starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-04-25 17:25:57 +03:00
Code Issues 39 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #3223] Issue with Server side KDF Iterations not showing altered in db.sqlite3 #1503

New issue
Closed
opened 2026-03-03 02:09:44 +03:00 by kerem · 3 comments
kerem commented 2026-03-03 02:09:44 +03:00
Owner
Copy link

Originally created by @talkincyber on GitHub (Feb 5, 2023).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/3223

Subject of the issue

Issue with Client side KDF Iterations not showing altered in db.sqlite3. I recently updated my KDF iterations client side on the web vault to 600k and when looking at the sqlite database, it does not show that the iterations changed, it still shows 100k.

Deployment environment

  • Vaultwarden version: v1.27.0
  • Web-vault version: v2022.12.0
  • Running within Docker: true (Base: Debian)
  • Environment settings overridden: false
  • Uses a reverse proxy: true
  • IP Header check: true (X-Real-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Time Check: true
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Database type: SQLite
  • Database version: 3.39.2

Steps to reproduce

I run Vaultwarden via a "stack" in portainer. I just changed the KDF iterations and then also changed my password and said for it to rotate my account keys and it seems it's still at 100k based on the database file.

Expected behaviour

I would expect the database entry for my user account to be updated with the proper amount otherwise it makes me believe the key was not changed and the iterations did not change. I changed my password after changing it as well and it did not have an affect.

Actual behaviour

Troubleshooting data

image

Here is a screenshot of the server side admin panel showing 600k iterations

image

Here is a screenshot of the database for my account selecting password iterations from the table.

Originally created by @talkincyber on GitHub (Feb 5, 2023). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/3223 <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### Subject of the issue <!-- Describe your issue here. --> Issue with Client side KDF Iterations not showing altered in db.sqlite3. I recently updated my KDF iterations client side on the web vault to 600k and when looking at the sqlite database, it does not show that the iterations changed, it still shows 100k. ### Deployment environment <!-- ========================================================================================= Preferably, use the `Generate Support String` button on the admin page's Diagnostics tab. That will auto-generate most of the info requested in this section. ========================================================================================= --> <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * Vaultwarden version: v1.27.0 * Web-vault version: v2022.12.0 * Running within Docker: true (Base: Debian) * Environment settings overridden: false * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.39.2 ### Steps to reproduce <!-- Tell us how to reproduce this issue. What parameters did you set (differently from the defaults) and how did you start vaultwarden? --> I run Vaultwarden via a "stack" in portainer. I just changed the KDF iterations and then also changed my password and said for it to rotate my account keys and it seems it's still at 100k based on the database file. ### Expected behaviour <!-- Tell us what you expected to happen --> I would expect the database entry for my user account to be updated with the proper amount otherwise it makes me believe the key was not changed and the iterations did not change. I changed my password after changing it as well and it did not have an affect. ### Actual behaviour <!-- Tell us what actually happened --> ### Troubleshooting data <!-- Share any log files, screenshots, or other relevant troubleshooting data --> ![image](https://user-images.githubusercontent.com/18764311/216805498-0fc1fc40-a4e2-4d01-a307-567a1bba2579.png) Here is a screenshot of the server side admin panel showing 600k iterations ![image](https://user-images.githubusercontent.com/18764311/216805051-472ec003-5c88-4870-96cc-c12a7edbbb16.png) Here is a screenshot of the database for my account selecting password iterations from the table.
kerem closed this issue 2026-03-03 02:09:44 +03:00
kerem commented 2026-03-03 02:09:45 +03:00
Author
Owner
Copy link

@talkincyber commented on GitHub (Feb 5, 2023):

I restarted vaultwarden in-between chaning the password iterations and changing my password too.

<!-- gh-comment-id:1416956207 --> @talkincyber commented on GitHub (Feb 5, 2023): I restarted vaultwarden in-between chaning the password iterations and changing my password too.
kerem commented 2026-03-03 02:09:45 +03:00
Author
Owner
Copy link

@BlackDex commented on GitHub (Feb 5, 2023):

Not sure what you are reporting here. But i think you tried to change the server side after the whole client change, and saw it didn't changed for your account.

That is true for the version of Vaultwarden you are using. That is fixed in the testing tagged images already. There it will increase your server side kdf on login.

<!-- gh-comment-id:1417066055 --> @BlackDex commented on GitHub (Feb 5, 2023): Not sure what you are reporting here. But i think you tried to change the server side after the whole client change, and saw it didn't changed for your account. That is true for the version of Vaultwarden you are using. That is fixed in the `testing` tagged images already. There it will increase your server side kdf on login.
kerem commented 2026-03-03 02:09:45 +03:00
Author
Owner
Copy link

@BlackDex commented on GitHub (Feb 5, 2023):

Fixed already via #3163

<!-- gh-comment-id:1417068403 --> @BlackDex commented on GitHub (Feb 5, 2023): Fixed already via #3163
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
revert-7033-patch-1
cached-config-operations
test_dylint
1.35.7
1.35.6
1.35.5
1.35.4
1.35.3
1.35.2
1.35.1
1.35.0
1.34.3
1.34.2
1.34.1
1.34.0
1.33.2
1.33.1
1.33.0
1.32.7
1.32.6
1.32.5
1.32.4
1.32.3
1.32.2
1.32.1
1.32.0
1.31.0
1.30.5
1.30.4
1.30.3
1.30.2
1.30.1
1.30.0
1.29.2
1.29.1
1.29.0
1.28.1
1.28.0
1.27.0
1.26.0
1.25.2
1.25.1
1.25.0
1.24.0
1.23.1
1.23.0
1.22.2
1.22.1
1.22.0
1.21.0
1.20.0
1.19.0
1.18.0
1.17.0
1.16.3
1.16.2
1.16.1
1.16.0
1.15.1
1.15.0
1.14.2
1.14.1
1.14
1.13.1
1.13.0
1.12.0
1.11.0
1.10.0
1.9.1
1.9.0
1.8.0
1.7.0
1.6.1
1.6.0
1.5.0
1.4.0
1.3.0
1.2.0
1.1.0
1.0.0
0.13.0
0.12.0
0.11.0
0.10.0
0.9.0
Labels
Clear labels   
SSO

   
Third party

   
better for forum

   
bug

   
bug

   
documentation

   
duplicate

   
enhancement

   
future Vault

   
future Vault

   
future Vault

   
good first issue

   
help wanted

   
low priority

   
notes

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
troubleshooting

   
wontfix
No labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
question
troubleshooting
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/vaultwarden#1503
No description provided.