Admin Token Does Not Update

I recently set up Vaultwarden using docker. I followed this guide. When I arrived to the admin page, it notified me that the admin token was insecure. I then used this wiki article to generate an argon2 hash and start a new docker isntance using the hashed token.

As I understand, I should now be able to use the hashed token’s passphrase as my admin token to log in to the admin menu. However, that password does not work. What does work is my old token. What could I have done wrong here? Here are the steps I took.

  1. Stop the vaultwarden container using sudo docker stop vaultwarden
  2. Remove the vaultwarden constainer using sudo docker rm vaulwarden
  3. Confirmed that the vaultwarden container was indeed gone using sudo docker ps
  4. Created a new container using the following command
sudo docker run -d --name bitwarden \
    -e ADMIN_TOKEN='$argon2id$v=19$m=65540,t=3,p=4$DELETEDHASH' \
    --restart=always \
    -v /bw-data/:/data/ \
    -p 127.0.0.1:8080:80 \
    -p 127.0.0.1:3012:3012 \
    vaultwarden/server:latest

I suggest to read the note directly following the header text carefully on this page. Enabling admin page · dani-garcia/vaultwarden Wiki · GitHub

As i think you used the admin interface already to update settings.

I did not update using the admin page. Unless entering the token to initially access the admin page counts.

Edit: I did actually use the admin page to change the “Allow new signups” option.

What do the logs say? If they contain something like this you are using a config.json for configuration:

[INFO] Using saved config from `data/config.json` for configuration.

[WARNING] The following environment variables are being overriden by the config.json file.
[WARNING] Please use the admin panel to make changes to them:
[WARNING] DOMAIN, DISABLE_ICON_DOWNLOAD, SIGNUPS_ALLOWED, ADMIN_TOKEN

If you have followed the guide to the end you should have used the save button to disable new user creation which creates a config.json in the data folder.

Also you might have set the environment variable using portainer. I’m not familiar with portainer and how it works but it might interfere?

Did not use portainer portainer but I will check config.json when I get home.

I do see that in the log. I think I have it figured out now. I must have entered the hash into the form input with the single quotes like this 'HASHSTRING' instead of just HASHSTRING.

Edit: The issue is resolved.