-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bad password no matter what I do #147
Comments
No worries. I didn't even get that impression from your post. Let's break this down.
This sounds like internal state is somehow corrupted. As you mentioned you deleted the app data, but can you still try rm -rf'ing ~/.var/app/com.quexten.Goldwarden/ Starting it in this way ensures you have a clean state, and also should output logs in the console you run the flatpak run command from. Then, post the log here, but make sure to look for sensitive information, and redact it. Usually, no sensitive information should be logged, but i'm noting this just in case it's accidentally logged.
Is this a self hosted installation or official vault.bitwarden.com? |
I'm having the same problem. I tried removing ~/.var/app/com.quexten.Goldwarden/ and rerunning app. Still no luck.
|
Same issue here with the Flatpak GUI. It does seem to have finally synced, but I had to restart goldwarden to see that.
|
That's how I deleted the app data. I then stopped it through GNOME's background app thingy in the control center (I assume that's doing the same thing as
I'm not self hosting it, I'm just using vault.bitwarden.com. Since two other people have the same issue, it seems like this isn't just an issue I'm having. Even though they already did it, I'm also going to paste the logs here, just in case. I deleted the app data and stopped the app exactly as you said this time. Log after just starting the app
Log after entering a PIN
Log after trying to log in with password (It still showed the "Bad password" popup but it prompted me to enter the password right after that)
This showed up once in the log after clicking "ok" on the "Bad password" popup but then, as you can see, it kept showing up again (the message in the log, not the popup)
Log after trying to log in with Client ID and Client Secret (it still showed a "Bad password" every time I clicked on "Login")
|
Thanks all for the reports! |
I am also having this same issue with a fresh install of the arch package AND the flatpak |
Should be fine on the latest main branch version, might have to make a release soon so it's fixed on stable too. |
I was trying to build it and see if that was the case but I was struggling to get it to work as well. I've never worked with go before. But instead I'm getting this new error when I try to set the vault pin
|
That sounds like the daemon is on a different version that the cli. The error message in this case in not exactly helpful, but it should be fixed by replacing your /usr/bin/goldwarden with the locally built version, then restarting the systemd daemon service. |
okay I nuked everything goldwarden, restarted, and resetup now im getting this error lol Login failed: Could not sync vault: decrypt: MAC mismatch Just using the api client-id and secret which i copied directly from the site.. Because I got the other error you mention in the wiki |
Seems there are some more issues to work out.
This could be a bug in Goldwarden, but it could also be a corrupted cipher in your vault. The easiest way to confirm would be to log into the web vault with your browser console open, and check if the MAC mismatch occurs there too. The web vault currently just logs the error and skips broken ciphers. I guess we can do that too. |
For me the problem exists on Goldwarden (mac m1), but the web vault does not have any logged errors at browser console.
Same here, for the classic login (not via API keys) i got Login failed: Could not sync vault: could not sync: Unauthorized: I make another try, wipe all vault with |
I encountered the same issue on Fedora 39 with the Flatpak variant of this app. I was using |
Thanks for the informative comments! I can't debug this right now due to life being ultra busy, but I will try do look at this in the coming weeks. The plus character is very interesting. As I recall, login requests include the email during generation of the authentication hash. I'm not sure what the official clients do, but it may be the case that they filter out such special characters in the hash. |
I've tried to debug the issue, I don't have a plus sign in my email address, and it also doesn't work for me. However, if I log in by CLI instead of GUI, it works flawlessly. I have a lot of special characters in my password, so maybe that could help you. I think that there is some kind of problem with encoding data between GUI and CLI. |
I am also experiencing this issue on Fedora 39 with a self-hosted Vaultwarden instance - no special characters in the email - at first in the password though, but for testing purposes I also tried a password without any special characters, which resulted in the same behaviour. Interestingly though, the The log reads:
The trace-back at the very end occurred quite a while after I stopped using the application - at least a minute later. I don't know whether it is related - The application is still running after this. Trying to log in again, without restarting the application results in a singular additional log entry:
No password prompt appears - just the pop-up "Bad Password". |
Experiencing same behavior as LeMoonStar on Fedora 39 Workstation with a selfhosted Bitwarden instance, "Bad Password" is displayed after entering email/clientid/secret/URL but before the prompt to enter password appears, sometimes twice (first in normal GTK, then again in QT or something non-uniform) Log output through Screen:
|
was able to get around this by (note: you can get your client id and secret by following this https://bitwarden.com/help/personal-api-key/) flatpak run --command=goldwarden com.quexten.Goldwarden config set-client-id YOURCLIENTID
flatpak run --command=goldwarden com.quexten.Goldwarden config set-client-secret YOURCLIENTSECRET
flatpak run --command=goldwarden com.quexten.Goldwarden vault login --email YOUREMAIL for some reason, doing this in the GUI didn't work, but after logging in through the cli everything works fine |
@reitermiller Is this on Bitwarden's cloud service? In that case you need to configure API keys. |
@quexten Selfhosted instance, I have also tried to setup with keys through the Goldwarden GUI to no avail. |
After FlatHub's build infrastructure completed building & deploying, you should be able to update to 0.2.15, alternatively:
Please test if the issue persists. |
For me, it fixed the issue, thanks! |
I changed my email recently, so I'm trying to log in again but it just doesn't work no matter what I do. I set the PIN to my Bitwarden password (I'm not sure but I think the PIN can be different), I tried entering just my email in the login and it first told me
Bad password
, without me having entered my password, then it prompted me to enter my password, I did and it still told meBad password
. This was also after the third reinstall (I also deleted the app data) and it was the only time it actually asked me for my password, even though I tried logging in multiple times. I also tried entering the Client ID and Client Secret but it still told meBad password
(I tried entering the ID with and without theuser.
). This is a great and very useful application and I'm very thankful for everyone involved in maintaining it. I hope it wasn't too obvious that I'm pretty pissed off right now but it kinda sucks that it just won't work the one time I actually need it.OS: Fedora Linux 39 (Kernel 6.7.9)
Installation method: Flatpak
The text was updated successfully, but these errors were encountered: