"Invalid master password" when trying to unlock browser extension after autolock #57

New Issue

MrUnknownDE · 2026-04-05T20:29:16+02:00

MrUnknownDE commented

2026-04-05 20:29:16 +02:00

Originally created by @cirosilvano on 3/16/2026

Prerequisites

I have searched the existing Closed AND Open Issues AND Discussions
I have searched and read the documentation

Vaultwarden Support String

Your environment (Generated via diagnostics page)

Vaultwarden version: v1.35.4
Web-vault version: v2026.1.1
OS/Arch: linux/x86_64
Running within a container: true (Base: Debian)
Database type: PostgreSQL
Database version: PostgreSQL 18.3 (Debian 18.3-1.pgdg13+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 14.2.0-19) 14.2.0, 64-bit
Uses config.json: false
Uses a reverse proxy: false
Internet access: true
Internet access via a proxy: false
DNS Check: true
Browser/Server Time Check: true
Server/NTP Time Check: true
Domain Configuration Check: false
HTTPS Check: true
Websocket Check: true
HTTP Response Checks: true

Config & Details (Generated via diagnostics page)

Show Config & Details

Config:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_idle_timeout": 600,
  "database_max_conns": 10,
  "database_min_conns": 2,
  "database_timeout": 30,
  "database_url": "**********://********************************************************************************************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "dns_prefer_ipv6": false,
  "domain": "*****://****************",
  "domain_origin": "*****://****************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "purge_incomplete_sso_auth": "0 20 0 * * *",
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "**********************",
  "smtp_from_name": "***********",
  "smtp_host": "*************",
  "smtp_password": null,
  "smtp_port": 25,
  "smtp_security": "off",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": null,
  "sso_allow_unknown_email_verification": false,
  "sso_audience_trusted": null,
  "sso_auth_only_not_session": false,
  "sso_authority": "",
  "sso_authorize_extra_params": "",
  "sso_callback_path": "*****://*********************************************",
  "sso_client_cache_expiration": 0,
  "sso_client_id": "",
  "sso_client_secret": "***",
  "sso_debug_tokens": false,
  "sso_enabled": false,
  "sso_master_password_policy": null,
  "sso_only": false,
  "sso_pkce": true,
  "sso_scopes": "email profile",
  "sso_signups_match_email": true,
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Vaultwarden Build Version

v1.35.4

Deployment method

Official Container Image

Custom deployment method

No response

Reverse Proxy

nginx 1.24.0

Host/Server Operating System

Linux

Operating System Version

Ubuntu 24.04

Clients

Browser Extension

Client Version

Firefox 148.0.2

Steps To Reproduce

Go to the extension (must be locked after a login)
Enter master password
Click on "Unlock"

Expected Result

Extension correctly unlocks and shows the logins list.

Actual Result

Extension shows "Invalid master password error" red popup.

Logs

No logs generated on the Vaultwarden container itself.

From the extension I get:


[MasterPasswordLockComponent] Failed to unlock via master password Error: Master password unlock data was not found for the user [redacted uuid]
    unlockWithMasterPassword default-master-password-unlock.service.ts:30
    o main.js:494
    invoke zone.js:398
    onInvoke ng_zone.ts:476
    invoke zone.js:397
    run zone.js:113
    I zone.js:2537
    invokeTask zone.js:431
    onInvokeTask ng_zone.ts:453
    invokeTask zone.js:430
    runTask zone.js:161
    y zone.js:612
    promise callback*d zone.js:588
    g zone.js:599
    scheduleTask zone.js:420
    onScheduleTask zone.js:273
    scheduleTask zone.js:411
    scheduleTask zone.js:207
    scheduleMicroTask zone.js:227
    I zone.js:2527
    A zone.js:2461
    S zone.js:2369
    k zone.js:2385
    getStore browser-local-storage.service.ts:62
console-log.service.ts:51:17
    write console-log.service.ts:51
    error console-log.service.ts:28
    unlockViaMasterPassword master-password-lock.component.ts:138
    a main.js:173
    invoke zone.js:398
    onInvoke ng_zone.ts:476
    invoke zone.js:397
    run zone.js:113
    I zone.js:2537
    invokeTask zone.js:431
    onInvokeTask ng_zone.ts:453
    invokeTask zone.js:430
    runTask zone.js:161
    y zone.js:612
    (Async: promise callback)
    d zone.js:588
    g zone.js:599
    scheduleTask zone.js:420
    onScheduleTask zone.js:273
    scheduleTask zone.js:411
    scheduleTask zone.js:207
    scheduleMicroTask zone.js:227
    I zone.js:2527
    A zone.js:2461
    S zone.js:2369
    k zone.js:2385
    getStore browser-local-storage.service.ts:62

Screenshots or Videos

Additional Context

This only breaks on the extension when it's locked. Sign in via web UI works with no issue.

