Hacked Account

Did you receive an email notification that a new device has logged into your Bitwarden account? if so, your account may have been compromised. If you believe that your account has been hacked, there are several steps you can take to re-secure your information.

The email will state that your Bitwarden account was just logged into from a new device. This means that your account may have been logged in by another person. The email information will include:

  • Date and Time of Login

  • IP address

  • Device type

The date of the login and time (in UTC) should be converted to your local time for accurate reference. The IP of the device that logged in will be provided in the email, as well as the device that the login occurred on (such as Chrome extension, Android, and more).

You can check your IP by searching my ip in Google. This will also apply to mobile device IP addresses. Check that the IP address identified in the email does not match your home, work, mobile, or any other location that you use to access your Bitwarden account. If this IP does not match your own, then your account may have been compromised.

Update your master password

If you do not recognize the IP address, it is recommended that you change your master password as soon as possible. Additionally, if two-step login (or 2FA) is not configured on your account, Bitwarden recommends that you enable two-step login for increased vault security.

Deauthorize Bitwarden sessions

You should also deauthorize sessions through the Bitwarden web vault in order to force logout any active instances of your Bitwarden account.

Access the web vault and go to Account SettingsMy Account. Scroll to the bottom of the page and select Deauthorize Sessions.

Deauthorize sessions
Deauthorize sessions

After Bitwarden has been updated with a new master password, and sessions have been deauthorized, Bitwarden recommends that you change any accounts you have stored in your Bitwarden vault. This is a precautionary step. It is unknown if anyone accessed your accounts without permission.

My account has active 2FA

Having 2FA active on your Bitwarden account will greatly increase your account security. Emails received could be false positives or a fake message. However, if you cannot determine why you received this email alert, it is recommended to take the necessary steps to secure your Bitwarden account.

If another device has attempted to access your account, this means that your master password may be compromised and you should change your master password as soon as possible.

Deleting your account

If you wish to create a new Bitwarden account and start a new vault, see deleting your account. If you are creating a new Bitwarden account, please be sure to active 2FA for increased security.

For additional information regarding password security:

Suggest changes to this page

How can we improve this page for you?
For technical, billing, and product questions, please contact support

Contact Our Support Team

For technical, billing, and product questions.

Bitwarden account email*
Verify account email*
Are you self-hosting?*

Cloud Status

Check status

© 2024 Bitwarden, Inc. Terms Privacy Cookie Settings Sitemap

This site is available in English.
Go to EnglishStay Here