PR labeler test to see how labels behave on App

Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>

.github/ISSUE_TEMPLATE/config.yml

@@ -1,5 +1,8 @@
 blank_issues_enabled: false
 contact_links:
+  - name: Customer Support
+    url: https://bitwarden.com/contact/
+    about: Please contact our customer support for account issues and general customer support.
   - name: Report mobile autofill failure
     url: https://docs.google.com/forms/d/e/1FAIpQLScMopHyN7KGJs8hW562VTzbIGL4KcFnx0wJcsW0GYE1BnPiGA/viewform
     about: We are aware of some situations where the Bitwarden mobile app will not autofill information correctly. This is something the Bitwarden team is actively working on but need your help as a community and active Bitwarden users!
@@ -9,9 +12,6 @@ contact_links:
   - name: Bitwarden Community Forums
     url: https://community.bitwarden.com
     about: Please visit the community forums for general community discussion, support and the development roadmap.
-  - name: Customer Support
-    url: https://bitwarden.com/contact/
-    about: Please contact our customer support for account issues and general customer support.
   - name: Security Issues
     url: https://hackerone.com/bitwarden
     about: We use HackerOne to manage security disclosures.

.github/labeler.yml

@@ -0,0 +1,19 @@
+android:
+- src/App/*
+- src/Core/*
+- src/Android/*
+
+iOS:
+- src/App/*
+- src/Core/*
+- lib/ios/*
+- src/iOS/*
+- src/iOS.Autofill/*
+- src/iOS.Core/*
+- src/iOS.Extension/*
+- src/iOS.ShareExtension/*
+- src/iOS.Widget/*
+- src/watchOS/*
+
+watchOS:
+- src/watchOS/*

.github/resources/export-options-app-store.plist

@@ -7,13 +7,13 @@
     <key>provisioningProfiles</key>
     <dict>
         <key>com.8bit.bitwarden</key>
-        <string>Dist: Bitwarden 2021</string>
+        <string>Dist: Bitwarden</string>
         <key>com.8bit.bitwarden.autofill</key>
-        <string>Dist: Autofill 2021</string>
+        <string>Dist: Autofill</string>
         <key>com.8bit.bitwarden.find-login-action-extension</key>
-        <string>Dist: Extension 2021</string>
+        <string>Dist: Extension</string>
         <key>com.8bit.bitwarden.share-extension</key>
-        <string>Dist: Share Extension 2021</string>
+        <string>Dist: Share Extension</string>
         <key>com.8bit.bitwarden.watchkitapp</key>
         <string>Dist: Bitwarden Watch App</string>
         <key>com.8bit.bitwarden.watchkitapp.watchkitextension</key>

.github/workflows/build.yml

@@ -4,10 +4,10 @@ name: Build
 on:
   push:
     branches-ignore:
-      - 'l10n_master'
-      - 'gh-pages'
+      - "l10n_master"
+      - "gh-pages"
     paths-ignore:
-      - '.github/workflows/**'
+      - ".github/workflows/**"
   workflow_dispatch:
     inputs: {}
 
@@ -37,6 +37,8 @@ jobs:
     steps:
       - name: Checkout repo
         uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
+        with:
+          submodules: 'true'
 
       - name: Check if special branches exist
         id: branch-check
@@ -62,16 +64,19 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        variant: ['prod', 'qa']
+        variant: ["prod", "qa"]
     steps:
       - name: Setup NuGet
-        uses: nuget/setup-nuget@b2bc17b761a1d88cab755a776c7922eb26eefbfa  # v1.0.6
+        uses: nuget/setup-nuget@b2bc17b761a1d88cab755a776c7922eb26eefbfa # v1.0.6
         with:
           nuget-version: 5.9.0
 
       - name: Set up MSBuild
         uses: microsoft/setup-msbuild@ab534842b4bdf384b8aaf93765dc6f721d9f5fab
-          
+
+      - name: Setup Windows builder
+        run: choco install checksum --no-progress
+
       - name: Work Around for broken Windows 2022 Runner Image
         run: |
           Set-Location "C:\Program Files (x86)\Microsoft Visual Studio\Installer\"
@@ -148,7 +153,17 @@ jobs:
         shell: pwsh
 
       - name: Run Core tests
-        run: dotnet test test/Core.Test/Core.Test.csproj
+        run: dotnet test test/Core.Test/Core.Test.csproj --logger "trx;LogFileName=test-results.trx"
+        shell: pwsh
+
+      - name: Report test results
+        uses: dorny/test-reporter@c9b3d0e2bd2a4e96aaf424dbaa31c46b42318226
+        if: always()
+        with:
+          name: Test Results
+          path: "**/test-results.trx"
+          reporter: dotnet-trx
+          fail-on-error: true
 
       - name: Build Play Store publisher
         if: ${{ matrix.variant == 'prod' }}
@@ -175,8 +190,8 @@ jobs:
         run: |
           $androidPath = $($env:GITHUB_WORKSPACE + "/src/Android/Android.csproj");
           $packageName = "com.x8bit.bitwarden";
-          
-          if ("${{ matrix.variant }}" -ne "prod") 
+
+          if ("${{ matrix.variant }}" -ne "prod")
           {
             $packageName = "com.x8bit.bitwarden.${{ matrix.variant }}";
           }
@@ -239,6 +254,34 @@ jobs:
           path: ./com.x8bit.bitwarden.${{ matrix.variant }}.apk
           if-no-files-found: error
 
+      - name: Create checksum for Prod .apk artifact
+        if: ${{ matrix.variant == 'prod' }}
+        run: |
+          checksum -f="./com.x8bit.bitwarden.apk" `
+            -t sha256 | Out-File -Encoding ASCII ./bw-android-apk-sha256.txt
+
+      - name: Create checksum for Other .apk artifact
+        if: ${{ matrix.variant != 'prod' }}
+        run: |
+          checksum -f="./com.x8bit.bitwarden.${{ matrix.variant }}.apk" `
+            -t sha256 | Out-File -Encoding ASCII ./bw-android-${{ matrix.variant }}-apk-sha256.txt
+
+      - name: Upload .apk sha file for prod
+        if: ${{ matrix.variant == 'prod' }}
+        uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
+        with:
+          name: bw-android-apk-sha256.txt
+          path: ./bw-android-apk-sha256.txt
+          if-no-files-found: error
+
+      - name: Upload .apk sha file for other
+        if: ${{ matrix.variant != 'prod' }}
+        uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
+        with:
+          name: bw-android-${{ matrix.variant }}-apk-sha256.txt
+          path: ./bw-android-${{ matrix.variant }}-apk-sha256.txt
+          if-no-files-found: error
+
       - name: Deploy to Play Store
         if: ${{ matrix.variant == 'prod' && (( github.ref == 'refs/heads/master'
           && needs.setup.outputs.rc_branch_exists == 0
@@ -260,13 +303,16 @@ jobs:
     runs-on: windows-2022
     steps:
       - name: Setup NuGet
-        uses: nuget/setup-nuget@b2bc17b761a1d88cab755a776c7922eb26eefbfa  # v1.0.6
+        uses: nuget/setup-nuget@b2bc17b761a1d88cab755a776c7922eb26eefbfa # v1.0.6
         with:
           nuget-version: 5.9.0
 
       - name: Set up MSBuild
         uses: microsoft/setup-msbuild@ab534842b4bdf384b8aaf93765dc6f721d9f5fab
 
+      - name: Setup Windows builder
+        run: choco install checksum --no-progress
+
       - name: Work Around for broken Windows 2022 Runner Image
         run: |
           Set-Location "C:\Program Files (x86)\Microsoft Visual Studio\Installer\"
@@ -437,14 +483,26 @@ jobs:
           path: ./com.x8bit.bitwarden-fdroid.apk
           if-no-files-found: error
 
+      - name: Create checksum for F-Droid artifact
+        run: |
+          checksum -f="./com.x8bit.bitwarden-fdroid.apk" `
+            -t sha256 | Out-File -Encoding ASCII ./bw-fdroid-apk-sha256.txt
+
+      - name: Upload F-Droid sha file
+        uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
+        with:
+          name: bw-fdroid-apk-sha256.txt
+          path: ./bw-fdroid-apk-sha256.txt
+          if-no-files-found: error
+
 
   ios:
     name: Apple iOS
-    runs-on: macos-11
+    runs-on: macos-12
     needs: setup
     steps:
       - name: Setup NuGet
-        uses: nuget/setup-nuget@b2bc17b761a1d88cab755a776c7922eb26eefbfa  # v1.0.6
+        uses: nuget/setup-nuget@b2bc17b761a1d88cab755a776c7922eb26eefbfa # v1.0.6
         with:
           nuget-version: 5.9.0
 
@@ -458,16 +516,18 @@ jobs:
 
       - name: Checkout repo
         uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
+        with:
+          submodules: 'true'
 
-      - name: Login to Azure - Prod Subscription
+      - name: Login to Azure - CI Subscription
         uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
         with:
-          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
       - name: Retrieve secrets
         id: retrieve-secrets
         env:
-          KEYVAULT: bitwarden-prod-kv
+          KEYVAULT: bitwarden-ci
           SECRETS: |
             appcenter-ios-token
         run: |
@@ -503,6 +563,8 @@ jobs:
           gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPT_FILE_PASSWORD" \
             --output $HOME/secrets/dist_watch_app_extension.mobileprovision \
             ./.github/secrets/dist_watch_app_extension.mobileprovision.gpg
+          gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPT_FILE_PASSWORD" \
+            --output ./src/watchOS/bitwarden/GoogleService-Info.plist ./.github/secrets/GoogleService-Info.plist.gpg
         shell: bash
 
       - name: Increment version
@@ -584,15 +646,12 @@ jobs:
           echo "########################################"
           echo "##### Build WatchApp with Release Configuration"
           echo "########################################"
-          
+
           xcodebuild archive -workspace ./src/watchOS/bitwarden/bitwarden.xcodeproj/project.xcworkspace -configuration Release -scheme bitwarden\ WatchKit\ App -archivePath ./src/watchOS/bitwarden
 
           echo "########################################"
           echo "##### Done"
           echo "########################################"
-          cd src/watchOS
-          ls -R
-          cd ../..
         shell: bash
 
       - name: Restore packages
@@ -630,7 +689,12 @@ jobs:
           ARCHIVE_DSYMS_PATH="$HOME/Library/Developer/Xcode/Archives/*/*.xcarchive/dSYMs"
           EXPORT_PATH="./bitwarden-export"
 
-          cp -r $ARCHIVE_DSYMS_PATH $EXPORT_PATH
+          WATCH_ARCHIVE_DSYMS_PATH="./src/watchOS/bitwarden.xcarchive/dSYMs/"
+          WATCH_DSYMS_EXPORT_PATH="$EXPORT_PATH/Watch_dSYMs"
+
+          cp -r -v $ARCHIVE_DSYMS_PATH $EXPORT_PATH
+          mkdir $WATCH_DSYMS_EXPORT_PATH
+          cp -r -v $WATCH_ARCHIVE_DSYMS_PATH $WATCH_DSYMS_EXPORT_PATH
         shell: bash
 
       - name: Upload App Store .ipa & dSYMs artifacts
@@ -653,23 +717,39 @@ jobs:
 
       - name: Upload dSYMs to App Center
         if: |
-            (github.ref == 'refs/heads/master'
-              && needs.setup.outputs.rc_branch_exists == 0
-              && needs.setup.outputs.hotfix_branch_exists == 0)
-            || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
-            || github.ref == 'refs/heads/hotfix-rc'
+          (github.ref == 'refs/heads/master'
+            && needs.setup.outputs.rc_branch_exists == 0
+            && needs.setup.outputs.hotfix_branch_exists == 0)
+          || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
+          || github.ref == 'refs/heads/hotfix-rc'
         env:
           APPCENTER_IOS_TOKEN: ${{ steps.retrieve-secrets.outputs.appcenter-ios-token }}
         run: appcenter crashes upload-symbols -a bitwarden/bitwarden -s "./bitwarden-export/dSYMs" --token $APPCENTER_IOS_TOKEN
         shell: bash
 
+      - name: Upload Watch dSYMs to Firebase Crashlytics
+        if: |
+          (github.ref == 'refs/heads/master'
+            && needs.setup.outputs.rc_branch_exists == 0
+            && needs.setup.outputs.hotfix_branch_exists == 0)
+          || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
+          || github.ref == 'refs/heads/hotfix-rc'
+        run: |
+
+          echo "########################################"
+          echo "##### Uploading Watch dSYMs to Firebase"
+          echo "########################################"
+
+          find "$HOME/Library/Developer/XCode/DerivedData" -name "upload-symbols" -exec chmod +x {} \; -exec {} -gsp "./src/watchOS/bitwarden/GoogleService-Info.plist" -p ios "./bitwarden-export/Watch_dSYMs" \;
+        shell: bash
+
       - name: Deploy to App Store
         if: |
-            (github.ref == 'refs/heads/master'
-              && needs.setup.outputs.rc_branch_exists == 0
-              && needs.setup.outputs.hotfix_branch_exists == 0)
-            || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
-            || github.ref == 'refs/heads/hotfix-rc'
+          (github.ref == 'refs/heads/master'
+            && needs.setup.outputs.rc_branch_exists == 0
+            && needs.setup.outputs.hotfix_branch_exists == 0)
+          || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
+          || github.ref == 'refs/heads/hotfix-rc'
         env:
           APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }}
           APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
@@ -693,15 +773,15 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
 
-      - name: Login to Azure
+      - name: Login to Azure - CI Subscription
         uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
         with:
-          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
       - name: Retrieve secrets
         id: retrieve-secrets
         env:
-          KEYVAULT: bitwarden-prod-kv
+          KEYVAULT: bitwarden-ci
           SECRETS: |
             crowdin-api-token
         run: |
@@ -737,9 +817,9 @@ jobs:
     steps:
       - name: Check if any job failed
         if: |
-            (github.ref == 'refs/heads/master')
-            || (github.ref == 'refs/heads/rc')
-            || (github.ref == 'refs/heads/hotfix-rc')
+          (github.ref == 'refs/heads/master')
+          || (github.ref == 'refs/heads/rc')
+          || (github.ref == 'refs/heads/hotfix-rc')
         env:
           CLOC_STATUS: ${{ needs.cloc.result }}
           ANDROID_STATUS: ${{ needs.android.result }}
@@ -759,17 +839,17 @@ jobs:
               exit 1
           fi
 
-      - name: Login to Azure - Prod Subscription
+      - name: Login to Azure - CI Subscription
         uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
         if: failure()
         with:
-          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
       - name: Retrieve secrets
         id: retrieve-secrets
         if: failure()
         env:
-          KEYVAULT: bitwarden-prod-kv
+          KEYVAULT: bitwarden-ci
           SECRETS: |
             devops-alerts-slack-webhook-url
         run: |

.github/workflows/crowdin-pull.yml

@@ -17,16 +17,16 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
 
-      - name: Login to Azure
+      - name: Login to Azure - CI Subscription
         uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
         with:
-          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
       - name: Retrieve secrets
         id: retrieve-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af 
+        uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af
         with:
-          keyvault: "bitwarden-prod-kv"               
+          keyvault: "bitwarden-ci"
           secrets: "crowdin-api-token, github-gpg-private-key, github-gpg-private-key-passphrase"
 
