Hacked Account
Did you receive an email notification that a new device has logged into your Bitwarden account? if so, your account may have been compromised. If you believe that your account has been hacked, there are several steps you can take to re-secure your information.
The email will state that your Bitwarden account was just logged into from a new device. This means that your account may have been logged in by another person. The email information will include:
Date and Time of Login
IP address
Device type
The date of the login and time (in UTC) should be converted to your local time for accurate reference. The IP of the device that logged in will be provided in the email, as well as the device that the login occurred on (such as Chrome extension, Android, and more).
You can check your IP by searching my ip in Google. This will also apply to mobile device IP addresses. Check that the IP address identified in the email does not match your home, work, mobile, or any other location that you use to access your Bitwarden account. If this IP does not match your own, then your account may have been compromised.
If you do not recognize the IP address, it is recommended that you change your master password as soon as possible. Additionally, if two-step login (or 2FA) is not configured on your account, Bitwarden recommends that you enable two-step login for increased vault security.
You should also deauthorize sessions through the Bitwarden web vault in order to force logout any active instances of your Bitwarden account.
Access the web vault and go to Account Settings → My Account. Scroll to the bottom of the page and select Deauthorize Sessions.
noot
After Bitwarden has been updated with a new master password, and sessions have been deauthorized, Bitwarden recommends that you change any accounts you have stored in your Bitwarden vault. This is a precautionary step. It is unknown if anyone accessed your accounts without permission.
Having 2FA active on your Bitwarden account will greatly increase your account security. Emails received could be false positives or a fake message. However, if you cannot determine why you received this email alert, it is recommended to take the necessary steps to secure your Bitwarden account.
If another device has attempted to access your account, this means that your master password may be compromised and you should change your master password as soon as possible.
If you wish to create a new Bitwarden account and start a new vault, see deleting your account. If you are creating a new Bitwarden account, please be sure to active 2FA for increased security.