All OTP Codes Invalid after adding a Yubikey as a second FIDO2 WEBAUTH Key #975

New Issue

MrUnknownDE · 2026-04-06T01:28:41+02:00

MrUnknownDE commented

2026-04-06 01:28:41 +02:00

Originally created by @GuckstduWeitaaa on 8/22/2024

Vaultwarden Support String

Your environment (Generated via diagnostics page)

Vaultwarden version: v1.32.0
Web-vault version: v2024.6.2b
OS/Arch: linux/x86_64
Running within a container: true (Base: Debian)
Environment settings overridden: true
Uses a reverse proxy: true
IP Header check: true (X-Real-IP)
Internet access: true
Internet access via a proxy: false
DNS Check: true
Browser/Server Time Check: false
Server/NTP Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Database type: SQLite
Database version: 3.46.0
Clients used:
Reverse proxy and version:
Other relevant information:

Config (Generated via diagnostics page)

Show Running Config

Environment settings which are overridden: SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": false,
  "_enable_smtp": true,
  "_enable_yubico": false,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "cid:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://*****************",
  "domain_origin": "*****://*****************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "fido2-vault-credentials",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 4,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 100000,
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "*********************",
  "signups_verify": true,
  "signups_verify_resend_limit": 2,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": "force_tls",
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "**********************",
  "smtp_from_name": "Vaultwarden-Main",
  "smtp_host": "*****************",
  "smtp_password": "***",
  "smtp_port": 465,
  "smtp_security": "force_tls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "******************",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Steps To Reproduce

Pre Setup:
Create two Accounts (A and B) on the Vaultwarden Instance with entries for websites with totp codes (gmx.net and tradingview.com were tested by me) and add the first FIDO2 WebAuthn Key to Account B. After that add the totp codes on the entries for A and B through the normal way with qr code or the string. Everything should be working fine and the totp on both entries from Account A and B should be working as well.

Setup for the Bug:

In Web Vault
Settings Security
2FA Tab
in FIDO2 WebAuthn
Add the Ubikey as another Key from Windows 11 PC
Stop the Vaultwarden Container
Close open Client Connections (in my case lock the vault on the brwoser extension)
Start Vaultwarden Container and start the Client
Try previously configured TOTP Codes on multiple Websites like gmx.net or tradingview.com

I hope this understandable and enough to follow, thank you very much for your help and great password manager.

Expected Result

The TOTP should be working if I add another FIDO2 Hardware Key after I configured the TOTP codes.

Actual Result

The TOTP codes are not working after I added another FIDO2 WebAuthn Hardware Key (Ubikey NFC USB A NOT THE 5 Series) once I restart the vaultwarden container. Even the TOTP codes of Account A are not working although the FIDO2 Hardware Key are only on Account B.

Screenshots or Videos

No response

Logs

/--------------------------------------------------------------------\
|                        Starting Vaultwarden                        |
|                           Version 1.32.0                           |
|--------------------------------------------------------------------|
| This is an *unofficial* Bitwarden implementation, DO NOT use the   |
| official channels to report bugs/features, regardless of client.   |
| Send usage/configuration questions or feature requests to:         |
|   https://github.com/dani-garcia/vaultwarden/discussions or        |
|   https://vaultwarden.discourse.group/                             |
| Report suspected bugs/issues in the software itself at:            |
|   https://github.com/dani-garcia/vaultwarden/issues/new            |
\--------------------------------------------------------------------/

[INFO] Using saved config from `data/config.json` for configuration.

[WARNING] The following environment variables are being overridden by the config.json file.
[WARNING] Please use the admin panel to make changes to them:
[WARNING] SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN

[2024-08-22 10:27:22.221][start][INFO] Rocket has launched from http://0.0.0.0:80
[2024-08-22 10:27:32.528][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2024-08-22 10:27:32.528][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 162.158.203.128
[2024-08-22 10:27:32.528][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK
[2024-08-22 10:27:32.785][request][INFO] GET /api/accounts/revision-date
[2024-08-22 10:27:32.787][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK
[2024-08-22 10:27:34.790][request][INFO] GET /api/devices/knowndevice
[2024-08-22 10:27:34.791][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK
[2024-08-22 10:27:39.116][request][INFO] POST /identity/accounts/prelogin
[2024-08-22 10:27:39.117][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK
[2024-08-22 10:27:39.398][request][INFO] POST /identity/connect/token
[2024-08-22 10:27:40.015][error][ERROR] 2FA token not provided
[2024-08-22 10:27:40.015][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
[2024-08-22 10:27:48.724][request][INFO] POST /identity/connect/token
[2024-08-22 10:27:48.743][vaultwarden::api::identity][INFO] User mail@d-walker.de logged in successfully. IP: 162.158.95.132
[2024-08-22 10:27:48.743][response][INFO] (login) POST /identity/connect/token => 200 OK
[2024-08-22 10:27:48.858][request][INFO] POST /identity/connect/token
[2024-08-22 10:27:48.862][response][INFO] (login) POST /identity/connect/token => 200 OK
[2024-08-22 10:27:48.927][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2024-08-22 10:27:48.927][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 162.158.87.8
[2024-08-22 10:27:48.927][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK
[2024-08-22 10:27:48.970][request][INFO] GET /api/sync
[2024-08-22 10:27:48.980][response][INFO] (sync) GET /api/sync?<data..> => 200 OK
[2024-08-22 10:27:51.242][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2024-08-22 10:27:51.242][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 162.158.87.226
[2024-08-22 10:27:51.242][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK
[2024-08-22 10:27:51.427][request][INFO] GET /api/accounts/revision-date
[2024-08-22 10:27:51.429][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK
[2024-08-22 10:28:54.983][vaultwarden::api::notifications][INFO] Closing WS connection from 162.158.87.8
[2024-08-22 10:29:14.296][request][INFO] GET /api/devices/knowndevice
[2024-08-22 10:29:14.297][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK
[2024-08-22 10:29:19.576][request][INFO] POST /identity/accounts/prelogin
[2024-08-22 10:29:19.576][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK
[2024-08-22 10:29:19.839][request][INFO] POST /identity/connect/token
[2024-08-22 10:29:19.857][error][ERROR] 2FA token not provided
[2024-08-22 10:29:19.858][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
[2024-08-22 10:29:26.727][request][INFO] POST /identity/connect/token
[2024-08-22 10:29:27.036][vaultwarden::api::identity][INFO] User mail@d-walker.de logged in successfully. IP: 172.71.250.94
[2024-08-22 10:29:27.036][response][INFO] (login) POST /identity/connect/token => 200 OK
[2024-08-22 10:29:27.140][request][INFO] POST /identity/connect/token
[2024-08-22 10:29:27.144][response][INFO] (login) POST /identity/connect/token => 200 OK
[2024-08-22 10:29:27.209][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2024-08-22 10:29:27.209][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.70.247.133
[2024-08-22 10:29:27.210][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK
[2024-08-22 10:29:27.253][request][INFO] GET /api/sync
[2024-08-22 10:29:27.255][response][INFO] (sync) GET /api/sync?<data..> => 200 OK
[2024-08-22 10:29:41.617][vaultwarden::api::notifications][INFO] Closing WS connection from 172.70.247.133
[2024-08-22 10:29:53.261][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2024-08-22 10:29:53.261][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.71.102.122
[2024-08-22 10:29:53.261][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK
[2024-08-22 10:29:53.421][request][INFO] GET /api/accounts/revision-date
[2024-08-22 10:29:53.422][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK
[2024-08-22 10:29:53.774][request][INFO] GET /api/devices/knowndevice
[2024-08-22 10:29:53.775][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK
[2024-08-22 10:30:03.745][request][INFO] POST /identity/accounts/prelogin
[2024-08-22 10:30:03.745][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK
[2024-08-22 10:30:04.007][request][INFO] POST /identity/connect/token
[2024-08-22 10:30:04.138][error][ERROR] 2FA token not provided
[2024-08-22 10:30:04.138][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
[2024-08-22 10:30:12.223][request][INFO] POST /identity/connect/token
[2024-08-22 10:30:12.242][vaultwarden::api::identity][INFO] User mail@d-walker.de logged in successfully. IP: 172.71.250.94
[2024-08-22 10:30:12.242][response][INFO] (login) POST /identity/connect/token => 200 OK
[2024-08-22 10:30:12.331][request][INFO] POST /identity/connect/token
[2024-08-22 10:30:12.334][response][INFO] (login) POST /identity/connect/token => 200 OK
[2024-08-22 10:30:12.438][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2024-08-22 10:30:12.438][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.70.250.13
[2024-08-22 10:30:12.438][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK
[2024-08-22 10:30:12.486][request][INFO] GET /api/sync
[2024-08-22 10:30:12.494][response][INFO] (sync) GET /api/sync?<data..> => 200 OK
[2024-08-22 10:31:56.138][vaultwarden::api::notifications][INFO] Closing WS connection from 162.158.87.226
[2024-08-22 10:32:02.542][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2024-08-22 10:32:02.542][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.71.99.79
[2024-08-22 10:32:02.542][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK
[2024-08-22 10:32:02.711][request][INFO] GET /api/accounts/revision-date
[2024-08-22 10:32:02.713][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK
[2024-08-22 10:32:45.094][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL
[2024-08-22 10:32:45.094][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.71.250.91
[2024-08-22 10:32:45.094][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK
[2024-08-22 10:32:45.095][request][INFO] GET /api/accounts/revision-date
[2024-08-22 10:32:45.096][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK
[2024-08-22 10:48:16.221][request][INFO] GET /admin
[2024-08-22 10:48:16.221][response][INFO] (admin_page_login) GET /admin/ [2] => 200 OK
[2024-08-22 10:48:21.258][request][INFO] POST /admin
[2024-08-22 10:48:21.266][response][INFO] (post_admin_login) POST /admin/ => 200 OK
[2024-08-22 10:48:22.920][request][INFO] GET /admin/diagnostics
[2024-08-22 10:48:25.037][response][INFO] (diagnostics) GET /admin/diagnostics => 200 OK
[2024-08-22 10:48:30.466][request][INFO] GET /admin/diagnostics/config
[2024-08-22 10:48:30.467][response][INFO] (get_diagnostics_config) GET /admin/diagnostics/config => 200 OK
[2024-08-22 10:48:54.856][request][INFO] GET /icons/github.com/icon.png
[2024-08-22 10:48:54.859][response][INFO] (icon_internal) GET /icons/<domain>/icon.png => 200 OK