       - name: Download translations
@@ -48,4 +48,4 @@ jobs:
           pull_request_title: "Autosync Crowdin Translations"
           pull_request_body: "Autosync the updated translations"
           gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }}
-          gpg_passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }}   
+          gpg_passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }}

.github/workflows/enforce-labels.yml

@@ -12,5 +12,5 @@ jobs:
       - name: Enforce Label
         uses: yogevbd/enforce-label-action@8d1e1709b1011e6d90400a0e6cf7c0b77aa5efeb
         with:
-          BANNED_LABELS: "hold"
-          BANNED_LABELS_DESCRIPTION: "PRs on hold cannot be merged"
+          BANNED_LABELS: "hold,needs-qa"
+          BANNED_LABELS_DESCRIPTION: "PRs with the hold or needs-qa labels cannot be merged"

.github/workflows/pr-labeler.yml

@@ -0,0 +1,17 @@
+---
+name: "Pull Request Labeler"
+
+on:
+  pull_request_target: {}
+
+jobs:
+  labeler:
+    name: "Pull Request Labeler"
+    permissions:
+      contents: read
+      pull-requests: write
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/labeler@ba790c862c380240c6d5e7427be5ace9a05c754b  # v4.0.3
+        with:
+          sync-labels: true

.github/workflows/release.yml

@@ -64,7 +64,7 @@ jobs:
           environment: 'production'
           description: 'Deployment ${{ steps.version.outputs.version }} from branch ${{ steps.branch.outputs.branch-name }}'
           task: release
-      
+
 
       - name: Download all artifacts
         if: ${{ github.event.inputs.release_type != 'Dry Run' }}
@@ -92,7 +92,9 @@ jobs:
           artifacts: "./com.x8bit.bitwarden.aab/com.x8bit.bitwarden.aab,
                       ./com.x8bit.bitwarden.apk/com.x8bit.bitwarden.apk,
                       ./com.x8bit.bitwarden-fdroid.apk/com.x8bit.bitwarden-fdroid.apk,
-                      ./Bitwarden iOS.zip"
+                      ./Bitwarden iOS.zip,
+                      ./bw-android-apk-sha256.txt/bw-android-apk-sha256.txt,
+                      ./bw-fdroid-apk-sha256.txt/bw-fdroid-apk-sha256.txt"
           commit: ${{ github.sha }}
           tag: v${{ steps.version.outputs.version }}
           name: Version ${{ steps.version.outputs.version }}

.github/workflows/version-auto-bump.yml

@@ -21,8 +21,8 @@ jobs:
         env:
           RELEASE_TAG: ${{ github.ref }}
         run: |
-          CURR_MAJOR=$(echo $RELEASE_TAG | sed -r 's/v([0-9]{4}\.[0-9]{1,2})\.([0-9]{1,2})/\1/')
-          CURR_PATCH=$(echo $RELEASE_TAG | sed -r 's/v([0-9]{4}\.[0-9]{1,2})\.([0-9]{1,2})/\2/')
+          CURR_MAJOR=$(echo $RELEASE_TAG | sed -r 's/refs\/tags\/v([0-9]{4}\.[0-9]{1,2})\.([0-9]{1,2})/\1/')
+          CURR_PATCH=$(echo $RELEASE_TAG | sed -r 's/refs\/tags\/v([0-9]{4}\.[0-9]{1,2})\.([0-9]{1,2})/\2/')
           echo "Current Major: $CURR_MAJOR"
           echo "Current Patch: $CURR_PATCH"
 
@@ -32,32 +32,14 @@ jobs:
           echo "new-version=$NEW_VER" >> $GITHUB_OUTPUT
 
   trigger_version_bump:
-    name: "Trigger version bump workflow"
+    name: "Version bump"
     runs-on: ubuntu-22.04
     needs:
       - setup
     steps:
-      - name: Login to Azure
-        uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010
+      - name: Bump version to ${{ needs.setup.outputs.version_number }}
+        uses: ./.github/workflows/version-bump.yml
+        secrets:
+          AZURE_PROD_KV_CREDENTIALS: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
         with:
-          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
-
-      - name: Retrieve secrets
-        id: retrieve-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af
-        with:
-          keyvault: "bitwarden-prod-kv"
-          secrets: "github-pat-bitwarden-devops-bot-repo-scope"
-
-      - name: Call GitHub API to trigger workflow bump
-        env:
-          TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
-          VERSION: ${{ needs.setup.outputs.version_number}}
-        run: |
-          JSON_STRING=$(printf '{"ref":"master", "inputs": { "version_number":"%s"}}' "$VERSION")
-          curl \
-            -X POST \
-            -i -u bitwarden-devops-bot:$TOKEN \
-            -H "Accept: application/vnd.github.v3+json" \
-            https://api.github.com/repos/bitwarden/mobile/actions/workflows/version-bump.yml/dispatches \
-            -d $JSON_STRING
+          version_number: ${{ needs.setup.outputs.version_number }}

.github/workflows/version-bump.yml

@@ -7,6 +7,14 @@ on:
       version_number:
         description: "New Version"
         required: true
+  workflow_call:
+    inputs:
+      version_number:
+        required: true
+        type: string
+    secrets:
+      AZURE_PROD_KV_CREDENTIALS:
+        required: true
 
 jobs:
   bump_version:
@@ -16,16 +24,16 @@ jobs:
       - name: Checkout Branch
         uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
 
-      - name: Login to Azure - Prod Subscription
+      - name: Login to Azure - CI Subscription
         uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
         with:
-         creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+         creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
       - name: Retrieve secrets
         id: retrieve-secrets
         uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af
         with:
-          keyvault: "bitwarden-prod-kv"
+          keyvault: "bitwarden-ci"
           secrets: "github-gpg-private-key, github-gpg-private-key-passphrase"
 
       - name: Import GPG key

.gitignore

@@ -30,6 +30,7 @@ Components/
 [Rr]eleases/
 x64/
 x86/
+!src/lib/x86/
 build/
 bld/
 [Bb]in/

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "lib/MessagePack"]
+	path = lib/MessagePack
+	url = https://github.com/bitwarden/MessagePack.git

README.md

@@ -23,15 +23,3 @@ Interested in contributing in a big way? Consider joining our team! We're hiring
 Code contributions are welcome! Please commit any pull requests against the `master` branch. Learn more about how to contribute by reading the [Contributing Guidelines](https://contributing.bitwarden.com/contributing/). Check out the [Contributing Documentation](https://contributing.bitwarden.com/) for how to get started with your first contribution.
 
 Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature. You can read our security policy in the [`SECURITY.md`](SECURITY.md) file.
-
-### Dotnet-format
-
-We recently migrated to using dotnet-format as code formatter. All previous branches will need to updated to avoid large merge conflicts using the following steps:
-
-1. Check out your local Branch
-2. Run `git merge e0efcfbe45b2a27c73e9593bfd7a71fad2aa7a35`
-3. Resolve any merge conflicts, commit.
-4. Run `dotnet tool run dotnet-format`
-5. Commit
-6. Run `git merge -Xours 04539af2a66668b6e85476d5cf318c9150ec4357`
-7. Push

appIcons/Android/beta-layered-excluded.svg

@@ -0,0 +1,11 @@
+<svg width="108" height="108" viewBox="0 0 108 108" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_41_29)">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M70.214 34C70.7096 34 71.1457 34.1883 71.5124 34.555C71.8791 34.9217 72.0674 35.3479 72.0971 35.8534V50.4336H71.0669V51.9453H72.0971V58.0938C72.0971 59.749 71.7701 61.3942 71.1258 63.0295C70.4816 64.6549 69.6788 66.1019 68.7274 67.3706C67.766 68.6293 66.6262 69.8582 65.308 71.0575C63.98 72.2567 62.7609 73.2478 61.6409 74.0407C60.521 74.8237 59.3515 75.5769 58.1324 76.2806C56.9134 76.9843 56.0511 77.4699 55.5357 77.7177C55.0303 77.9655 54.614 78.1538 54.3068 78.2926C54.0788 78.4115 53.8211 78.471 53.5535 78.471C53.2859 78.471 53.0282 78.4115 52.8003 78.2926C52.5297 78.1791 52.1822 78.0118 51.7511 77.8042C51.6927 77.7761 51.6328 77.7473 51.5713 77.7177C51.0559 77.46 50.1937 76.9843 48.9746 76.2806C47.7555 75.5769 46.586 74.8336 45.4661 74.0407C44.3461 73.2478 43.1172 72.2567 41.799 71.0575C40.4709 69.8682 39.3311 68.6392 38.3797 67.3706C37.4183 66.1119 36.6155 64.6648 35.9713 63.0295C35.3271 61.4041 35 59.749 35 58.0938V35.8534C35 35.3479 35.1883 34.9217 35.555 34.555C35.9217 34.1883 36.3479 34 36.8534 34H70.214ZM67.211 57.5H70.1118V59H67.177C66.4282 66.7468 53.5337 73.2875 53.5337 73.2875V38.7573H67.211V50.4336H70.1118V51.9219H67.211V53.8027H69.895V55.291H67.211V57.5Z" fill="white"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M58 46C56.3431 46 55 47.3431 55 49V60C55 61.6569 56.3431 63 58 63H107C108.657 63 110 61.6569 110 60V49C110 47.3431 108.657 46 107 46H58ZM59.7817 50.4336H57.1157V59H60.3208C60.9692 59 61.5278 58.9023 61.9966 58.707C62.4692 58.5078 62.8325 58.2227 63.0864 57.8516C63.3403 57.4805 63.4673 57.0352 63.4673 56.5156C63.4673 56.0664 63.397 55.707 63.2563 55.4375C63.1196 55.1641 62.936 54.957 62.7056 54.8164C62.4751 54.6719 62.2173 54.5703 61.9321 54.5117V54.4531C62.2134 54.4023 62.4517 54.293 62.647 54.125C62.8423 53.957 62.9907 53.7422 63.0923 53.4805C63.1978 53.2188 63.2505 52.9258 63.2505 52.6016C63.2505 51.7969 62.9575 51.2344 62.3716 50.9141C61.7856 50.5938 60.9224 50.4336 59.7817 50.4336ZM59.9868 53.8262H58.9321V51.9219H59.8872C60.4067 51.9219 60.7856 51.9941 61.0239 52.1387C61.2661 52.2793 61.3872 52.5137 61.3872 52.8418C61.3872 53.166 61.2856 53.4121 61.0825 53.5801C60.8794 53.7441 60.5142 53.8262 59.9868 53.8262ZM58.9321 57.5V55.2676H60.0571C60.4438 55.2676 60.7466 55.3125 60.9653 55.4023C61.188 55.4922 61.3462 55.6172 61.4399 55.7773C61.5337 55.9375 61.5806 56.123 61.5806 56.334C61.5806 56.6895 61.4731 56.9727 61.2583 57.1836C61.0435 57.3945 60.6626 57.5 60.1157 57.5H58.9321ZM65.1782 59H70.1118V57.5H66.9946V55.291H69.895V53.8027H66.9946V51.9219H70.1118V50.4336H65.1782V59ZM73.3931 59H75.2095V51.9453H77.5356V50.4336H71.0669V51.9453H73.3931V59ZM83.4771 56.9609L84.0981 59H86.0552L83.02 50.3984H80.7993L77.7759 59H79.7329L80.354 56.9609H83.4771ZM82.4224 53.4453L83.0435 55.4375H80.811L81.4263 53.4453C81.4536 53.3555 81.4985 53.2051 81.561 52.9941C81.6235 52.7832 81.688 52.5605 81.7544 52.3262C81.8247 52.0879 81.8794 51.8887 81.9185 51.7285C81.9575 51.8887 82.0083 52.0781 82.0708 52.2969C82.1372 52.5117 82.2017 52.7246 82.2642 52.9355C82.3306 53.1426 82.3833 53.3125 82.4224 53.4453Z" fill="#6795E8"/>
+</g>
+<defs>
+<clipPath id="clip0_41_29">
+<rect width="108" height="108" fill="white"/>
+</clipPath>
+</defs>
+</svg>

appIcons/Android/beta-layered.svg

@@ -0,0 +1,17 @@
+<svg width="108" height="108" viewBox="0 0 108 108" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_36_10)">
+<path d="M71.5717 34.6343L113 76.0625L89.709 119.077L40.6492 70.0168L53.5336 77.4501L70.8779 60.1057L71.5717 34.6343Z" fill="url(#paint0_linear_36_10)"/>
+<path d="M71.5124 34.555C71.1457 34.1883 70.7096 34 70.214 34H36.8534C36.3479 34 35.9217 34.1883 35.555 34.555C35.1883 34.9217 35 35.3479 35 35.8534V58.0938C35 59.749 35.3271 61.4041 35.9713 63.0295C36.6155 64.6648 37.4183 66.1119 38.3797 67.3706C39.3311 68.6392 40.4709 69.8682 41.799 71.0575C43.1172 72.2567 44.3461 73.2478 45.4661 74.0407C46.586 74.8336 47.7555 75.5769 48.9746 76.2806C50.1937 76.9843 51.0559 77.46 51.5713 77.7177C52.0867 77.9655 52.493 78.1637 52.8003 78.2926C53.0282 78.4115 53.2859 78.471 53.5535 78.471C53.8211 78.471 54.0788 78.4115 54.3068 78.2926C54.614 78.1538 55.0303 77.9655 55.5357 77.7177C56.0511 77.4699 56.9134 76.9843 58.1324 76.2806C59.3515 75.5769 60.521 74.8237 61.6409 74.0407C62.7609 73.2478 63.98 72.2567 65.308 71.0575C66.6262 69.8582 67.766 68.6293 68.7274 67.3706C69.6788 66.1019 70.4816 64.6549 71.1258 63.0295C71.7701 61.3942 72.0971 59.749 72.0971 58.0938V35.8534C72.0674 35.3479 71.8791 34.9217 71.5124 34.555ZM67.211 58.3019C67.211 66.3497 53.5337 73.2875 53.5337 73.2875V38.7573H67.211C67.211 38.7573 67.211 50.2542 67.211 58.3019Z" fill="white"/>
+<path d="M55 49C55 47.3431 56.3431 46 58 46H107C108.657 46 110 47.3431 110 49V60C110 61.6569 108.657 63 107 63H58C56.3431 63 55 61.6569 55 60V49Z" fill="#6795E8"/>
+<path d="M57.116 50.4336H59.782C60.9226 50.4336 61.7859 50.5938 62.3718 50.9141C62.9578 51.2344 63.2507 51.7969 63.2507 52.6016C63.2507 52.9258 63.198 53.2188 63.0925 53.4805C62.991 53.7422 62.8425 53.957 62.6472 54.125C62.4519 54.293 62.2136 54.4023 61.9324 54.4531V54.5117C62.2175 54.5703 62.4753 54.6719 62.7058 54.8164C62.9363 54.957 63.1199 55.1641 63.2566 55.4375C63.3972 55.707 63.4675 56.0664 63.4675 56.5156C63.4675 57.0352 63.3406 57.4805 63.0867 57.8516C62.8328 58.2227 62.4695 58.5078 61.9968 58.707C61.5281 58.9023 60.9695 59 60.321 59H57.116V50.4336ZM58.9324 53.8262H59.9871C60.5144 53.8262 60.8796 53.7441 61.0828 53.5801C61.2859 53.4121 61.3875 53.166 61.3875 52.8418C61.3875 52.5137 61.2664 52.2793 61.0242 52.1387C60.7859 51.9941 60.407 51.9219 59.8875 51.9219H58.9324V53.8262ZM58.9324 55.2676V57.5H60.116C60.6628 57.5 61.0437 57.3945 61.2585 57.1836C61.4734 56.9727 61.5808 56.6895 61.5808 56.334C61.5808 56.123 61.5339 55.9375 61.4402 55.7773C61.3464 55.6172 61.1882 55.4922 60.9656 55.4023C60.7468 55.3125 60.4441 55.2676 60.0574 55.2676H58.9324ZM70.1121 59H65.1785V50.4336H70.1121V51.9219H66.9949V53.8027H69.8953V55.291H66.9949V57.5H70.1121V59ZM75.2097 59H73.3933V51.9453H71.0671V50.4336H77.5359V51.9453H75.2097V59ZM84.0984 59L83.4773 56.9609H80.3542L79.7332 59H77.7761L80.7996 50.3984H83.0203L86.0554 59H84.0984ZM83.0437 55.4375L82.4226 53.4453C82.3835 53.3125 82.3308 53.1426 82.2644 52.9355C82.2019 52.7246 82.1375 52.5117 82.071 52.2969C82.0085 52.0781 81.9578 51.8887 81.9187 51.7285C81.8796 51.8887 81.825 52.0879 81.7546 52.3262C81.6882 52.5605 81.6238 52.7832 81.5613 52.9941C81.4988 53.2051 81.4539 53.3555 81.4265 53.4453L80.8113 55.4375H83.0437Z" fill="#212529"/>
+</g>
+<defs>
+<linearGradient id="paint0_linear_36_10" x1="37.8512" y1="38.8122" x2="89.011" y2="89.972" gradientUnits="userSpaceOnUse">
+<stop stop-opacity="0.247059"/>
+<stop offset="1" stop-opacity="0"/>
+</linearGradient>
+<clipPath id="clip0_36_10">
+<rect width="108" height="108" fill="white"/>
+</clipPath>
+</defs>
+</svg>

