code Issues 429 Packages Projects Releases 10 Wiki Activity

"Wrong username or password" on 1.27.0-9366e314 with browser extensions #920

New Issue
Closed
opened 2025-10-09 16:57:01 +03:00 by OVERLORD · 0 comments
OVERLORD commented 2025-10-09 16:57:01 +03:00
Owner
Copy Link

Originally created by @x86-39 on GitHub.

Subject of the issue

I get an error "Wrong username or password" when trying to log in with the browser extension.

Deployment environment

  • vaultwarden version:
    Server Installed:
    1.27.0-9366e314
    Web Installed:
    2023.1.1
    Database
    SQLite: 3.39.2

  • Install method: https://github.com/constin/vaultwarden-helm in k3s with ArgoCD

  • Clients used: Web vault, extension, Android app

  • Reverse proxy and version: Traefik

Steps to reproduce

I'm using the following values:

vaultwarden:
  image:
    repository: vaultwarden/server
    tag: testing
    pullPolicy: IfNotPresent

  env:
    SIGNUPS_ALLOWED: false
    INVITATIONS_ALLOWED: true
    DOMAIN: https://vault.example.com
    SMTP_HOST: example.com
    SMTP_FROM: no-reply@example.com
    WEB_VAULT_ENABLED: true
    ADMIN_TOKEN: "< TOKEN >"

  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: traefik
      kubernetes.io/tls-acme: "false"
      traefik.ingress.kubernetes.io/router.entrypoints: websecure
      traefik.ingress.kubernetes.io/router.tls: "true"
    path: /
    hosts:
      - vault.example.com
    tls:
      - secretName: vaultwarden-example-cert
        hosts:
          - vault.example.com
    pathType: Prefix

  persistence:
    enabled: false
    accessMode: ReadWriteOnce
    size: 3200Mi
    storageClass: longhorn-replicated
    #existingClaim: "bitwarden-pvc"

Expected behaviour

I can log in with the web extension.

Actual behaviour

I tried it on Firefox and Chromium, it happens on multiple devices. I can log into the web vault and on Android apps. My account is set up with an authenticator app and FIDO2. The web browser extension version is 2023.1.0

Troubleshooting data

In server logs:

[2023-01-30 18:52:53.374][request][INFO] GET /api/v1/instance
[2023-01-30 18:52:53.374][_][WARN] Response was `None`.
[2023-01-30 18:52:53.374][_][WARN] Responding with registered (api_not_found) /api 404 catcher.
[2023-01-30 18:52:53.374][response][INFO] (web_files) GET /<p..> [10] => 404 Not Found

There are no relevant logs in Traefik.

This is a fresh install, not a migration from a previous version. I tried it on a fresh browser, so it doesn't seem to be cache.

Originally created by @x86-39 on GitHub. ### Subject of the issue I get an error "Wrong username or password" when trying to log in with the browser extension. ### Deployment environment <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * vaultwarden version: Server Installed: 1.27.0-9366e314 Web Installed: 2023.1.1 Database SQLite: 3.39.2 * Install method: https://github.com/constin/vaultwarden-helm in k3s with ArgoCD * Clients used: Web vault, extension, Android app * Reverse proxy and version: Traefik ### Steps to reproduce <!-- Tell us how to reproduce this issue. What parameters did you set (differently from the defaults) and how did you start vaultwarden? --> I'm using the following values: ```yaml vaultwarden: image: repository: vaultwarden/server tag: testing pullPolicy: IfNotPresent env: SIGNUPS_ALLOWED: false INVITATIONS_ALLOWED: true DOMAIN: https://vault.example.com SMTP_HOST: example.com SMTP_FROM: no-reply@example.com WEB_VAULT_ENABLED: true ADMIN_TOKEN: "< TOKEN >" ingress: enabled: true annotations: kubernetes.io/ingress.class: traefik kubernetes.io/tls-acme: "false" traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" path: / hosts: - vault.example.com tls: - secretName: vaultwarden-example-cert hosts: - vault.example.com pathType: Prefix persistence: enabled: false accessMode: ReadWriteOnce size: 3200Mi storageClass: longhorn-replicated #existingClaim: "bitwarden-pvc" ``` ### Expected behaviour I can log in with the web extension. ### Actual behaviour I tried it on Firefox and Chromium, it happens on multiple devices. I can log into the web vault and on Android apps. My account is set up with an authenticator app and FIDO2. The web browser extension version is 2023.1.0 ### Troubleshooting data In server logs: ``` [2023-01-30 18:52:53.374][request][INFO] GET /api/v1/instance [2023-01-30 18:52:53.374][_][WARN] Response was `None`. [2023-01-30 18:52:53.374][_][WARN] Responding with registered (api_not_found) /api 404 catcher. [2023-01-30 18:52:53.374][response][INFO] (web_files) GET /<p..> [10] => 404 Not Found ``` There are no relevant logs in Traefik. This is a fresh install, not a migration from a previous version. I tried it on a fresh browser, so it doesn't seem to be cache.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
bug
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
troubleshooting
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#920
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?