Master PW suddenly not working

One of the accounts on my self-hosted BW server won’t work. It tells me:

Please verify your email before trying again

Some tings:

  • I know for a fact I’ve never changed it.
  • It’s not being mistyped, or entered in any odd way due to keyboard, etc.; ironically I’m using BW itself to form fill the login info.
  • I’ve tried no less than 30 times; pasting, hand-typing, using BW to fill the form.
  • I’ve triple, quadruple, and even quintuple checked that all creds were entered correctly.
  • I’ve tried in the browser clearing the cache (ctrl+F5) as well as incognito mode.
  • I’ve tried on different devices; a computer and an apple iPad.
  • It’s self-hosted, so I have full access to the mysql database, and can look in the Users column and have confirmed the username (which is the email addy) is 100% correct.
  • Looked through all logs and emails to confirm it has not been hacked, so that the pw was changed on me.
  • Cussed at the computer a few dozen times… still didn’t help.

It may or may not be worth noting that I have several different accounts on that server, and this is the only one where the credentials aren’t working.

My setup:

  • Vaultwarden: Version 1.30.5 (container)
  • Docker in WSL
  • MariaDB something version or other

Anyone have any ideas?

You have configured that people need to have there email address verified before they are allowed to login.

You probably have received emails from your Vaultwarden instance to do this.

Thanks @BlackDex

Thing is, I’ve logged into it with these same credentials already in the past. It’s been long enough now that I don’t specifically remember verifying it, but I do know I’ve entered those creds in the login form and logged in with that account at least a dozen times in the past, and there are about 20 logins already saved in the account.

That doesn’t matter. If someone changed that setting to become active, and your account is not verified you will get that message.

You might accidentally have it enabled via the admin interface.
Or someone or something changed the database.

I’m just telling you what is happening and how you could solve it
How this was triggered is something you need to check in your logs i think.

Also, as a side note here. Your password is correct, else that message would not appear.

Well, this is an odd development; I hadn’t messed with it again since my previous post until just a few minutes ago, and for some odd reason it logged right in?

No password changes, config changes, db changes or anything of any sort whatsoever. :face_with_spiral_eyes:

Is there some sort of behind the scenes timestamp synching (or the like) going on that might cause that? (similar to TOTP).

Your host might do that. Vaultwarden doesn’t do any ntp syncing.