appIcons/Android/dev-layered-excluded.svg

@@ -0,0 +1,11 @@
+<svg width="108" height="108" viewBox="0 0 108 108" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_41_21)">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M70.214 34C70.7096 34 71.1457 34.1883 71.5124 34.555C71.8791 34.9217 72.0674 35.3479 72.0971 35.8534V50.4336H71.647L72.0971 51.7604V58.0938C72.0971 59.749 71.7701 61.3942 71.1258 63.0295C70.4816 64.6549 69.6788 66.1019 68.7274 67.3706C67.766 68.6293 66.6262 69.8582 65.308 71.0575C63.98 72.2567 62.7609 73.2478 61.6409 74.0407C60.521 74.8237 59.3515 75.5769 58.1324 76.2806C56.9134 76.9843 56.0511 77.4699 55.5357 77.7177C55.0303 77.9655 54.614 78.1538 54.3068 78.2926C54.0788 78.4115 53.8211 78.471 53.5535 78.471C53.2859 78.471 53.0282 78.4115 52.8003 78.2926C52.5297 78.1791 52.1822 78.0118 51.7511 77.8042C51.6927 77.7761 51.6328 77.7473 51.5713 77.7177C51.0559 77.46 50.1937 76.9843 48.9746 76.2806C47.7555 75.5769 46.586 74.8336 45.4661 74.0407C44.3461 73.2478 43.1172 72.2567 41.799 71.0575C40.4709 69.8682 39.3311 68.6392 38.3797 67.3706C37.4183 66.1119 36.6155 64.6648 35.9713 63.0295C35.3271 61.4041 35 59.749 35 58.0938V35.8534C35 35.3479 35.1883 34.9217 35.555 34.555C35.9217 34.1883 36.3479 34 36.8534 34H70.214ZM67.177 59C66.4282 66.7468 53.5337 73.2875 53.5337 73.2875V38.7573H67.211V50.4336H70.9321V51.9219H67.8149V53.8027H70.7153V55.291H67.8149V57.5H70.9321V59H67.177Z" fill="white"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M58 46C56.3431 46 55 47.3431 55 49V60C55 61.6569 56.3431 63 58 63H107C108.657 63 110 61.6569 110 60V49C110 47.3431 108.657 46 107 46H58ZM63.6665 57.0547C64.0376 56.4062 64.2231 55.5996 64.2231 54.6348C64.2231 53.7168 64.0415 52.9473 63.6782 52.3262C63.3149 51.7012 62.8032 51.2305 62.1431 50.9141C61.4829 50.5938 60.7036 50.4336 59.8052 50.4336H57.1157V59H59.5415C60.5259 59 61.3677 58.8379 62.0669 58.5137C62.7661 58.1855 63.2993 57.6992 63.6665 57.0547ZM62.0552 53.123C62.2427 53.5293 62.3364 54.0488 62.3364 54.6816C62.3364 55.6152 62.1196 56.3184 61.686 56.791C61.2563 57.2637 60.5981 57.5 59.7114 57.5H58.9321V51.9219H59.8989C60.4302 51.9219 60.8755 52.0195 61.2349 52.2148C61.5981 52.4102 61.8716 52.7129 62.0552 53.123ZM65.9985 59H70.9321V57.5H67.8149V55.291H70.7153V53.8027H67.8149V51.9219H70.9321V50.4336H65.9985V59ZM76.5337 59L79.4458 50.4336H77.6118L75.9888 55.5312C75.9614 55.6211 75.9165 55.7852 75.854 56.0234C75.7954 56.2578 75.7349 56.5059 75.6724 56.7676C75.6138 57.0293 75.5728 57.2461 75.5493 57.418C75.5259 57.2461 75.481 57.0293 75.4146 56.7676C75.3521 56.502 75.2896 56.252 75.2271 56.0176C75.1646 55.7793 75.1196 55.6172 75.0923 55.5312L73.481 50.4336H71.647L74.5532 59H76.5337Z" fill="#2DA49D"/>
+</g>
+<defs>
+<clipPath id="clip0_41_21">
+<rect width="108" height="108" fill="white"/>
+</clipPath>
+</defs>
+</svg>

appIcons/Android/dev-layered.svg

@@ -0,0 +1,17 @@
+<svg width="108" height="108" viewBox="0 0 108 108" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_36_2)">
+<path d="M71.5717 34.6343L113 76.0625L89.709 119.077L40.6492 70.0168L53.5336 77.4501L70.8779 60.1057L71.5717 34.6343Z" fill="url(#paint0_linear_36_2)"/>
+<path d="M71.5124 34.555C71.1457 34.1883 70.7096 34 70.214 34H36.8534C36.3479 34 35.9217 34.1883 35.555 34.555C35.1883 34.9217 35 35.3479 35 35.8534V58.0938C35 59.749 35.3271 61.4041 35.9713 63.0295C36.6155 64.6648 37.4183 66.1119 38.3797 67.3706C39.3311 68.6392 40.4709 69.8682 41.799 71.0575C43.1172 72.2567 44.3461 73.2478 45.4661 74.0407C46.586 74.8336 47.7555 75.5769 48.9746 76.2806C50.1937 76.9843 51.0559 77.46 51.5713 77.7177C52.0867 77.9655 52.493 78.1637 52.8003 78.2926C53.0282 78.4115 53.2859 78.471 53.5535 78.471C53.8211 78.471 54.0788 78.4115 54.3068 78.2926C54.614 78.1538 55.0303 77.9655 55.5357 77.7177C56.0511 77.4699 56.9134 76.9843 58.1324 76.2806C59.3515 75.5769 60.521 74.8237 61.6409 74.0407C62.7609 73.2478 63.98 72.2567 65.308 71.0575C66.6262 69.8582 67.766 68.6293 68.7274 67.3706C69.6788 66.1019 70.4816 64.6549 71.1258 63.0295C71.7701 61.3942 72.0971 59.749 72.0971 58.0938V35.8534C72.0674 35.3479 71.8791 34.9217 71.5124 34.555ZM67.211 58.3019C67.211 66.3497 53.5337 73.2875 53.5337 73.2875V38.7573H67.211C67.211 38.7573 67.211 50.2542 67.211 58.3019Z" fill="white"/>
+<path d="M55 49C55 47.3431 56.3431 46 58 46H107C108.657 46 110 47.3431 110 49V60C110 61.6569 108.657 63 107 63H58C56.3431 63 55 61.6569 55 60V49Z" fill="#2DA49D"/>
+<path d="M64.2234 54.6348C64.2234 55.5996 64.0378 56.4062 63.6667 57.0547C63.2996 57.6992 62.7664 58.1855 62.0671 58.5137C61.3679 58.8379 60.5261 59 59.5417 59H57.116V50.4336H59.8054C60.7039 50.4336 61.4832 50.5938 62.1433 50.9141C62.8035 51.2305 63.3152 51.7012 63.6785 52.3262C64.0417 52.9473 64.2234 53.7168 64.2234 54.6348ZM62.3367 54.6816C62.3367 54.0488 62.2429 53.5293 62.0554 53.123C61.8718 52.7129 61.5984 52.4102 61.2351 52.2148C60.8757 52.0195 60.4304 51.9219 59.8992 51.9219H58.9324V57.5H59.7117C60.5984 57.5 61.2566 57.2637 61.6863 56.791C62.1199 56.3184 62.3367 55.6152 62.3367 54.6816ZM70.9324 59H65.9988V50.4336H70.9324V51.9219H67.8152V53.8027H70.7156V55.291H67.8152V57.5H70.9324V59ZM79.446 50.4336L76.5339 59H74.5535L71.6472 50.4336H73.4812L75.0925 55.5312C75.1199 55.6172 75.1648 55.7793 75.2273 56.0176C75.2898 56.252 75.3523 56.502 75.4148 56.7676C75.4812 57.0293 75.5261 57.2461 75.5496 57.418C75.573 57.2461 75.614 57.0293 75.6726 56.7676C75.7351 56.5059 75.7957 56.2578 75.8542 56.0234C75.9167 55.7852 75.9617 55.6211 75.989 55.5312L77.6121 50.4336H79.446Z" fill="#212529"/>
+</g>
+<defs>
+<linearGradient id="paint0_linear_36_2" x1="37.8512" y1="38.8122" x2="89.011" y2="89.972" gradientUnits="userSpaceOnUse">
+<stop stop-opacity="0.247059"/>
+<stop offset="1" stop-opacity="0"/>
+</linearGradient>
+<clipPath id="clip0_36_2">
+<rect width="108" height="108" fill="white"/>
+</clipPath>
+</defs>
+</svg>

appIcons/Android/qa-layered-excluded.svg

@@ -0,0 +1,11 @@
+<svg width="108" height="108" viewBox="0 0 108 108" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_41_13)">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M70.214 34C70.7096 34 71.1457 34.1883 71.5124 34.555C71.8791 34.9217 72.0674 35.3479 72.0971 35.8534V52.9823L70.8325 49.3984H68.6118L67.211 53.3838V38.7573H53.5337V73.2875C53.5337 73.2875 67.211 66.3497 67.211 58.3019V58H67.5454L68.1665 55.9609H71.2896L71.9106 58H72.0971V58.0938C72.0971 59.749 71.7701 61.3942 71.1258 63.0295C70.4816 64.6549 69.6788 66.1019 68.7274 67.3706C67.766 68.6293 66.6262 69.8582 65.308 71.0575C63.98 72.2567 62.7609 73.2478 61.6409 74.0407C60.521 74.8237 59.3515 75.5769 58.1324 76.2806C56.9134 76.9843 56.0511 77.4699 55.5357 77.7177C55.0303 77.9655 54.614 78.1538 54.3068 78.2926C54.0788 78.4115 53.8211 78.471 53.5535 78.471C53.2859 78.471 53.0282 78.4115 52.8003 78.2926C52.5297 78.1791 52.1822 78.0118 51.7511 77.8042C51.6927 77.7761 51.6328 77.7473 51.5713 77.7177C51.0559 77.46 50.1937 76.9843 48.9746 76.2806C47.7555 75.5769 46.586 74.8336 45.4661 74.0407C44.3461 73.2478 43.1172 72.2567 41.799 71.0575C40.4709 69.8682 39.3311 68.6392 38.3797 67.3706C37.4183 66.1119 36.6155 64.6648 35.9713 63.0295C35.3271 61.4041 35 59.749 35 58.0938V35.8534C35 35.3479 35.1883 34.9217 35.555 34.555C35.9217 34.1883 36.3479 34 36.8534 34H70.214ZM70.2349 52.4453L70.856 54.4375H68.6235L69.2388 52.4453C69.2661 52.3555 69.311 52.2051 69.3735 51.9941C69.436 51.7832 69.5005 51.5605 69.5669 51.3262C69.6372 51.0879 69.6919 50.8887 69.731 50.7285C69.77 50.8887 69.8208 51.0781 69.8833 51.2969C69.9497 51.5117 70.0142 51.7246 70.0767 51.9355C70.1431 52.1426 70.1958 52.3125 70.2349 52.4453Z" fill="white"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M58 46C56.3431 46 55 47.3431 55 49V60C55 61.6569 56.3431 63 58 63H107C108.657 63 110 61.6569 110 60V49C110 47.3431 108.657 46 107 46H58ZM64.6626 55.457C64.8149 54.9258 64.8911 54.3418 64.8911 53.7051C64.8911 52.8145 64.7446 52.0391 64.4517 51.3789C64.1626 50.7188 63.7173 50.207 63.1157 49.8438C62.5181 49.4805 61.7544 49.2988 60.8247 49.2988C59.8911 49.2988 59.1216 49.4805 58.5161 49.8438C57.9106 50.207 57.4614 50.7188 57.1685 51.3789C56.8794 52.0352 56.7349 52.8066 56.7349 53.6934C56.7349 54.3574 56.8169 54.9609 56.981 55.5039C57.145 56.0469 57.3931 56.5137 57.7251 56.9043C58.061 57.2949 58.4849 57.5957 58.9966 57.8066C59.5083 58.0137 60.1138 58.1172 60.813 58.1172H60.8774H60.9478L62.5181 60.0391H64.8442L62.7817 57.7363C63.2622 57.5176 63.6587 57.2148 63.9712 56.8281C64.2837 56.4414 64.5142 55.9844 64.6626 55.457ZM58.8618 55.252C58.7134 54.8184 58.6392 54.3027 58.6392 53.7051C58.6392 53.1035 58.7134 52.5879 58.8618 52.1582C59.0142 51.7246 59.2505 51.3926 59.5708 51.1621C59.895 50.9277 60.313 50.8105 60.8247 50.8105C61.5942 50.8105 62.147 51.0684 62.4829 51.584C62.8188 52.0996 62.9868 52.8066 62.9868 53.7051C62.9868 54.3027 62.9126 54.8184 62.7642 55.252C62.6196 55.6816 62.3872 56.0137 62.0669 56.248C61.7466 56.4785 61.3286 56.5938 60.813 56.5938C60.3052 56.5938 59.8911 56.4785 59.5708 56.248C59.2505 56.0137 59.0142 55.6816 58.8618 55.252ZM71.2896 55.9609L71.9106 58H73.8677L70.8325 49.3984H68.6118L65.5884 58H67.5454L68.1665 55.9609H71.2896ZM70.2349 52.4453L70.856 54.4375H68.6235L69.2388 52.4453C69.2661 52.3555 69.311 52.2051 69.3735 51.9941C69.436 51.7832 69.5005 51.5605 69.5669 51.3262C69.6372 51.0879 69.6919 50.8887 69.731 50.7285C69.77 50.8887 69.8208 51.0781 69.8833 51.2969C69.9497 51.5117 70.0142 51.7246 70.0767 51.9355C70.1431 52.1426 70.1958 52.3125 70.2349 52.4453Z" fill="#C32998"/>
+</g>
+<defs>
+<clipPath id="clip0_41_13">
+<rect width="108" height="108" rx="34" fill="white"/>
+</clipPath>
+</defs>
+</svg>

