| 31 Jul 2021 |
 satisha | Just an FYI, on Windows if you set up Windows hello (pin/biometric), you can use webauthn with Firefox, this will register your Windows device.
On Mac, you can register your biometric, but I think it's via Safari only | 04:41:48 |
|  Ujjwal joined the room. | 09:30:20 |
 davo | in my experience on Mac, you can only use Touch ID for WebAuthn in Chrome (not even Safari) | 13:48:39 |
| satisha | Interesting... Whereas on Windows Chrome doesn't do that, not easily that I can see | 14:58:51 |
|  @korjavin:matrix.org left the room. | 19:26:59 |
|  metalcoder joined the room. | 20:34:23 |
| metalcoder set a profile picture. | 20:38:14 |
| metalcoder | Hey! Just wondering if account recovery (password reset, emergency contact) is anywhere close in the roadmap... | 20:40:28 |
| metalcoder | It's the only thing that's blocking a rollout both in my company and my family 😀 | 20:41:07 |
| 1 Aug 2021 |
| satisha | I don't think password recovery/reset works since the password is used to encrypt the data | 02:39:52 |
| satisha | That's why even in Bitwarden if you loose acres to your master password, you'll need to delete the account and start fresh | 02:40:35 |
| satisha | Emergency contact, I heard someone did a check out, but nothing heard regarding that. | 02:41:36 |
| satisha | You could roll it out at your company.. emergency contact is mostly used by personal/ family accounts | 02:42:38 |
| metalcoder | Having no way of recovering from a forgotten password is a bit of a deal breaker unfortunately... | 04:55:25 |
 dash | the way you recover is from an unencrypted backup | 04:55:48 |
| dash | or at least, encrypted with something different from the user's password | 04:56:01 |
| metalcoder | Yeah... Having an unencrypted backup feels less safe than encrypting with a stored password other than the user's login password. How has hosted bitwarden solved it woth emergency contact? | 05:00:32 |
 BlackDex | Emergency contact and organization master password reset both work with shared keys | 08:29:24 |
| BlackDex | So the only way someone can change your master password is if you are enrolled into an org and it is enrolled into the master password recovery. Which at this point isn't build in into Vaultwarden | 08:31:11 |
| BlackDex | Emergency contact isn't into Vaultwarden yet. We still need to find time to validate and check the PR which is created | 08:32:07 |
| metalcoder | Svar på @blackdex:matrix.org
Emergency contact isn't into Vaultwarden yet. We still need to find time to validate and check the PR which is created Any way to help out? | 10:03:43 |
|  batoo joined the room. | 11:44:26 |
| batoo | 
Download image.png | 11:49:15 |
| batoo | Hello ! Thanks a lot for this awesome FOSS port, been using it a bit and so far so good ! Only thing is ( I might be the culprit ) I use nginx as reverse proxy and connexion to vaultwarden is good, https check ok, but the diagnostic gives me this : | 11:49:17 |
| batoo | Have I missed something or is it like this for everyone using reverse proxy ? | 11:49:46 |
| BlackDex | batoo: if you hover over those red messages, it will explain a bit what/why | 12:40:47 |
| BlackDex | But bascially, you need to configure the DOMAIN variable | 12:40:59 |
| BlackDex | it doesn't match the hostname, neither does the http compared to https | 12:41:22 |
| BlackDex | If it doesn't match, it will cause issues with e-mails (because those links are generated to localhost and will not work), WebAuthn, attachments, send etc.. all those items will not work | 12:42:28 |
| batoo | Got it, I misunderstood the explaination in domain URL configuration, now all is good thanks a lot ! | 16:03:57 |
