Vault Timeout Options
Vault timeout determines how your vault will behave after a specified period of inactivity. Timeout is set individually for each Bitwarden app from the Settings. When configuring your vault timeout settings, you can set both the timeout and timeout action:
If you are logged-in to multiple accounts in your Bitwarden desktop app, timeout and timeout action are set on an account-by-account basis. Learn more.
Vault timeout determines how long Bitwarden can be inactive before timing out. "Inactivity" is determined by time since interacting with Bitwarden, not system idle time. Each app has standardized options (for example, 1 minute, 15 minutes, 1 hour) as well as options specific to certain apps (for example, On System Idle) and a custom input. Enterprise organizations can implement a maximum allowable timeout.
On Chromebooks, there is no way to fully close or restart the browser. Therefore, the On Browser Restart option will only lock the extension when you restart your device.
Due to the web vault and browser extension depending on your web browser, there are unique "timeout" scenarios to consider:
If you refresh your browser (
CMD/CTRL + R), your web vault will lock. Refreshing will not affect a browser extension.
If you close your browser tab, you will be logged out of your web vault. Closing a single tab will not affect a browser extension.
If you quit your browser, you will be logged out of both your web vault and browser extension.
If you are using a browser extension, you can bypass this by enabling the Unlock with PIN option and unchecking the Lock with master password on browser restart checkbox.
This option determines what Bitwarden will do once the vault timeout is reached. Options include:
Locking your vault will maintain vault data on the device, so unlocking your vault can be done offline. You will be required to enter your master password or PIN, or use biometrics, but won't need to use any active two-step login methods.
Logging out of your vault completely removes all vault data from your device. Logging back in will require you to re-authenticate your identity, so logging in can only be done when online. You will be required to enter your master password and any active two-step login method.