appIcons/Android/qa-layered.svg

@@ -0,0 +1,17 @@
+<svg width="108" height="108" viewBox="0 0 108 108" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_34_2)">
+<path d="M71.5717 34.6343L113 76.0625L89.709 119.077L40.6492 70.0168L53.5336 77.4501L70.8779 60.1057L71.5717 34.6343Z" fill="url(#paint0_linear_34_2)"/>
+<path d="M71.5124 34.555C71.1457 34.1883 70.7096 34 70.214 34H36.8534C36.3479 34 35.9217 34.1883 35.555 34.555C35.1883 34.9217 35 35.3479 35 35.8534V58.0938C35 59.749 35.3271 61.4041 35.9713 63.0295C36.6155 64.6648 37.4183 66.1119 38.3797 67.3706C39.3311 68.6392 40.4709 69.8682 41.799 71.0575C43.1172 72.2567 44.3461 73.2478 45.4661 74.0407C46.586 74.8336 47.7555 75.5769 48.9746 76.2806C50.1937 76.9843 51.0559 77.46 51.5713 77.7177C52.0867 77.9655 52.493 78.1637 52.8003 78.2926C53.0282 78.4115 53.2859 78.471 53.5535 78.471C53.8211 78.471 54.0788 78.4115 54.3068 78.2926C54.614 78.1538 55.0303 77.9655 55.5357 77.7177C56.0511 77.4699 56.9134 76.9843 58.1324 76.2806C59.3515 75.5769 60.521 74.8237 61.6409 74.0407C62.7609 73.2478 63.98 72.2567 65.308 71.0575C66.6262 69.8582 67.766 68.6293 68.7274 67.3706C69.6788 66.1019 70.4816 64.6549 71.1258 63.0295C71.7701 61.3942 72.0971 59.749 72.0971 58.0938V35.8534C72.0674 35.3479 71.8791 34.9217 71.5124 34.555ZM67.211 58.3019C67.211 66.3497 53.5337 73.2875 53.5337 73.2875V38.7573H67.211C67.211 38.7573 67.211 50.2542 67.211 58.3019Z" fill="white"/>
+<path d="M55 49C55 47.3431 56.3431 46 58 46H107C108.657 46 110 47.3431 110 49V60C110 61.6569 108.657 63 107 63H58C56.3431 63 55 61.6569 55 60V49Z" fill="#C32998"/>
+<path d="M64.8914 53.7051C64.8914 54.3418 64.8152 54.9258 64.6628 55.457C64.5144 55.9844 64.2839 56.4414 63.9714 56.8281C63.6589 57.2148 63.2625 57.5176 62.782 57.7363L64.8445 60.0391H62.5183L60.948 58.1172C60.9207 58.1172 60.8972 58.1172 60.8777 58.1172C60.8582 58.1172 60.8367 58.1172 60.8132 58.1172C60.114 58.1172 59.5085 58.0137 58.9968 57.8066C58.4851 57.5957 58.0613 57.2949 57.7253 56.9043C57.3933 56.5137 57.1453 56.0469 56.9812 55.5039C56.8171 54.9609 56.7351 54.3574 56.7351 53.6934C56.7351 52.8066 56.8796 52.0352 57.1687 51.3789C57.4617 50.7188 57.9109 50.207 58.5164 49.8438C59.1218 49.4805 59.8914 49.2988 60.825 49.2988C61.7546 49.2988 62.5183 49.4805 63.116 49.8438C63.7175 50.207 64.1628 50.7188 64.4519 51.3789C64.7449 52.0391 64.8914 52.8145 64.8914 53.7051ZM58.6394 53.7051C58.6394 54.3027 58.7136 54.8184 58.8621 55.252C59.0144 55.6816 59.2507 56.0137 59.571 56.248C59.8914 56.4785 60.3054 56.5938 60.8132 56.5938C61.3289 56.5938 61.7468 56.4785 62.0671 56.248C62.3875 56.0137 62.6199 55.6816 62.7644 55.252C62.9128 54.8184 62.9871 54.3027 62.9871 53.7051C62.9871 52.8066 62.8191 52.0996 62.4832 51.584C62.1472 51.0684 61.5945 50.8105 60.825 50.8105C60.3132 50.8105 59.8953 50.9277 59.571 51.1621C59.2507 51.3926 59.0144 51.7246 58.8621 52.1582C58.7136 52.5879 58.6394 53.1035 58.6394 53.7051ZM71.9109 58L71.2898 55.9609H68.1667L67.5457 58H65.5886L68.6121 49.3984H70.8328L73.8679 58H71.9109ZM70.8562 54.4375L70.2351 52.4453C70.196 52.3125 70.1433 52.1426 70.0769 51.9355C70.0144 51.7246 69.95 51.5117 69.8835 51.2969C69.821 51.0781 69.7703 50.8887 69.7312 50.7285C69.6921 50.8887 69.6375 51.0879 69.5671 51.3262C69.5007 51.5605 69.4363 51.7832 69.3738 51.9941C69.3113 52.2051 69.2664 52.3555 69.239 52.4453L68.6238 54.4375H70.8562Z" fill="white"/>
+</g>
+<defs>
+<linearGradient id="paint0_linear_34_2" x1="37.8512" y1="38.8122" x2="89.011" y2="89.972" gradientUnits="userSpaceOnUse">
+<stop stop-opacity="0.247059"/>
+<stop offset="1" stop-opacity="0"/>
+</linearGradient>
+<clipPath id="clip0_34_2">
+<rect width="108" height="108" fill="white"/>
+</clipPath>
+</defs>
+</svg>

appIcons/icongen.sh

@@ -0,0 +1,136 @@
+#! /bin/sh
+
+function print_example() {
+    echo "Example"
+    echo "  icons ios ~/AppIcon.pdf ~/Icons/"
+}
+    
+function print_usage() {
+    echo "Usage"
+    echo "  icons <ios|watch|complication|macos> in-file.pdf (out-dir)"
+}
+
+function command_exists() {
+    if type "$1" >/dev/null 2>&1; then
+        return 1
+    else
+        return 0
+    fi
+}
+
+if command_exists "sips" == 0 ; then
+    echo "sips tool not found"
+    exit 1
+fi
+
+if [ "$1" = "--help" ] || [ "$1" = "-h" ] ; then
+    print_usage
+    exit 0
+fi
+
+PLATFORM="$1"
+FILE="$2"
+if [ -z "$PLATFORM" ] || [ -z "$FILE" ] ; then
+    echo "Error: missing arguments"
+    echo ""
+    print_usage
+    echo ""
+    print_example
+    exit 1
+fi
+
+DIR="$3"
+if [ -z "$DIR" ] ; then
+    DIR=$(dirname $FILE)
+fi
+
+# Create directory if needed
+mkdir -p "$DIR"
+
+if [[ "$PLATFORM" == *"ios"* ]] ; then # iOS
+    sips -s format png -Z '180'  "${FILE}" --out "${DIR}"/Icon-180.png
+    sips -s format png -Z '29'   "${FILE}" --out "${DIR}"/Icon-29.png
+    sips -s format png -Z '58'   "${FILE}" --out "${DIR}"/Icon-58.png
+    sips -s format png -Z '120'  "${FILE}" --out "${DIR}"/Icon-120.png
+    sips -s format png -Z '87'   "${FILE}" --out "${DIR}"/Icon-87.png
+    sips -s format png -Z '40'   "${FILE}" --out "${DIR}"/Icon-40.png
+    sips -s format png -Z '80'   "${FILE}" --out "${DIR}"/Icon-80.png
+    sips -s format png -Z '76'   "${FILE}" --out "${DIR}"/Icon-76.png
+    sips -s format png -Z '152'  "${FILE}" --out "${DIR}"/Icon-152.png
+    sips -s format png -Z '167'  "${FILE}" --out "${DIR}"/Icon-167.png
+    sips -s format png -Z '60'   "${FILE}" --out "${DIR}"/Icon-60.png
+    sips -s format png -Z '20'   "${FILE}" --out "${DIR}"/Icon-20.png
+    sips -s format png -Z '1024' "${FILE}" --out "${DIR}"/Icon-1024.png
+    
+    # https://developer.apple.com/library/archive/documentation/Xcode/Reference/xcode_ref-Asset_Catalog_Format/AppIconType.html
+    contents_json='{"images":[{"size":"20x20","idiom":"iphone","filename":"iPhoneNotification@2x.png","scale":"2x"},{"size":"20x20","idiom":"iphone","filename":"iPhoneNotification@3x.png","scale":"3x"},{"size":"29x29","idiom":"iphone","filename":"iPhoneSettings@2x.png","scale":"2x"},{"size":"29x29","idiom":"iphone","filename":"iPhoneSettings@3x.png","scale":"3x"},{"size":"40x40","idiom":"iphone","filename":"iPhoneSpotlight@2x.png","scale":"2x"},{"size":"40x40","idiom":"iphone","filename":"iPhoneSpotlight@3x.png","scale":"3x"},{"size":"60x60","idiom":"iphone","filename":"iPhone@2x.png","scale":"2x"},{"size":"60x60","idiom":"iphone","filename":"iPhone@3x.png","scale":"3x"},{"size":"20x20","idiom":"ipad","filename":"iPadNotification.png","scale":"1x"},{"size":"20x20","idiom":"ipad","filename":"iPadNotification@2x.png","scale":"2x"},{"size":"29x29","idiom":"ipad","filename":"iPadSettings.png","scale":"1x"},{"size":"29x29","idiom":"ipad","filename":"iPadSettings@2x.png","scale":"2x"},{"size":"40x40","idiom":"ipad","filename":"iPadSpotlight.png","scale":"1x"},{"size":"40x40","idiom":"ipad","filename":"iPadSpotlight@2x.png","scale":"2x"},{"size":"76x76","idiom":"ipad","filename":"iPad.png","scale":"1x"},{"size":"76x76","idiom":"ipad","filename":"iPad@2x.png","scale":"2x"},{"size":"83.5x83.5","idiom":"ipad","filename":"iPadPro@2x.png","scale":"2x"},{"size":"1024x1024","idiom":"ios-marketing","filename":"AppStoreMarketing.png","scale":"1x"}],"info":{"version":1,"author":"xcode"}}'
+    echo $contents_json > "${DIR}"/Contents.json
+fi
+
+if [[ "$PLATFORM" == *"watch"* ]] ; then # Apple Watch
+    sips -s format png -Z '48'  "${FILE}" --out "${DIR}"/Watch38mmNotificationCenter.png
+    sips -s format png -Z '55'  "${FILE}" --out "${DIR}"/Watch42mmNotificationCenter.png
+    sips -s format png -Z '66'  "${FILE}" --out "${DIR}"/Watch66NotificationCenter.png
+    sips -s format png -Z '58'  "${FILE}" --out "${DIR}"/WatchCompanionSettings@2x.png
+    sips -s format png -Z '87'  "${FILE}" --out "${DIR}"/WatchCompanionSettings@3x.png
+    sips -s format png -Z '80'  "${FILE}" --out "${DIR}"/Watch38MM42MMHomeScreen.png
+    sips -s format png -Z '88'  "${FILE}" --out "${DIR}"/Watch40MMHomeScreen.png
+    sips -s format png -Z '92' "${FILE}" --out "${DIR}"/Watch41MMHomeScreen.png
+    sips -s format png -Z '100' "${FILE}" --out "${DIR}"/Watch44MMHomeScreen.png
+    sips -s format png -Z '102' "${FILE}" --out "${DIR}"/Watch45MMHomeScreen.png
+    sips -s format png -Z '108' "${FILE}" --out "${DIR}"/Watch49MMHomeScreen.png
+    sips -s format png -Z '172' "${FILE}" --out "${DIR}"/Watch38MMShortLook.png
+    sips -s format png -Z '196' "${FILE}" --out "${DIR}"/Watch40MM42MMShortLook.png
+    sips -s format png -Z '216' "${FILE}" --out "${DIR}"/Watch44MMShortLook.png
+    sips -s format png -Z '234' "${FILE}" --out "${DIR}"/Watch234ShortLook.png
+    sips -s format png -Z '258' "${FILE}" --out "${DIR}"/Watch258ShortLook.png
+    sips -s format png -Z '1024' "${FILE}" --out "${DIR}"/WatchAppStore.png
+
+    # https://developer.apple.com/library/archive/documentation/Xcode/Reference/xcode_ref-Asset_Catalog_Format/AppIconType.html
+    contents_json='{"images":[{"size":"24x24","idiom":"watch","scale":"2x","filename":"Watch38mmNotificationCenter.png","role":"notificationCenter","subtype":"38mm"},{"size":"27.5x27.5","idiom":"watch","scale":"2x","filename":"Watch42mmNotificationCenter.png","role":"notificationCenter","subtype":"42mm"},{"size":"29x29","idiom":"watch","filename":"WatchCompanionSettings@2x.png","role":"companionSettings","scale":"2x"},{"size":"29x29","idiom":"watch","filename":"WatchCompanionSettings@3x.png","role":"companionSettings","scale":"3x"},{"size":"40x40","idiom":"watch","filename":"Watch38MM42MMHomeScreen.png","scale":"2x","role":"appLauncher","subtype":"38mm"},{"size":"44x44","idiom":"watch","scale":"2x","filename":"Watch40MMHomeScreen.png","role":"appLauncher","subtype":"40mm"},{"size":"50x50","idiom":"watch","scale":"2x","filename":"Watch44MMHomeScreen.png","role":"appLauncher","subtype":"44mm"},{"size":"86x86","idiom":"watch","scale":"2x","filename":"Watch38MMShortLook.png","role":"quickLook","subtype":"38mm"},{"size":"98x98","idiom":"watch","scale":"2x","filename":"Watch40MM42MMShortLook.png","role":"quickLook","subtype":"42mm"},{"size":"108x108","idiom":"watch","scale":"2x","filename":"Watch44MMShortLook.png","role":"quickLook","subtype":"44mm"},{"idiom":"watch-marketing","filename":"WatchAppStore.png","size":"1024x1024","scale":"1x"}],"info":{"version":1,"author":"xcode"}}'
+    echo $contents_json > "${DIR}"/Contents.json
+fi
+
+if [[ "$PLATFORM" == *"complication"* ]] ; then # Apple Watch
+    sips -s format png -Z '32'  "${FILE}" --out "${DIR}"/Circular38mm2x.png
+    sips -s format png -Z '36'  "${FILE}" --out "${DIR}"/Circular40mm2x.png
+    sips -s format png -Z '36'  "${FILE}" --out "${DIR}"/Circular42mm2x.png
+    sips -s format png -Z '40'  "${FILE}" --out "${DIR}"/Circular44mm2x.png
+    sips -s format png -Z '182'  "${FILE}" --out "${DIR}"/ExtraLarge38mm2x.png
+    sips -s format png -Z '203'  "${FILE}" --out "${DIR}"/ExtraLarge40mm2x.png
+    sips -s format png -Z '203'  "${FILE}" --out "${DIR}"/ExtraLarge42mm2x.png
+    sips -s format png -Z '224'  "${FILE}" --out "${DIR}"/ExtraLarge44mm2x.png
+    sips -s format png -Z '84'  "${FILE}" --out "${DIR}"/GraphicBezel40mm2x.png
+    sips -s format png -Z '84'  "${FILE}" --out "${DIR}"/GraphicBezel42mm2x.png
+    sips -s format png -Z '94'  "${FILE}" --out "${DIR}"/GraphicBezel44mm2x.png
+    sips -s format png -Z '84'  "${FILE}" --out "${DIR}"/GraphicCircular40mm2x.png
+    sips -s format png -Z '84'  "${FILE}" --out "${DIR}"/GraphicCircular42mm2x.png
+    sips -s format png -Z '94'  "${FILE}" --out "${DIR}"/GraphicCircular44mm2x.png
+    sips -s format png -Z '40'  "${FILE}" --out "${DIR}"/GraphicCorner40mm2x.png
+    sips -s format png -Z '40'  "${FILE}" --out "${DIR}"/GraphicCorner42mm2x.png
+    sips -s format png -Z '44'  "${FILE}" --out "${DIR}"/GraphicCorner44mm2x.png
+    sips -s format png -Z '52'  "${FILE}" --out "${DIR}"/GraphicModular38mm2x.png
+    sips -s format png -Z '58'  "${FILE}" --out "${DIR}"/GraphicModular40mm2x.png
+    sips -s format png -Z '58'  "${FILE}" --out "${DIR}"/GraphicModular42mm2x.png
+    sips -s format png -Z '64'  "${FILE}" --out "${DIR}"/GraphicModular44mm2x.png
+    sips -s format png -Z '40'  "${FILE}" --out "${DIR}"/GraphicUtilitarian38mm2x.png
+    sips -s format png -Z '44'  "${FILE}" --out "${DIR}"/GraphicUtilitarian40mm2x.png
+    sips -s format png -Z '44'  "${FILE}" --out "${DIR}"/GraphicUtilitarian42mm2x.png
+    sips -s format png -Z '50'  "${FILE}" --out "${DIR}"/GraphicUtilitarian44mm2x.png
+    sips -s format png -Z '206'  "${FILE}" --out "${DIR}"/GraphicExtraLarge38mm2x.png
+    sips -s format png -Z '264'  "${FILE}" --out "${DIR}"/GraphicExtraLarge44mm2x.png
+    echo "NOTE: Graphic Extra Large is not generated since that is not rectangular"
+fi
+
+if [[ "$PLATFORM" == *"macos"* ]] ; then # macOS
+    sips -s format png -Z '1024' "${FILE}" --out "${DIR}"/icon_512x512@2x.png
+    sips -s format png -Z '512'  "${FILE}" --out "${DIR}"/icon_512x512.png
+    sips -s format png -Z '512'  "${FILE}" --out "${DIR}"/icon_256x256@2x.png
+    sips -s format png -Z '256'  "${FILE}" --out "${DIR}"/icon_256x256.png
+    sips -s format png -Z '256'  "${FILE}" --out "${DIR}"/icon_128x128@2x.png
+    sips -s format png -Z '128'  "${FILE}" --out "${DIR}"/icon_128x128.png
+    sips -s format png -Z '64'   "${FILE}" --out "${DIR}"/icon_32x32@2x.png
+    sips -s format png -Z '32'   "${FILE}" --out "${DIR}"/icon_32x32.png
+    sips -s format png -Z '32'   "${FILE}" --out "${DIR}"/icon_16x16@2x.png
+    sips -s format png -Z '16'   "${FILE}" --out "${DIR}"/icon_16x16.png
+fi

