Lost your Bitwarden Master Password?

This technique doesn't work anymore. Bitwarden changed the code. There are alternative however. I might publish a new way in sometime.

Introduction

This morning, I don't know why but I had a blank. I wasn't able to remember my Bitwarden master password. And if you know how Bitwarden works, you know that you can't recover your account if you have lost your master password. But, there is a small chance that you could be able to extract all the password from one of your connected vault if you still have access without needing your master password. Then, you can simply delete your account, create a new one and import the password in json format. Here is how I did it. It saved me a lot of hours !

Prerequisite

First, to able able to recover all your passwords in a .json format you will need this

Having still access to one of your vault (chrome, firefox or any other browser) logged in

How to export the data

Step 1

First, open the bitwarden app in your browser, in my case I did it with Firefox but it should be really similar with other browsers:

Navigate to this url with your browser:

moz-extension://5f297e69-c8a8-4659-871d-0c4e43ed600d/popup/index.html#/export

Note: If you are using Chrome, replace moz-extension with chrome-extension.

Step 2

Now, open the developer tools. Should be F12. Then, go in the Inspector tab.

Ctrl+Click on ../popup/main.js

From there, you should be redirected to the main.js source code.

Step 3

Send Ctrl+F and a input below should appear so you can search for specific line. Enter storedKeyHash != null && keyHash != null && storedKeyHash === keyHash

You should end up here:

Step 4

Now we need to put a break point on the line 10409. Just click on the line 10409. Should look something like below.

Step 5

This step is really important, we will now enter a random password in the master password field and submit the form.

On submitting the form, you should be redirected in the debugger where you added the break point as below:

Let's copy the value in storedKeyHash and replace the value of keyHash with it. You can hover your mouse on the variable storedKeyHash and a small box will pop above. Once you have copied the hash value go in the console tab and enter the following code:

Now we have replaced the value of the keyHash and it should be equal to the storedKeyHash value.

Step 6

This is the last step. Now it's pretty straight forward. Simply click on the "Play" button to continue the execution of the JavaScript code and you should be prompted to download the exported data in .json.

And voilà !

I hope that it worked for you. It saved me a lot of hours. I would have to copy all my password manually which would have been ridiculous.