Additional Context

No response

Host/Server Operating System

Linux

Operating System Version

Unraid 6.12.10 with Docker version 24.0.9, build 2936816

Deployment method

Official Container Image

Custom deployment method

I used the selfhosters Template from Unraid, which is the only template you find when you search for Vaultwarden

It uses this repository
https://hub.docker.com/r/vaultwarden/server/

Vaultwarden Build Version

v1.32.0

Clients

Web Vault, Browser Extension

Client Version

Version: 2024.7.1 Server-Version (Drittanbieter): 2024.2.0

*Originally created by @GuckstduWeitaaa on 8/22/2024* ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.32.0 * Web-vault version: v2024.6.2b * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Environment settings overridden: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: false * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.46.0 * Clients used: * Reverse proxy and version: * Other relevant information: ### Config (Generated via diagnostics page) <details><summary>Show Running Config</summary> **Environment settings which are overridden:** SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": false, "_enable_smtp": true, "_enable_yubico": false, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "cid:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://*****************", "domain_origin": "*****://*****************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "fido2-vault-credentials", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 4, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 100000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": true, "signups_domains_whitelist": "*********************", "signups_verify": true, "signups_verify_resend_limit": 2, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": "force_tls", "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "**********************", "smtp_from_name": "Vaultwarden-Main", "smtp_host": "*****************", "smtp_password": "***", "smtp_port": 465, "smtp_security": "force_tls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "******************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Steps To Reproduce Pre Setup: Create two Accounts (A and B) on the Vaultwarden Instance with entries for websites with totp codes (gmx.net and tradingview.com were tested by me) and add the first FIDO2 WebAuthn Key to Account B. After that add the totp codes on the entries for A and B through the normal way with qr code or the string. Everything should be working fine and the totp on both entries from Account A and B should be working as well. Setup for the Bug: 1. In Web Vault 2. Settings Security 3. 2FA Tab 4. in FIDO2 WebAuthn 5. Add the Ubikey as another Key from Windows 11 PC ![image](https://github.com/user-attachments/assets/de07f3ab-39d0-4d8d-b8d9-3eb91be7c593) 6. Stop the Vaultwarden Container 7. Close open Client Connections (in my case lock the vault on the brwoser extension) 8. Start Vaultwarden Container and start the Client 6. Try previously configured TOTP Codes on multiple Websites like gmx.net or tradingview.com ![image](https://github.com/user-attachments/assets/3eefbfdf-e853-4c1f-b9d8-b39d52ea122e) I hope this understandable and enough to follow, thank you very much for your help and great password manager. ### Expected Result The TOTP should be working if I add another FIDO2 Hardware Key after I configured the TOTP codes. ### Actual Result The TOTP codes are not working after I added another FIDO2 WebAuthn Hardware Key (Ubikey NFC USB A NOT THE 5 Series) once I restart the vaultwarden container. Even the TOTP codes of Account A are not working although the FIDO2 Hardware Key are only on Account B. ### Screenshots or Videos _No response_ ### Logs ```text /--------------------------------------------------------------------\ | Starting Vaultwarden | | Version 1.32.0 | |--------------------------------------------------------------------| | This is an *unofficial* Bitwarden implementation, DO NOT use the | | official channels to report bugs/features, regardless of client. | | Send usage/configuration questions or feature requests to: | | https://github.com/dani-garcia/vaultwarden/discussions or | | https://vaultwarden.discourse.group/ | | Report suspected bugs/issues in the software itself at: | | https://github.com/dani-garcia/vaultwarden/issues/new | \--------------------------------------------------------------------/ [INFO] Using saved config from `data/config.json` for configuration. [WARNING] The following environment variables are being overridden by the config.json file. [WARNING] Please use the admin panel to make changes to them: [WARNING] SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN [2024-08-22 10:27:22.221][start][INFO] Rocket has launched from http://0.0.0.0:80 [2024-08-22 10:27:32.528][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL [2024-08-22 10:27:32.528][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 162.158.203.128 [2024-08-22 10:27:32.528][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK [2024-08-22 10:27:32.785][request][INFO] GET /api/accounts/revision-date [2024-08-22 10:27:32.787][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK [2024-08-22 10:27:34.790][request][INFO] GET /api/devices/knowndevice [2024-08-22 10:27:34.791][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK [2024-08-22 10:27:39.116][request][INFO] POST /identity/accounts/prelogin [2024-08-22 10:27:39.117][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK [2024-08-22 10:27:39.398][request][INFO] POST /identity/connect/token [2024-08-22 10:27:40.015][error][ERROR] 2FA token not provided [2024-08-22 10:27:40.015][response][INFO] (login) POST /identity/connect/token => 400 Bad Request [2024-08-22 10:27:48.724][request][INFO] POST /identity/connect/token [2024-08-22 10:27:48.743][vaultwarden::api::identity][INFO] User mail@d-walker.de logged in successfully. IP: 162.158.95.132 [2024-08-22 10:27:48.743][response][INFO] (login) POST /identity/connect/token => 200 OK [2024-08-22 10:27:48.858][request][INFO] POST /identity/connect/token [2024-08-22 10:27:48.862][response][INFO] (login) POST /identity/connect/token => 200 OK [2024-08-22 10:27:48.927][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL [2024-08-22 10:27:48.927][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 162.158.87.8 [2024-08-22 10:27:48.927][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK [2024-08-22 10:27:48.970][request][INFO] GET /api/sync [2024-08-22 10:27:48.980][response][INFO] (sync) GET /api/sync?<data..> => 200 OK [2024-08-22 10:27:51.242][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL [2024-08-22 10:27:51.242][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 162.158.87.226 [2024-08-22 10:27:51.242][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK [2024-08-22 10:27:51.427][request][INFO] GET /api/accounts/revision-date [2024-08-22 10:27:51.429][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK [2024-08-22 10:28:54.983][vaultwarden::api::notifications][INFO] Closing WS connection from 162.158.87.8 [2024-08-22 10:29:14.296][request][INFO] GET /api/devices/knowndevice [2024-08-22 10:29:14.297][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK [2024-08-22 10:29:19.576][request][INFO] POST /identity/accounts/prelogin [2024-08-22 10:29:19.576][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK [2024-08-22 10:29:19.839][request][INFO] POST /identity/connect/token [2024-08-22 10:29:19.857][error][ERROR] 2FA token not provided [2024-08-22 10:29:19.858][response][INFO] (login) POST /identity/connect/token => 400 Bad Request [2024-08-22 10:29:26.727][request][INFO] POST /identity/connect/token [2024-08-22 10:29:27.036][vaultwarden::api::identity][INFO] User mail@d-walker.de logged in successfully. IP: 172.71.250.94 [2024-08-22 10:29:27.036][response][INFO] (login) POST /identity/connect/token => 200 OK [2024-08-22 10:29:27.140][request][INFO] POST /identity/connect/token [2024-08-22 10:29:27.144][response][INFO] (login) POST /identity/connect/token => 200 OK [2024-08-22 10:29:27.209][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL [2024-08-22 10:29:27.209][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.70.247.133 [2024-08-22 10:29:27.210][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK [2024-08-22 10:29:27.253][request][INFO] GET /api/sync [2024-08-22 10:29:27.255][response][INFO] (sync) GET /api/sync?<data..> => 200 OK [2024-08-22 10:29:41.617][vaultwarden::api::notifications][INFO] Closing WS connection from 172.70.247.133 [2024-08-22 10:29:53.261][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL [2024-08-22 10:29:53.261][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.71.102.122 [2024-08-22 10:29:53.261][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK [2024-08-22 10:29:53.421][request][INFO] GET /api/accounts/revision-date [2024-08-22 10:29:53.422][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK [2024-08-22 10:29:53.774][request][INFO] GET /api/devices/knowndevice [2024-08-22 10:29:53.775][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK [2024-08-22 10:30:03.745][request][INFO] POST /identity/accounts/prelogin [2024-08-22 10:30:03.745][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK [2024-08-22 10:30:04.007][request][INFO] POST /identity/connect/token [2024-08-22 10:30:04.138][error][ERROR] 2FA token not provided [2024-08-22 10:30:04.138][response][INFO] (login) POST /identity/connect/token => 400 Bad Request [2024-08-22 10:30:12.223][request][INFO] POST /identity/connect/token [2024-08-22 10:30:12.242][vaultwarden::api::identity][INFO] User mail@d-walker.de logged in successfully. IP: 172.71.250.94 [2024-08-22 10:30:12.242][response][INFO] (login) POST /identity/connect/token => 200 OK [2024-08-22 10:30:12.331][request][INFO] POST /identity/connect/token [2024-08-22 10:30:12.334][response][INFO] (login) POST /identity/connect/token => 200 OK [2024-08-22 10:30:12.438][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL [2024-08-22 10:30:12.438][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.70.250.13 [2024-08-22 10:30:12.438][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK [2024-08-22 10:30:12.486][request][INFO] GET /api/sync [2024-08-22 10:30:12.494][response][INFO] (sync) GET /api/sync?<data..> => 200 OK [2024-08-22 10:31:56.138][vaultwarden::api::notifications][INFO] Closing WS connection from 162.158.87.226 [2024-08-22 10:32:02.542][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL [2024-08-22 10:32:02.542][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.71.99.79 [2024-08-22 10:32:02.542][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK [2024-08-22 10:32:02.711][request][INFO] GET /api/accounts/revision-date [2024-08-22 10:32:02.713][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK [2024-08-22 10:32:45.094][request][INFO] GET /notifications/hub?access_token=eyJ0eXAiOiJKV1QiL [2024-08-22 10:32:45.094][vaultwarden::api::notifications][INFO] Accepting Rocket WS connection from 172.71.250.91 [2024-08-22 10:32:45.094][response][INFO] (websockets_hub) GET /notifications/hub?<data..> => 200 OK [2024-08-22 10:32:45.095][request][INFO] GET /api/accounts/revision-date [2024-08-22 10:32:45.096][response][INFO] (revision_date) GET /api/accounts/revision-date => 200 OK [2024-08-22 10:48:16.221][request][INFO] GET /admin [2024-08-22 10:48:16.221][response][INFO] (admin_page_login) GET /admin/ [2] => 200 OK [2024-08-22 10:48:21.258][request][INFO] POST /admin [2024-08-22 10:48:21.266][response][INFO] (post_admin_login) POST /admin/ => 200 OK [2024-08-22 10:48:22.920][request][INFO] GET /admin/diagnostics [2024-08-22 10:48:25.037][response][INFO] (diagnostics) GET /admin/diagnostics => 200 OK [2024-08-22 10:48:30.466][request][INFO] GET /admin/diagnostics/config [2024-08-22 10:48:30.467][response][INFO] (get_diagnostics_config) GET /admin/diagnostics/config => 200 OK [2024-08-22 10:48:54.856][request][INFO] GET /icons/github.com/icon.png [2024-08-22 10:48:54.859][response][INFO] (icon_internal) GET /icons/<domain>/icon.png => 200 OK ``` ### Additional Context _No response_ ### Host/Server Operating System Linux ### Operating System Version Unraid 6.12.10 with Docker version 24.0.9, build 2936816 ### Deployment method Official Container Image ### Custom deployment method I used the selfhosters Template from Unraid, which is the only template you find when you search for Vaultwarden It uses this repository https://hub.docker.com/r/vaultwarden/server/ ### Vaultwarden Build Version v1.32.0 ### Clients Web Vault, Browser Extension ### Client Version Version: 2024.7.1 Server-Version (Drittanbieter): 2024.2.0

MrUnknownDE closed this issue

2026-04-06 01:28:41 +02:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#975