build.cake

@@ -4,6 +4,7 @@
 #addin nuget:?package=Cake.Incubator&version=7.0.0
 #tool dotnet:?package=GitVersion.Tool&version=5.10.3
 using Path = System.IO.Path;
+using System.Text.RegularExpressions;
 
 var debugScript = Argument<bool>("debugScript", false);
 var target = Argument("target", "Default");
@@ -35,6 +36,7 @@ VariantConfig GetVariant() => variant.ToLower() switch{
 GitVersion _gitVersion; //will be set by GetGitInfo task
 var _slnPath = Path.Combine(""); //base path used to access files. If build.cake file is moved, just update this
 string _androidPackageName = string.Empty; //will be set by UpdateAndroidManifest task
+string _iOSVersionName = string.Empty;  //will be set by UpdateiOSPlist task
 string CreateFeatureBranch(string prevVersionName, GitVersion git) => $"{prevVersionName}-{git.BranchName.Replace("/","-")}";
 string GetVersionName(string prevVersionName, VariantConfig buildVariant, GitVersion git) => buildVariant is Prod? prevVersionName : CreateFeatureBranch(prevVersionName, git); 
 int CreateBuildNumber(int previousNumber) => ++previousNumber; 
@@ -163,7 +165,8 @@ enum iOSProjectType
     MainApp,
     Autofill,
     Extension,
-    ShareExtension
+    ShareExtension,
+    WatchApp
 }
 
 string GetiOSBundleId(VariantConfig buildVariant, iOSProjectType projectType) => projectType switch
@@ -171,6 +174,7 @@ string GetiOSBundleId(VariantConfig buildVariant, iOSProjectType projectType) =>
     iOSProjectType.Autofill => $"{buildVariant.iOSBundleId}.autofill",
     iOSProjectType.Extension => $"{buildVariant.iOSBundleId}.find-login-action-extension",
     iOSProjectType.ShareExtension => $"{buildVariant.iOSBundleId}.share-extension",
+    iOSProjectType.WatchApp => $"{buildVariant.iOSBundleId}.watchkitapp",
     _ => buildVariant.iOSBundleId
 };
 
@@ -205,6 +209,7 @@ private void UpdateiOSInfoPlist(string plistPath, VariantConfig buildVariant, Gi
 
     if(projectType == iOSProjectType.MainApp)
     {
+        _iOSVersionName = newVersionName;
         plist["CFBundleURLTypes"][0]["CFBundleURLName"] = $"{buildVariant.iOSBundleId}.url";
     }
 
@@ -240,10 +245,79 @@ private void UpdateiOSEntitlementsPlist(string entitlementsPath, VariantConfig b
     Information($"{entitlementsPath} updated with success!");
 }
 
-Task("UpdateiOSIcon")
+private void UpdateWatchKitAppInfoPlist(string plistPath, VariantConfig buildVariant)
+{
+    var plistFile = File(plistPath);
+    dynamic plist = DeserializePlist(plistFile);
+
+    var prevBundleId = plist["NSExtension"]["NSExtensionAttributes"]["WKAppBundleIdentifier"];
+    var newBundleId = GetiOSBundleId(buildVariant, iOSProjectType.WatchApp);
+
+    plist["NSExtension"]["NSExtensionAttributes"]["WKAppBundleIdentifier"] = newBundleId;
+
+    SerializePlist(plistFile, plist);
+
+    Information($"Changed Bundle Identifier from {prevBundleId} to {newBundleId}");
+    Information($"{plistPath} updated with success!");
+}
+
+private void UpdateWatchPbxproj(string pbxprojPath, string newVersion)
+{
+    var fileText = FileReadText(pbxprojPath);
+    if (string.IsNullOrEmpty(fileText))
+    {
+        throw new Exception($"Couldn't find {pbxprojPath}");
+    }
+
+    const string pattern = @"MARKETING_VERSION = [^;]*;";
+
+    fileText = Regex.Replace(fileText, pattern, $"MARKETING_VERSION = {newVersion};");
+
+    FileWriteText(pbxprojPath, fileText);
+    Information($"{pbxprojPath} modified successfully.");
+}
+
+/// <summary>
+/// Updates the target icons on the given appiconset target
+/// taking as source the icon in appIcons/iOS folder for the giving variant
+/// </summary>
+/// <param name="target">It can be <ios|watch|complication|macos></param>
+/// <param name="appiconsetTarget">Folder to copy the generated icons to</param>
+private void UpdateAppleIcons(string target, string appiconsetTarget)
+{
+    Information($"Updating {target} App Icons");
+
+    var iconsTempDirPath = Path.Combine(_slnPath, "appIcons", "temp");
+    CreateDirectory(iconsTempDirPath);
+
+    var arguments = new ProcessArgumentBuilder();
+    arguments.Append(target);
+    arguments.Append(Path.Combine(_slnPath, "appIcons", "iOS", $"{variant}.png"));
+    arguments.Append(iconsTempDirPath);
+
+    using(var process = StartAndReturnProcess(Path.Combine(_slnPath, "appIcons", "icongen.sh"), 
+        new ProcessSettings { Arguments = arguments }))
+    {
+        process.WaitForExit();
+        Information("Exit code: {0}", process.GetExitCode());
+    }
+
+    var generatedIconsPath = Path.Combine(iconsTempDirPath, "*.png");
+    CopyFiles(generatedIconsPath, appiconsetTarget);        
+
+    DeleteDirectory(iconsTempDirPath, new DeleteDirectorySettings {
+        Recursive = true,
+        Force = true
+    });
+
+    Information($"{target} App Icons have been updated");
+}
+
+Task("UpdateiOSIcons")
     .Does(()=>{
-        //TODO we'll implement variant icons later
-        Information($"Updating IOS App Icon");
+        UpdateAppleIcons("ios", Path.Combine(_slnPath, "src", "iOS", "Resources", "Assets.xcassets", "AppIcons.appiconset"));
+        UpdateAppleIcons("watch", Path.Combine(_slnPath, "src", "watchOS", "bitwarden", "bitwarden WatchKit App", "Assets.xcassets", "AppIcon.appiconset"));
+        // TODO: Update complication icons when they start working
     });
 
 Task("UpdateiOSPlist")
@@ -296,8 +370,10 @@ Task("UpdateiOSCodeFiles")
         var fileList = new string[] {
             Path.Combine(_slnPath, "src", "iOS.Core", "Utilities", "iOSCoreHelpers.cs"),
             Path.Combine(_slnPath, "src", "iOS.Core", "Constants.cs"),
+            Path.Combine(_slnPath, "src", "watchOS", "bitwarden", "bitwarden.xcodeproj", "project.pbxproj"),
+            Path.Combine(_slnPath, "src", "watchOS", "bitwarden", "bitwarden WatchKit Extension", "Helpers", "KeychainHelper.swift"),
             Path.Combine(".github", "resources", "export-options-ad-hoc.plist"),
-            Path.Combine(".github", "resources", "export-options-app-store.plist"),
+            Path.Combine(".github", "resources", "export-options-app-store.plist")
         };
 
         foreach(string path in fileList)
@@ -305,6 +381,22 @@ Task("UpdateiOSCodeFiles")
             ReplaceInFile(path, "com.8bit.bitwarden", buildVariant.iOSBundleId);
         }
     });
+
+Task("UpdateWatchProject")
+    .IsDependentOn("UpdateiOSPlist")
+    .WithCriteria(() => !string.IsNullOrEmpty(_iOSVersionName))
+    .Does(()=> {
+        var watchProjectPath = Path.Combine(_slnPath, "src", "watchOS", "bitwarden", "bitwarden.xcodeproj", "project.pbxproj");
+        UpdateWatchPbxproj(watchProjectPath, _iOSVersionName);
+    });
+
+Task("UpdateWatchKitAppInfoPlist")
+    .Does(()=> {
+        var buildVariant = GetVariant();
+        var infoPath = Path.Combine(_slnPath, "src", "watchOS", "bitwarden", "bitwarden WatchKit Extension", "Info.plist");
+        UpdateWatchKitAppInfoPlist(infoPath, buildVariant);
+    });
+
 #endregion iOS
 
 #region Main Tasks
@@ -318,12 +410,14 @@ Task("Android")
     });
 
 Task("iOS")
-    //.IsDependentOn("UpdateiOSIcon")
+    .IsDependentOn("UpdateiOSIcons")
     .IsDependentOn("UpdateiOSPlist")
     .IsDependentOn("UpdateiOSAutofillPlist")
     .IsDependentOn("UpdateiOSExtensionPlist")
     .IsDependentOn("UpdateiOSShareExtensionPlist")
     .IsDependentOn("UpdateiOSCodeFiles")
+    .IsDependentOn("UpdateWatchProject")
+    .IsDependentOn("UpdateWatchKitAppInfoPlist")
     .Does(()=>
     {
         Information("iOS app updated");

src/Android/Accessibility/AccessibilityHelpers.cs

@@ -76,6 +76,7 @@ namespace Bit.Droid.Accessibility
             new Browser("com.opera.touch", "addressbarEdit"),
             new Browser("com.qflair.browserq", "url"),
             new Browser("com.qwant.liberty", "mozac_browser_toolbar_url_view,url_bar_title"), // 2nd = Legacy (before v4)
+            new Browser("com.rainsee.create", "search_box"),
             new Browser("com.sec.android.app.sbrowser", "location_bar_edit_text"),
             new Browser("com.sec.android.app.sbrowser.beta", "location_bar_edit_text"),
             new Browser("com.stoutner.privacybrowser.free", "url_edittext"),
@@ -85,6 +86,9 @@ namespace Bit.Droid.Accessibility
             new Browser("com.vivaldi.browser.sopranos", "url_bar"),
             new Browser("com.yandex.browser", "bro_omnibar_address_title_text,bro_omnibox_collapsed_title",
                 (s) => s.Split(new char[]{' ', ' '}).FirstOrDefault()), // 0 = Regular Space, 1 = No-break space (00A0)
+            new Browser("com.yjllq.internet", "search_box"),
+            new Browser("com.yjllq.kito", "search_box"),
+            new Browser("com.yujian.ResideMenuDemo", "search_box"),
             new Browser("com.z28j.feel", "g2"),
             new Browser("idm.internet.download.manager", "search"),
             new Browser("idm.internet.download.manager.adm.lite", "search"),
@@ -132,6 +136,7 @@ namespace Bit.Droid.Accessibility
             new Browser("com.htc.sense.browser", "title"),
             new Browser("com.jerky.browser2", "enterUrl"),
             new Browser("com.ksmobile.cb", "address_bar_edit_text"),
+            new Browser("com.lemurbrowser.exts","url_bar"),
             new Browser("com.linkbubble.playstore", "url_text"),
             new Browser("com.mx.browser", "address_editor_with_progress"),
             new Browser("com.mx.browser.tablet", "address_editor_with_progress"),