Clicking "Log out" and then logging back in to the extension also works.

*Originally created by @cirosilvano on 3/16/2026* ### Prerequisites - [x] I have searched the existing **Closed _AND_ Open** [Issues](https://github.com/dani-garcia/vaultwarden/issues?q=is%3Aissue%20) **_AND_** [Discussions](https://github.com/dani-garcia/vaultwarden/discussions?discussions_q=) - [x] I have searched and read the [documentation](https://github.com/dani-garcia/vaultwarden/wiki/) ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.35.4 * Web-vault version: v2026.1.1 * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Database type: PostgreSQL * Database version: PostgreSQL 18.3 (Debian 18.3-1.pgdg13+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 14.2.0-19) 14.2.0, 64-bit * Uses config.json: false * Uses a reverse proxy: false * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: false * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: true ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Config:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_idle_timeout": 600, "database_max_conns": 10, "database_min_conns": 2, "database_timeout": 30, "database_url": "**********://********************************************************************************************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "dns_prefer_ipv6": false, "domain": "*****://****************", "domain_origin": "*****://****************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 600000, "purge_incomplete_sso_auth": "0 20 0 * * *", "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "**********************", "smtp_from_name": "***********", "smtp_host": "*************", "smtp_password": null, "smtp_port": 25, "smtp_security": "off", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": null, "sso_allow_unknown_email_verification": false, "sso_audience_trusted": null, "sso_auth_only_not_session": false, "sso_authority": "", "sso_authorize_extra_params": "", "sso_callback_path": "*****://*********************************************", "sso_client_cache_expiration": 0, "sso_client_id": "", "sso_client_secret": "***", "sso_debug_tokens": false, "sso_enabled": false, "sso_master_password_policy": null, "sso_only": false, "sso_pkce": true, "sso_scopes": "email profile", "sso_signups_match_email": true, "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Vaultwarden Build Version v1.35.4 ### Deployment method Official Container Image ### Custom deployment method _No response_ ### Reverse Proxy nginx 1.24.0 ### Host/Server Operating System Linux ### Operating System Version Ubuntu 24.04 ### Clients Browser Extension ### Client Version Firefox 148.0.2 ### Steps To Reproduce 1. Go to the extension (must be locked after a login) 2. Enter master password 3. Click on "Unlock" ### Expected Result Extension correctly unlocks and shows the logins list. ### Actual Result Extension shows "Invalid master password error" red popup. ### Logs ```text No logs generated on the Vaultwarden container itself. From the extension I get: [MasterPasswordLockComponent] Failed to unlock via master password Error: Master password unlock data was not found for the user [redacted uuid] unlockWithMasterPassword default-master-password-unlock.service.ts:30 o main.js:494 invoke zone.js:398 onInvoke ng_zone.ts:476 invoke zone.js:397 run zone.js:113 I zone.js:2537 invokeTask zone.js:431 onInvokeTask ng_zone.ts:453 invokeTask zone.js:430 runTask zone.js:161 y zone.js:612 promise callback*d zone.js:588 g zone.js:599 scheduleTask zone.js:420 onScheduleTask zone.js:273 scheduleTask zone.js:411 scheduleTask zone.js:207 scheduleMicroTask zone.js:227 I zone.js:2527 A zone.js:2461 S zone.js:2369 k zone.js:2385 getStore browser-local-storage.service.ts:62 console-log.service.ts:51:17 write console-log.service.ts:51 error console-log.service.ts:28 unlockViaMasterPassword master-password-lock.component.ts:138 a main.js:173 invoke zone.js:398 onInvoke ng_zone.ts:476 invoke zone.js:397 run zone.js:113 I zone.js:2537 invokeTask zone.js:431 onInvokeTask ng_zone.ts:453 invokeTask zone.js:430 runTask zone.js:161 y zone.js:612 (Async: promise callback) d zone.js:588 g zone.js:599 scheduleTask zone.js:420 onScheduleTask zone.js:273 scheduleTask zone.js:411 scheduleTask zone.js:207 scheduleMicroTask zone.js:227 I zone.js:2527 A zone.js:2461 S zone.js:2369 k zone.js:2385 getStore browser-local-storage.service.ts:62 ``` ### Screenshots or Videos <img width="480" height="596" alt="Image" src="https://github.com/user-attachments/assets/a88b44ef-c779-42b3-9ee8-58657f0556d1" /> ### Additional Context This only breaks on the extension when it's locked. Sign in via web UI works with no issue. Clicking "Log out" and then logging back in to the extension also works.

MrUnknownDE closed this issue

2026-04-05 20:29:16 +02:00

MrUnknownDE added the bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug labels 2026-04-05 20:29:17 +02:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#57