Mitt kontoLogga in och lås upp

Understand Log In vs. Unlock

In order to understand why unlocking and logging in are not the same, it's important to remember that Bitwarden never stores unencrypted data on its servers. When your vault is neither unlocked nor logged in, your vault data only exists on the server in its encrypted form.

Logging in

Logging in to Bitwarden retrieves the encrypted vault data and decrypts the vault data locally on your device. In practice, that means two things:

  1. Logging in will always require you to use your master password or login with device to gain access to the account encryption key that will be needed to decrypt vault data.

    This stage is also where any enabled two-step login methods will be required.

  2. Logging in will always require you to be connected to the internet (or, if you are self-hosting, connected to the server) to download the encrypted vault to disk, which will subsequently be decrypted in your device's memory.

Unlocking

Unlocking can only be done when you are already logged in. This means, according to the above section, your device has encrypted vault data stored on disk. In practice, this means two things:

  1. You don't specifically need your master password. While your master password can be used to unlock your vault, so can other methods like PIN codes and biometrics.

    note

    När du ställer in en PIN-kod eller biometri används en ny krypteringsnyckel härledd från PIN-koden eller den biometriska faktorn för att kryptera kontons krypteringsnyckel, som du kommer att ha tillgång till genom att vara inloggad och lagrad på diskª.

    Upplåsning av ditt valv gör att PIN-koden eller den biometriska nyckeln dekrypterar kontokrypteringsnyckeln i minnet. Den dekrypterade kontokrypteringsnyckeln används sedan för att dekryptera alla valvdata i minnet.

    Att låsa ditt valv gör att all dekrypterad valvdata, inklusive den dekrypterade kontokrypteringsnyckeln, raderas.

    ª - Om du använder alternativet Lås med huvudlösenord vid omstart, lagras denna nyckel bara i minnet istället för på disken.

  2. You don't need to be connected to the internet (or, if you are self-hosting, connected to the server).