src/Android/Android.csproj

@@ -169,6 +169,10 @@
     <GoogleServicesJson Include="google-services.json" />
     <GoogleServicesJson Include="google-services.json.enc" />
     <None Include="fdroid-keystore.jks.enc" />
+    <AndroidNativeLibrary Include="lib\arm64-v8a\libargon2.so" />
+    <AndroidNativeLibrary Include="lib\armeabi-v7a\libargon2.so" />
+    <AndroidNativeLibrary Include="lib\x86\libargon2.so" />
+    <AndroidNativeLibrary Include="lib\x86_64\libargon2.so" />
     <None Include="Properties\AndroidManifest.xml" />
     <None Include="upload-keystore.jks.enc" />
   </ItemGroup>

src/Android/Autofill/AutofillHelpers.cs

@@ -79,6 +79,7 @@ namespace Bit.Droid.Autofill
             "com.jamal2367.styx",
             "com.kiwibrowser.browser",
             "com.kiwibrowser.browser.dev",
+            "com.lemurbrowser.exts",
             "com.microsoft.emmx",
             "com.microsoft.emmx.beta",
             "com.microsoft.emmx.canary",
@@ -96,6 +97,7 @@ namespace Bit.Droid.Autofill
             "com.opera.touch",
             "com.qflair.browserq",
             "com.qwant.liberty",
+            "com.rainsee.create",
             "com.sec.android.app.sbrowser",
             "com.sec.android.app.sbrowser.beta",
             "com.stoutner.privacybrowser.free",
@@ -104,6 +106,9 @@ namespace Bit.Droid.Autofill
             "com.vivaldi.browser.snapshot",
             "com.vivaldi.browser.sopranos",
             "com.yandex.browser",
+            "com.yjllq.internet",
+            "com.yjllq.kito",
+            "com.yujian.ResideMenuDemo",
             "com.z28j.feel",
             "idm.internet.download.manager",
             "idm.internet.download.manager.adm.lite",

src/Android/Autofill/FieldCollection.cs

@@ -12,6 +12,7 @@ namespace Bit.Droid.Autofill
         private List<Field> _passwordFields = null;
         private List<Field> _usernameFields = null;
         private HashSet<string> _ignoreSearchTerms = new HashSet<string> { "search", "find", "recipient", "edit" };
+        private HashSet<string> _usernameTerms = new HashSet<string> { "email", "phone", "username"};
         private HashSet<string> _passwordTerms = new HashSet<string> { "password", "pswd" };
 
         public List<AutofillId> AutofillIds { get; private set; } = new List<AutofillId>();
@@ -98,6 +99,11 @@ namespace Bit.Droid.Autofill
                             _usernameFields.Add(usernameField);
                         }
                     }
+
+                    if (!_usernameFields.Any())
+                    {
+                        _usernameFields = Fields.Where(f => FieldIsUsername(f)).ToList();
+                    }
                 }
                 return _usernameFields;
             }
@@ -321,13 +327,23 @@ namespace Bit.Droid.Autofill
             }
 
             return inputTypePassword && !ValueContainsAnyTerms(f.IdEntry, _ignoreSearchTerms) &&
-                !ValueContainsAnyTerms(f.Hint, _ignoreSearchTerms);
+                !ValueContainsAnyTerms(f.Hint, _ignoreSearchTerms) && !FieldIsUsername(f);
         }
 
         private bool FieldHasPasswordTerms(Field f)
         {
             return ValueContainsAnyTerms(f.IdEntry, _passwordTerms) || ValueContainsAnyTerms(f.Hint, _passwordTerms);
         }
+        
+        private bool FieldIsUsername(Field f)
+        {
+            return f.InputType.HasFlag(InputTypes.TextVariationWebEmailAddress) || FieldHasUsernameTerms(f);
+        }
+
+        private bool FieldHasUsernameTerms(Field f)
+        {
+            return ValueContainsAnyTerms(f.IdEntry, _usernameTerms) || ValueContainsAnyTerms(f.Hint, _usernameTerms);
+        }
 
         private bool ValueContainsAnyTerms(string value, HashSet<string> terms)
         {
@@ -339,4 +355,4 @@ namespace Bit.Droid.Autofill
             return terms.Any(t => lowerValue.Contains(t));
         }
     }
-}
+}

src/Android/MainActivity.cs

@@ -170,7 +170,7 @@ namespace Bit.Droid
             {
                 if (intent?.GetStringExtra("uri") is string uri)
                 {
-                    _messagingService.Send("popAllAndGoToAutofillCiphers");
+                    _messagingService.Send(App.App.POP_ALL_AND_GO_TO_AUTOFILL_CIPHERS_MESSAGE);
                     if (_appOptions != null)
                     {
                        _appOptions.Uri = uri;
@@ -178,7 +178,7 @@ namespace Bit.Droid
                 }
                 else if (intent.GetBooleanExtra("generatorTile", false))
                 {
-                    _messagingService.Send("popAllAndGoToTabGenerator");
+                    _messagingService.Send(App.App.POP_ALL_AND_GO_TO_TAB_GENERATOR_MESSAGE);
                     if (_appOptions != null)
                     {
                         _appOptions.GeneratorTile = true;
@@ -186,7 +186,7 @@ namespace Bit.Droid
                 }
                 else if (intent.GetBooleanExtra("myVaultTile", false))
                 {
-                    _messagingService.Send("popAllAndGoToTabMyVault");
+                    _messagingService.Send(App.App.POP_ALL_AND_GO_TO_TAB_MYVAULT_MESSAGE);
                     if (_appOptions != null)
                     {
                         _appOptions.MyVaultTile = true;
@@ -198,7 +198,7 @@ namespace Bit.Droid
                     {
                         _appOptions.CreateSend = GetCreateSendRequest(intent);
                     }
-                    _messagingService.Send("popAllAndGoToTabSend");
+                    _messagingService.Send(App.App.POP_ALL_AND_GO_TO_TAB_SEND_MESSAGE);
                 }
                 else
                 {

src/Android/MainApplication.cs

@@ -21,6 +21,7 @@ using Bit.App.Utilities;
 using Bit.App.Pages;
 using Bit.App.Utilities.AccountManagement;
 using Bit.App.Controls;
+using Bit.Core.Enums;
 #if !FDROID
 using Android.Gms.Security;
 #endif
@@ -81,7 +82,8 @@ namespace Bit.Droid
                     ServiceContainer.Resolve<IAuthService>("authService"),
                     ServiceContainer.Resolve<ILogger>("logger"),
                     ServiceContainer.Resolve<IMessagingService>("messagingService"),
-                    ServiceContainer.Resolve<IWatchDeviceService>());
+                    ServiceContainer.Resolve<IWatchDeviceService>(),
+                    ServiceContainer.Resolve<IConditionedAwaiterManager>());
                 ServiceContainer.Register<IAccountsManager>("accountsManager", accountsManager);
             }
 #if !FDROID
@@ -143,9 +145,10 @@ namespace Bit.Droid
             var secureStorageService = new SecureStorageService();
             var cryptoPrimitiveService = new CryptoPrimitiveService();
             var mobileStorageService = new MobileStorageService(preferencesStorage, liteDbStorage);
-            var stateService = new StateService(mobileStorageService, secureStorageService, messagingService);
+            var storageMediatorService = new StorageMediatorService(mobileStorageService, secureStorageService, preferencesStorage);
+            var stateService = new StateService(mobileStorageService, secureStorageService, storageMediatorService, messagingService);
             var stateMigrationService =
-                new StateMigrationService(liteDbStorage, preferencesStorage, secureStorageService);
+                new StateMigrationService(DeviceType.Android, liteDbStorage, preferencesStorage, secureStorageService);
             var clipboardService = new ClipboardService(stateService);
             var deviceActionService = new DeviceActionService(stateService, messagingService);
             var fileService = new FileService(stateService, broadcasterService);
@@ -153,11 +156,12 @@ namespace Bit.Droid
                 messagingService, broadcasterService);
             var autofillHandler = new AutofillHandler(stateService, messagingService, clipboardService,
                 platformUtilsService, new LazyResolve<IEventService>());
-            var biometricService = new BiometricService();
+            var biometricService = new BiometricService(stateService);
             var cryptoFunctionService = new PclCryptoFunctionService(cryptoPrimitiveService);
             var cryptoService = new CryptoService(stateService, cryptoFunctionService);
             var passwordRepromptService = new MobilePasswordRepromptService(platformUtilsService, cryptoService);
 
+            ServiceContainer.Register<ISynchronousStorageService>(preferencesStorage);
             ServiceContainer.Register<IBroadcasterService>("broadcasterService", broadcasterService);
             ServiceContainer.Register<IMessagingService>("messagingService", messagingService);
             ServiceContainer.Register<ILocalizeService>("localizeService", localizeService);
@@ -165,6 +169,7 @@ namespace Bit.Droid
             ServiceContainer.Register<ICryptoPrimitiveService>("cryptoPrimitiveService", cryptoPrimitiveService);
             ServiceContainer.Register<IStorageService>("storageService", mobileStorageService);
             ServiceContainer.Register<IStorageService>("secureStorageService", secureStorageService);
+            ServiceContainer.Register<IStorageMediatorService>(storageMediatorService);
             ServiceContainer.Register<IStateService>("stateService", stateService);
             ServiceContainer.Register<IStateMigrationService>("stateMigrationService", stateMigrationService);
             ServiceContainer.Register<IClipboardService>("clipboardService", clipboardService);
@@ -197,7 +202,9 @@ namespace Bit.Droid
 
         private void Bootstrap()
         {
-            (ServiceContainer.Resolve<II18nService>("i18nService") as MobileI18nService).Init();
+            var locale = ServiceContainer.Resolve<IStateService>().GetLocale();
+            (ServiceContainer.Resolve<II18nService>("i18nService") as MobileI18nService)
+                .Init(locale != null ? new System.Globalization.CultureInfo(locale) : null);
             ServiceContainer.Resolve<IAuthService>("authService").Init();
             // Note: This is not awaited
             var bootstrapTask = BootstrapAsync();

src/Android/Properties/AndroidManifest.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<manifest xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" android:versionCode="1" android:versionName="2022.12.0" android:installLocation="internalOnly" package="com.x8bit.bitwarden">
+<manifest xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" android:versionCode="1" android:versionName="2023.4.1" android:installLocation="internalOnly" package="com.x8bit.bitwarden">
 	<uses-sdk android:minSdkVersion="21" android:targetSdkVersion="33" />
 	<uses-permission android:name="android.permission.INTERNET" />
 	<uses-permission android:name="android.permission.NFC" />
@@ -40,4 +40,16 @@
 			</intent-filter>
 		</activity>
 	</application>
+	<!-- Support for Xamarin.Essentials.Browser.OpenAsync  (for Android > 11) -->
+	<!-- Related docs: https://learn.microsoft.com/en-us/xamarin/essentials/open-browser?tabs=android -->
+	<queries>
+		<intent>
+			<action android:name="android.intent.action.VIEW" />
+			<data android:scheme="http" />
+		</intent>
+		<intent>
+			<action android:name="android.intent.action.VIEW" />
+			<data android:scheme="https" />
+		</intent>
+	</queries>
 </manifest>

src/Android/Resources/xml/autofillservice.xml

@@ -92,6 +92,9 @@
   <compatibility-package
     android:name="com.kiwibrowser.browser.dev"
     android:maxLongVersionCode="10000000000"/>
+  <compatibility-package
+    android:name="com.lemurbrowser.exts"
+    android:maxLongVersionCode="10000000000"/>
   <compatibility-package
     android:name="com.microsoft.emmx"
     android:maxLongVersionCode="10000000000"/>
@@ -143,6 +146,9 @@
   <compatibility-package
     android:name="com.qwant.liberty"
     android:maxLongVersionCode="10000000000"/>
+  <compatibility-package
+    android:name="com.rainsee.create"
+    android:maxLongVersionCode="10000000000"/>
   <compatibility-package
     android:name="com.sec.android.app.sbrowser"
     android:maxLongVersionCode="10000000000"/>
@@ -167,6 +173,15 @@
   <compatibility-package
     android:name="com.yandex.browser"
     android:maxLongVersionCode="10000000000"/>
+  <compatibility-package
+    android:name="com.yjllq.internet"
+    android:maxLongVersionCode="10000000000"/>
+  <compatibility-package
+    android:name="com.yjllq.kito"
+    android:maxLongVersionCode="10000000000"/>
+  <compatibility-package
+    android:name="com.yujian.ResideMenuDemo"
+    android:maxLongVersionCode="10000000000"/>
   <compatibility-package
     android:name="com.z28j.feel"
     android:maxLongVersionCode="10000000000"/>

src/Android/Services/BiometricService.cs

@@ -4,7 +4,6 @@ using Android.OS;
 using Android.Security.Keystore;
 using Bit.Core.Abstractions;
 using Bit.Core.Services;
-using Bit.Core.Utilities;
 using Java.Security;
 using Javax.Crypto;
 
@@ -12,6 +11,8 @@ namespace Bit.Droid.Services
 {
     public class BiometricService : IBiometricService
     {
+        private readonly IStateService _stateService;
+
         private const string KeyName = "com.8bit.bitwarden.biometric_integrity";
 
         private const string KeyStoreName = "AndroidKeyStore";
@@ -23,28 +24,28 @@ namespace Bit.Droid.Services
 
         private readonly KeyStore _keystore;
 
-        public BiometricService()
+        public BiometricService(IStateService stateService)
         {
+            _stateService = stateService;
             _keystore = KeyStore.GetInstance(KeyStoreName);
             _keystore.Load(null);
         }
 
-        public Task<bool> SetupBiometricAsync(string bioIntegrityKey = null)
+        public async Task<bool> SetupBiometricAsync(string bioIntegritySrcKey = null)
         {
-            // bioIntegrityKey used in iOS only
             if (Build.VERSION.SdkInt >= BuildVersionCodes.M)
             {
-                CreateKey();
+                await CreateKeyAsync(bioIntegritySrcKey);
             }
 
-            return Task.FromResult(true);
+            return true;
         }
 
-        public Task<bool> ValidateIntegrityAsync(string bioIntegrityKey = null)
+        public async Task<bool> IsSystemBiometricIntegrityValidAsync(string bioIntegritySrcKey = null)
         {
             if (Build.VERSION.SdkInt < BuildVersionCodes.M)
             {
-                return Task.FromResult(true);
+                return true;
             }
 
             try
@@ -55,7 +56,7 @@ namespace Bit.Droid.Services
 
                 if (key == null || cipher == null)
                 {
-                    return Task.FromResult(true);
+                    return true;
                 }
 
                 cipher.Init(CipherMode.EncryptMode, key);
@@ -63,25 +64,32 @@ namespace Bit.Droid.Services
             catch (KeyPermanentlyInvalidatedException e)
             {
                 // Biometric has changed
-                return Task.FromResult(false);
+                await ClearStateAsync(bioIntegritySrcKey);
+                return false;
             }
             catch (UnrecoverableKeyException e)
             {
                 // Biometric was disabled and re-enabled
-                return Task.FromResult(false);
+                await ClearStateAsync(bioIntegritySrcKey);
+                return false;
             }
             catch (InvalidKeyException e)
             {
                 // Fallback for old bitwarden users without a key
                 LoggerHelper.LogEvenIfCantBeResolved(e);
-                CreateKey();
+                await CreateKeyAsync(bioIntegritySrcKey);
             }
 
