Vault Timeout Options
Vault Timeout determines how your vault will behave after a specified period of inactivity. Timeout is set individually for each Bitwarden app from the Settings. When configuring your Vault Timeout settings, you can set both the timeout and timeout action:
If you're logged-in to multiple accounts in your Bitwarden desktop app, timeout and timeout action are set on an account-by-account basis. Learn more.
Vault Timeout determines how long Bitwarden can be inactive before timing out. "Inactivity" is determined by time since interacting with Bitwarden, not system idle time. Each app has standardized options (e.g. 1 minute, 15 minutes, 1 hour) as well as options specific to certain apps (e.g. On System Idle) and a custom input. Enterprise Organizations can implement a maximum allowable Timeout.
On Chromebooks, there is no way to fully close or restart the browser. Therefore, the On Browser Restart option will only lock the extension when you restart your device.
Web and Browser Extension Timeouts
Due to the web vault and browser extension depending on your web browser, there are unique "timeout" scenarios to consider:
If you refresh your browser (
CMD/CTRL + R), your web vault will lock. Refreshing will not affect a browser extension.
If you close your browser tab, you will be logged out of your web vault. Closing a single tab will not affect a browser extension.
If you quit your browser, you will be logged out of both your web vault and browser extension.
If you're using a browser extension, you can bypass this by enabling the Unlock with PIN option and unchecking the Lock with master password on browser restart checkbox.
Vault Timeout Action
This option determines what Bitwarden will do once the vault timeout is reached. Options include:
Locking your vault will maintain vault data on the device, so unlocking your vault can be done offline. You'll only be required to enter your master password to decrypt your vault data, not any active two-step Login methods.
Logging out of your vault completely removes all vault data from your device. Logging back in will require you to re-authenticate your identity, so logging in can only be done when online. You'll be required to enter your master password and any active two-step login method.