-            return Task.FromResult(true);
+            return true;
         }
 
-        private void CreateKey()
+        private async Task CreateKeyAsync(string bioIntegritySrcKey = null)
         {
+            bioIntegritySrcKey ??= Core.Constants.BiometricIntegritySourceKey;
+            await _stateService.SetSystemBiometricIntegrityState(bioIntegritySrcKey,
+                await GetStateAsync(bioIntegritySrcKey));
+            await _stateService.SetAccountBiometricIntegrityValidAsync(bioIntegritySrcKey);
+
             try
             {
                 var keyGen = KeyGenerator.GetInstance(KeyAlgorithm, KeyStoreName);
@@ -101,5 +109,16 @@ namespace Bit.Droid.Services
                 LoggerHelper.LogEvenIfCantBeResolved(e);
             }
         }
+
+        private async Task<string> GetStateAsync(string bioIntegritySrcKey)
+        {
+            return await _stateService.GetSystemBiometricIntegrityState(bioIntegritySrcKey) ??
+                   Guid.NewGuid().ToString();
+        }
+
+        private async Task ClearStateAsync(string bioIntegritySrcKey)
+        {
+            await _stateService.SetSystemBiometricIntegrityState(bioIntegritySrcKey, null);
+        }
     }
 }

src/Android/Services/ClipboardService.cs

@@ -49,12 +49,6 @@ namespace Bit.Droid.Services
             }
         }
 
-        public bool IsCopyNotificationHandledByPlatform()
-        {
-            // Android 13+ provides built-in notification when text is copied to the clipboard
-            return (int)Build.VERSION.SdkInt >= 33;
-        }
-
         private void CopyToClipboard(string text, bool isSensitive = true)
         {
             var clipboardManager = Application.Context.GetSystemService(Context.ClipboardService) as ClipboardManager;

src/Android/Services/CryptoPrimitiveService.cs

@@ -5,6 +5,8 @@ using Org.BouncyCastle.Crypto.Digests;
 using Org.BouncyCastle.Crypto.Generators;
 using Org.BouncyCastle.Crypto.Parameters;
 using System;
+using System.Runtime.InteropServices;
+using Java.Lang;
 
 namespace Bit.Droid.Services
 {
@@ -33,5 +35,19 @@ namespace Bit.Droid.Services
             generator.Init(password, salt, iterations);
             return ((KeyParameter)generator.GenerateDerivedMacParameters(keySize)).GetKey();
         }
+
+        public byte[] Argon2id(byte[] password, byte[] salt, int iterations, int memory, int parallelism)
+        {
+            JavaSystem.LoadLibrary("argon2");
+            int keySize = 32;
+            var key = new byte[keySize];
+            argon2id_hash_raw(iterations, memory, parallelism,
+                password, password.Length, salt, salt.Length, key, key.Length);
+            return key;
+        }
+
+        [DllImport("argon2", EntryPoint = "argon2id_hash_raw")]
+        private static extern int argon2id_hash_raw(int timeCost, int memoryCost, int parallelism,
+            byte[] pwd, int pwdlen, byte[] salt, int saltlen, byte[] hash, int hashlen);
     }
 }

src/Android/Services/DeviceActionService.cs

@@ -502,11 +502,6 @@ namespace Bit.Droid.Services
 
         public async Task SetScreenCaptureAllowedAsync()
         {
-            if (CoreHelpers.ForceScreenCaptureEnabled())
-            {
-                return;
-            }
-
             var activity = CrossCurrentActivity.Current?.Activity;
             if (await _stateService.GetScreenCaptureAllowedAsync())
             {

src/Android/Services/LocalizeService.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Diagnostics;
 using System.Globalization;
 using Bit.App.Abstractions;
 using Bit.App.Models;
@@ -25,13 +26,13 @@ namespace Bit.Droid.Services
                 try
                 {
                     var fallback = ToDotnetFallbackLanguage(new PlatformCulture(netLanguage));
-                    Console.WriteLine(netLanguage + " failed, trying " + fallback + " (" + e1.Message + ")");
+                    Debug.WriteLine(netLanguage + " failed, trying " + fallback + " (" + e1.Message + ")");
                     ci = new CultureInfo(fallback);
                 }
                 catch (CultureNotFoundException e2)
                 {
                     // iOS language not valid .NET culture, falling back to English
-                    Console.WriteLine(netLanguage + " couldn't be set, using 'en' (" + e2.Message + ")");
+                    Debug.WriteLine(netLanguage + " couldn't be set, using 'en' (" + e2.Message + ")");
                     ci = new CultureInfo("en");
                 }
             }
@@ -40,7 +41,7 @@ namespace Bit.Droid.Services
 
         private string AndroidToDotnetLanguage(string androidLanguage)
         {
-            Console.WriteLine("Android Language:" + androidLanguage);
+            Debug.WriteLine("Android Language:" + androidLanguage);
             var netLanguage = androidLanguage;
             if (androidLanguage.StartsWith("zh"))
             {
@@ -79,13 +80,13 @@ namespace Bit.Droid.Services
                         // ONLY use cultures that have been tested and known to work
                 }
             }
-            Console.WriteLine(".NET Language/Locale:" + netLanguage);
+            Debug.WriteLine(".NET Language/Locale:" + netLanguage);
             return netLanguage;
         }
 
         private string ToDotnetFallbackLanguage(PlatformCulture platCulture)
         {
-            Console.WriteLine(".NET Fallback Language:" + platCulture.LanguageCode);
+            Debug.WriteLine(".NET Fallback Language:" + platCulture.LanguageCode);
             var netLanguage = platCulture.LanguageCode; // use the first part of the identifier (two chars, usually);
             switch (platCulture.LanguageCode)
             {
@@ -95,7 +96,7 @@ namespace Bit.Droid.Services
                     // add more application-specific cases here (if required)
                     // ONLY use cultures that have been tested and known to work
             }
-            Console.WriteLine(".NET Fallback Language/Locale:" + netLanguage + " (application-specific)");
+            Debug.WriteLine(".NET Fallback Language/Locale:" + netLanguage + " (application-specific)");
             return netLanguage;
         }
 

src/Android/Services/WatchDeviceService.cs

@@ -2,7 +2,6 @@
 using System.Threading.Tasks;
 using Bit.App.Services;
 using Bit.Core.Abstractions;
-using Bit.Core.Models;
 
 namespace Bit.Droid.Services
 {
@@ -22,7 +21,7 @@ namespace Bit.Droid.Services
 
         protected override bool CanSendData => false;
 
-        protected override Task SendDataToWatchAsync(WatchDTO watchDto) => throw new NotImplementedException();
+        protected override Task SendDataToWatchAsync(byte[] rawData) => throw new NotImplementedException();
 
         protected override void ConnectToWatch() => throw new NotImplementedException();
     }

src/App/Abstractions/IAccountsManager.cs

@@ -8,6 +8,7 @@ namespace Bit.App.Abstractions
     {
         void Init(Func<AppOptions> getOptionsFunc, IAccountsManagerHost accountsManagerHost);
         Task NavigateOnAccountChangeAsync(bool? isAuthed = null);
+        Task StartDefaultNavigationFlowAsync(Action<AppOptions> appOptionsAction);
         Task LogOutAsync(string userId, bool userInitiated, bool expired);
         Task PromptToSwitchToExistingAccountAsync(string userId);
     }

src/App/Abstractions/IDeepLinkContext.cs

@@ -0,0 +1,9 @@
+using System;
+
+namespace Bit.App.Abstractions
+{
+    public interface IDeepLinkContext
+    {
+        bool OnNewUri(Uri uri);
+    }
+}

src/App/App.csproj

@@ -21,6 +21,7 @@
     <PackageReference Include="Xamarin.Forms" Version="5.0.0.2515" />
     <PackageReference Include="ZXing.Net.Mobile" Version="2.4.1" />
     <PackageReference Include="ZXing.Net.Mobile.Forms" Version="2.4.1" />
+    <PackageReference Include="MessagePack" Version="2.4.59" />
   </ItemGroup>
 
   <ItemGroup>
@@ -143,6 +144,7 @@
     <Folder Include="Utilities\AccountManagement\" />
     <Folder Include="Controls\DateTime\" />
     <Folder Include="Controls\IconLabelButton\" />
+    <Folder Include="Controls\PasswordStrengthProgressBar\" />
   </ItemGroup>
 
   <ItemGroup>
@@ -435,5 +437,8 @@
     <None Remove="Utilities\AccountManagement\" />
     <None Remove="Controls\DateTime\" />
     <None Remove="Controls\IconLabelButton\" />
+    <None Remove="MessagePack" />
+    <None Remove="MessagePack.MSBuild.Tasks" />
+    <None Remove="Controls\PasswordStrengthProgressBar\" />
   </ItemGroup>
 </Project>

src/App/App.xaml.cs

@@ -18,11 +18,22 @@ using Bit.Core.Utilities;
 using Xamarin.Forms;
 using Xamarin.Forms.Xaml;
 
+
+
+
+
+
+
 [assembly: XamlCompilation(XamlCompilationOptions.Compile)]
 namespace Bit.App
 {
     public partial class App : Application, IAccountsManagerHost
     {
+        public const string POP_ALL_AND_GO_TO_TAB_GENERATOR_MESSAGE = "popAllAndGoToTabGenerator";
+        public const string POP_ALL_AND_GO_TO_TAB_MYVAULT_MESSAGE = "popAllAndGoToTabMyVault";
+        public const string POP_ALL_AND_GO_TO_TAB_SEND_MESSAGE = "popAllAndGoToTabSend";
+        public const string POP_ALL_AND_GO_TO_AUTOFILL_CIPHERS_MESSAGE = "popAllAndGoToAutofillCiphers";
+
         private readonly IBroadcasterService _broadcasterService;
         private readonly IMessagingService _messagingService;
         private readonly IStateService _stateService;
@@ -103,12 +114,18 @@ namespace Bit.App
                         await Task.Delay(1000);
                         await _accountsManager.NavigateOnAccountChangeAsync();
                     }
-                    else if (message.Command == "popAllAndGoToTabGenerator" ||
-                        message.Command == "popAllAndGoToTabMyVault" ||
-                        message.Command == "popAllAndGoToTabSend" ||
-                        message.Command == "popAllAndGoToAutofillCiphers")
+                    else if (message.Command == POP_ALL_AND_GO_TO_TAB_GENERATOR_MESSAGE ||
+                        message.Command == POP_ALL_AND_GO_TO_TAB_MYVAULT_MESSAGE ||
+                        message.Command == POP_ALL_AND_GO_TO_TAB_SEND_MESSAGE ||
+                        message.Command == POP_ALL_AND_GO_TO_AUTOFILL_CIPHERS_MESSAGE ||
+                        message.Command == DeepLinkContext.NEW_OTP_MESSAGE)
                     {
-                        Device.BeginInvokeOnMainThread(async () =>
+                        if (message.Command == DeepLinkContext.NEW_OTP_MESSAGE)
+                        {
+                            Options.OtpData = new OtpData((string)message.Data);
+                        }
+
+                        await Device.InvokeOnMainThreadAsync(async () =>
                         {
                             if (Current.MainPage is TabsPage tabsPage)
                             {
@@ -116,24 +133,29 @@ namespace Bit.App
                                 {
                                     await tabsPage.Navigation.PopModalAsync(false);
                                 }
-                                if (message.Command == "popAllAndGoToAutofillCiphers")
+                                if (message.Command == POP_ALL_AND_GO_TO_AUTOFILL_CIPHERS_MESSAGE)
                                 {
-                                    Current.MainPage = new NavigationPage(new AutofillCiphersPage(Options));
+                                    Current.MainPage = new NavigationPage(new CipherSelectionPage(Options));
                                 }
-                                else if (message.Command == "popAllAndGoToTabMyVault")
+                                else if (message.Command == POP_ALL_AND_GO_TO_TAB_MYVAULT_MESSAGE)
                                 {
                                     Options.MyVaultTile = false;
                                     tabsPage.ResetToVaultPage();
                                 }
-                                else if (message.Command == "popAllAndGoToTabGenerator")
+                                else if (message.Command == POP_ALL_AND_GO_TO_TAB_GENERATOR_MESSAGE)
                                 {
                                     Options.GeneratorTile = false;
                                     tabsPage.ResetToGeneratorPage();
                                 }
-                                else if (message.Command == "popAllAndGoToTabSend")
+                                else if (message.Command == POP_ALL_AND_GO_TO_TAB_SEND_MESSAGE)
                                 {
                                     tabsPage.ResetToSendPage();
                                 }
+                                else if (message.Command == DeepLinkContext.NEW_OTP_MESSAGE)
+                                {
+                                    tabsPage.ResetToVaultPage();
+                                    await tabsPage.Navigation.PushModalAsync(new NavigationPage(new CipherSelectionPage(Options)));
+                                }
                             }
                         });
                     }
@@ -145,6 +167,14 @@ namespace Bit.App
                                 new NavigationPage(new RemoveMasterPasswordPage()));
                         });
                     }
+                    else if (message.Command == Constants.ForceUpdatePassword)
+                    {
+                        Device.BeginInvokeOnMainThread(async () =>
+                        {
+                            await Application.Current.MainPage.Navigation.PushModalAsync(
+                                new NavigationPage(new UpdateTempPasswordPage()));
+                        });
+                    }
                     else if (message.Command == Constants.PasswordlessLoginRequestKey
                         || message.Command == "unlocked"
                         || message.Command == AccountsManagerMessageCommands.ACCOUNT_SWITCH_COMPLETED)
@@ -201,7 +231,7 @@ namespace Bit.App
                 Id = loginRequestData.Id,
                 IpAddress = loginRequestData.RequestIpAddress,
                 Email = await _stateService.GetEmailAsync(),
-                FingerprintPhrase = loginRequestData.RequestFingerprint,
+                FingerprintPhrase = loginRequestData.FingerprintPhrase,
                 RequestDate = loginRequestData.CreationDate,
                 DeviceType = loginRequestData.RequestDeviceType,
                 Origin = loginRequestData.Origin
@@ -308,6 +338,7 @@ namespace Bit.App
         private async Task SleptAsync()
         {
             await _vaultTimeoutService.CheckVaultTimeoutAsync();
+            await ClearSensitiveFieldsAsync();
             _messagingService.Send("stopEventTimer");
         }
 
@@ -315,6 +346,7 @@ namespace Bit.App
         {
             await _stateService.CheckExtensionActiveUserAndSwitchIfNeededAsync();
             await _vaultTimeoutService.CheckVaultTimeoutAsync();
+            await ClearSensitiveFieldsAsync();
             _messagingService.Send("startEventTimer");
             await UpdateThemeAsync();
             await ClearCacheIfNeededAsync();
@@ -335,6 +367,14 @@ namespace Bit.App
             });
         }
 
+        private async Task ClearSensitiveFieldsAsync()
+        {
+            await Device.InvokeOnMainThreadAsync(() =>
+            {
+                _messagingService.Send(Constants.ClearSensitiveFields);
+            });
+        }
+
         private void SetCulture()
         {
             // Calendars are removed by linker. ref https://bugzilla.xamarin.com/show_bug.cgi?id=59077
@@ -459,14 +499,7 @@ namespace Bit.App
             switch (navTarget)
             {
                 case NavigationTarget.HomeLogin:
-                    if (navParams is HomeNavigationParams homeParams)
-                    {
-                        Current.MainPage = new NavigationPage(new HomePage(Options, homeParams.ShouldCheckRememberEmail));
-                    }
-                    else
-                    {
-                        Current.MainPage = new NavigationPage(new HomePage(Options));
-                    }
+                    Current.MainPage = new NavigationPage(new HomePage(Options));
                     break;
                 case NavigationTarget.Login:
                     if (navParams is LoginNavigationParams loginParams)
@@ -491,7 +524,8 @@ namespace Bit.App
                     Current.MainPage = new NavigationPage(new CipherAddEditPage(appOptions: Options));
                     break;
                 case NavigationTarget.AutofillCiphers:
-                    Current.MainPage = new NavigationPage(new AutofillCiphersPage(Options));
+                case NavigationTarget.OtpCipherSelection:
+                    Current.MainPage = new NavigationPage(new CipherSelectionPage(Options));
                     break;
                 case NavigationTarget.SendAddEdit:
                     Current.MainPage = new NavigationPage(new SendAddEditPage(Options));

src/App/Controls/AccountViewCell/AccountViewCellViewModel.cs

@@ -14,7 +14,7 @@ namespace Bit.App.Controls
         {
             AccountView = accountView;
             AvatarImageSource = ServiceContainer.Resolve<IAvatarImageSourcePool>("avatarImageSourcePool")
-                ?.GetOrCreateAvatar(AccountView.UserId, AccountView.Name, AccountView.Email);
+                ?.GetOrCreateAvatar(AccountView.UserId, AccountView.Name, AccountView.Email, AccountView.AvatarColor);
         }
 
         public AccountView AccountView

src/App/Controls/AvatarImageSource.cs

@@ -13,6 +13,7 @@ namespace Bit.App.Controls
     {
         private readonly string _text;
         private readonly string _id;
+        private readonly string _color;
 
         public override bool Equals(object obj)
         {
@@ -23,7 +24,7 @@ namespace Bit.App.Controls
 
             if (obj is AvatarImageSource avatar)
             {
-                return avatar._id == _id && avatar._text == _text;
+                return avatar._id == _id && avatar._text == _text && avatar._color == _color;
             }
 
             return base.Equals(obj);
@@ -31,7 +32,7 @@ namespace Bit.App.Controls
 
         public override int GetHashCode() => _id?.GetHashCode() ?? _text?.GetHashCode() ?? -1;
 
-        public AvatarImageSource(string userId = null, string name = null, string email = null)
+        public AvatarImageSource(string userId = null, string name = null, string email = null, string color = null)
         {
             _id = userId;
             _text = name;
@@ -39,6 +40,7 @@ namespace Bit.App.Controls
             {
                 _text = email;
             }
+            _color = color;
         }
 
         public override Func<CancellationToken, Task<Stream>> Stream => GetStreamAsync;
@@ -71,7 +73,7 @@ namespace Bit.App.Controls
                 chars = upperCaseText = _text.ToUpper();
             }
 
-            var bgColor = CoreHelpers.StringToColor(_id ?? upperCaseText, "#33ffffff");
+            var bgColor = _color ?? CoreHelpers.StringToColor(_id ?? upperCaseText, "#33ffffff");
             var textColor = CoreHelpers.TextColorFromBgColor(bgColor);
             var size = 50;
 

src/App/Controls/AvatarImageSourcePool.cs

@@ -5,19 +5,19 @@ namespace Bit.App.Controls
 {
     public interface IAvatarImageSourcePool
     {
-        AvatarImageSource GetOrCreateAvatar(string userId, string name, string email);
+        AvatarImageSource GetOrCreateAvatar(string userId, string name, string email, string color);
     }
 
     public class AvatarImageSourcePool : IAvatarImageSourcePool
     {
         private readonly ConcurrentDictionary<string, AvatarImageSource> _cache = new ConcurrentDictionary<string, AvatarImageSource>();
 
-        public AvatarImageSource GetOrCreateAvatar(string userId, string name, string email)
+        public AvatarImageSource GetOrCreateAvatar(string userId, string name, string email, string color)
         {
-            var key = $"{userId}{name}{email}";
+            var key = $"{userId}{name}{email}{color}";
             if (!_cache.TryGetValue(key, out var avatar))
             {
-                avatar = new AvatarImageSource(userId, name, email);
+                avatar = new AvatarImageSource(userId, name, email, color);
                 if (!_cache.TryAdd(key, avatar)
                     &&
                     !_cache.TryGetValue(key, out avatar)) // If add fails another thread created the avatar in between the first try get and the try add.

src/App/Controls/CipherViewCell/CipherViewCell.xaml.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Windows.Input;
 using Bit.App.Abstractions;
 using Bit.Core.Models.View;
 using Bit.Core.Utilities;
@@ -18,7 +19,7 @@ namespace Bit.App.Controls
             nameof(WebsiteIconsEnabled), typeof(bool?), typeof(CipherViewCell));
 
         public static readonly BindableProperty ButtonCommandProperty = BindableProperty.Create(
-            nameof(ButtonCommand), typeof(Command<CipherView>), typeof(CipherViewCell));
+            nameof(ButtonCommand), typeof(ICommand), typeof(CipherViewCell));
 
         public CipherViewCell()
         {
@@ -42,9 +43,9 @@ namespace Bit.App.Controls
             set => SetValue(CipherProperty, value);
         }
 
-        public Command<CipherView> ButtonCommand
+        public ICommand ButtonCommand
         {
-            get => GetValue(ButtonCommandProperty) as Command<CipherView>;
+            get => GetValue(ButtonCommandProperty) as ICommand;
             set => SetValue(ButtonCommandProperty, value);
         }
 

src/App/Controls/ExtendedCollectionView.cs

@@ -1,4 +1,6 @@
-using Xamarin.Forms;
+using System.Linq;
+using Xamarin.CommunityToolkit.Converters;
+using Xamarin.Forms;
 
 namespace Bit.App.Controls
 {
@@ -6,4 +8,13 @@ namespace Bit.App.Controls
     {
         public string ExtraDataForLogging { get; set; }
     }
+
+    public class SelectionChangedEventArgsConverter : BaseNullableConverterOneWay<SelectionChangedEventArgs, object>
+    {
+        public override object? ConvertFrom(SelectionChangedEventArgs? value)
+        {
+            return value?.CurrentSelection.FirstOrDefault();
+        }
+    }
+
 }

src/App/Controls/PasswordStrengthProgressBar/IPasswordStrengthable.cs

@@ -0,0 +1,11 @@
+using System.Collections.Generic;
+
+namespace Bit.App.Controls
+{
+    public interface IPasswordStrengthable
+    {
+        string Password { get; }
+        List<string> UserInputs { get; }
+    }
+}
+

src/App/Controls/PasswordStrengthProgressBar/PasswordStrengthCategory.cs

@@ -0,0 +1,17 @@
+using Bit.Core.Attributes;
+
+namespace Bit.App.Controls
+{
+    public enum PasswordStrengthLevel
+    {
+        [LocalizableEnum("Weak")]
+        VeryWeak,
+        [LocalizableEnum("Weak")]
+        Weak,
+        [LocalizableEnum("Good")]
+        Good,
+        [LocalizableEnum("Strong")]
+        Strong
+    }
+}
+

src/App/Controls/PasswordStrengthProgressBar/PasswordStrengthProgressBar.xaml

@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<StackLayout
+    xmlns="http://xamarin.com/schemas/2014/forms"
+    xmlns:x="http://schemas.microsoft.com/winfx/2009/xaml"
+    xmlns:controls="clr-namespace:Bit.App.Controls"
+    xmlns:u="clr-namespace:Bit.App.Utilities"
+    x:DataType="controls:PasswordStrengthViewModel"
+    x:Class="Bit.App.Controls.PasswordStrengthProgressBar"
+    StyleClass="box">
+    
+    <StackLayout.Resources>
+        <ResourceDictionary>
+            <u:LocalizableEnumConverter x:Key="localizableEnum" />
+        </ResourceDictionary>
+    </StackLayout.Resources>
+
+    <ProgressBar
+        x:Name="_progressBar"
+        u:ProgressBarExtensions.AnimatedProgress="{Binding PasswordStrength}"
+        ScaleY="2" />
+
+    <Label
+        x:Name="_progressLabel"
+        Text="{Binding PasswordStrengthLevel, Converter={StaticResource localizableEnum}, TargetNullValue=' ' }"
+        StyleClass="box-footer-label" />
+
+</StackLayout>
+

src/App/Controls/PasswordStrengthProgressBar/PasswordStrengthProgressBar.xaml.cs

@@ -0,0 +1,108 @@
+using System;
+using Xamarin.Forms;
+
+namespace Bit.App.Controls
+{
+    public partial class PasswordStrengthProgressBar : StackLayout
+    {
+        public static readonly BindableProperty PasswordStrengthLevelProperty = BindableProperty.Create(
+            nameof(PasswordStrengthLevel),
+            typeof(PasswordStrengthLevel),
+            typeof(PasswordStrengthProgressBar),
+            propertyChanged: OnControlPropertyChanged);
+
+        public static readonly BindableProperty VeryWeakColorProperty = BindableProperty.Create(
+            nameof(VeryWeakColor),
+            typeof(Color),
+            typeof(PasswordStrengthProgressBar),
+            propertyChanged: OnControlPropertyChanged);
+
+        public static readonly BindableProperty WeakColorProperty = BindableProperty.Create(
+            nameof(WeakColor),
+            typeof(Color),
+            typeof(PasswordStrengthProgressBar),
+            propertyChanged: OnControlPropertyChanged);
+
+        public static readonly BindableProperty GoodColorProperty = BindableProperty.Create(
+            nameof(GoodColor),
+            typeof(Color),
+            typeof(PasswordStrengthProgressBar),
+            propertyChanged: OnControlPropertyChanged);
+
+        public static readonly BindableProperty StrongColorProperty = BindableProperty.Create(
+            nameof(StrongColor),
+            typeof(Color),
+            typeof(PasswordStrengthProgressBar),
+            propertyChanged: OnControlPropertyChanged);
+
+        public PasswordStrengthLevel? PasswordStrengthLevel
+        {
+            get { return (PasswordStrengthLevel?)GetValue(PasswordStrengthLevelProperty); }
+            set { SetValue(PasswordStrengthLevelProperty, value); }
+        }
+
+        public Color VeryWeakColor
+        {
+            get { return (Color)GetValue(VeryWeakColorProperty); }
+            set { SetValue(VeryWeakColorProperty, value); }
+        }
+
+        public Color WeakColor
+        {
+            get { return (Color)GetValue(WeakColorProperty); }
+            set { SetValue(WeakColorProperty, value); }
+        }
+
+        public Color GoodColor
+        {
+            get { return (Color)GetValue(GoodColorProperty); }
+            set { SetValue(GoodColorProperty, value); }
+        }
+
+        public Color StrongColor
+        {
+            get { return (Color)GetValue(StrongColorProperty); }
+            set { SetValue(StrongColorProperty, value); }
+        }
+
+        public PasswordStrengthProgressBar()
+        {
+            InitializeComponent();
+            SetBinding(PasswordStrengthProgressBar.PasswordStrengthLevelProperty, new Binding() { Path = nameof(PasswordStrengthViewModel.PasswordStrengthLevel) });
+            UpdateColors();
+        }
+
+        private static void OnControlPropertyChanged(BindableObject bindable, object oldValue, object newValue)
+        {
+            (bindable as PasswordStrengthProgressBar)?.UpdateColors();
+        }
+
+        public void UpdateColors()
+        {
+            if (_progressBar == null || _progressLabel == null)
+            {
+                return;
+            }
+            _progressBar.ProgressColor = GetColorForStrength();
+            _progressLabel.TextColor = _progressBar.ProgressColor;
+        }
+
+        private Color GetColorForStrength()
+        {
+            switch (PasswordStrengthLevel)
+            {
+                case Controls.PasswordStrengthLevel.VeryWeak:
+                    return VeryWeakColor;
+                case Controls.PasswordStrengthLevel.Weak:
+                    return WeakColor;
+                case Controls.PasswordStrengthLevel.Good:
+                    return GoodColor;
+                case Controls.PasswordStrengthLevel.Strong:
+                    return StrongColor;
+                default:
+                    return Color.Transparent;
+            }
+        }
+    }
+}
+

src/App/Controls/PasswordStrengthProgressBar/PasswordStrengthViewModel.cs

@@ -0,0 +1,67 @@
+using System.Collections.Generic;
+using Bit.Core.Abstractions;
+using Bit.Core.Utilities;
+using Xamarin.Forms;
+
+namespace Bit.App.Controls
+{
+    public class PasswordStrengthViewModel : ExtendedViewModel
+    {
+        private readonly IPasswordGenerationService _passwordGenerationService;
+        private readonly IPasswordStrengthable _passwordStrengthable;
+        private double _passwordStrength;
+        private Color _passwordColor;
+        private PasswordStrengthLevel? _passwordStrengthLevel;
+
+        public PasswordStrengthViewModel(IPasswordStrengthable passwordStrengthable)
+        {
+            _passwordGenerationService = ServiceContainer.Resolve<IPasswordGenerationService>();
+            _passwordStrengthable = passwordStrengthable;
+        }
+
+        public double PasswordStrength
+        {
+            get => _passwordStrength;
+            set => SetProperty(ref _passwordStrength, value);
+        }
+
+        public PasswordStrengthLevel? PasswordStrengthLevel
+        {
+            get => _passwordStrengthLevel;
+            set => SetProperty(ref _passwordStrengthLevel, value);
+        }
+
+        public List<string> GetPasswordStrengthUserInput(string email) => _passwordGenerationService.GetPasswordStrengthUserInput(email);
+
+        public void CalculatePasswordStrength()
+        {
+            if (string.IsNullOrEmpty(_passwordStrengthable.Password))
+            {
+                PasswordStrength = 0;
+                PasswordStrengthLevel = null;
+                return;
+            }
+
+            var passwordStrength = _passwordGenerationService.PasswordStrength(_passwordStrengthable.Password, _passwordStrengthable.UserInputs);
+            // The passwordStrength.Score is 0..4, convertion was made to be used as a progress directly by the control 0..1 
+            PasswordStrength = (passwordStrength.Score + 1f) / 5f;
+            if (PasswordStrength <= 0.4f)
+            {
+                PasswordStrengthLevel = Controls.PasswordStrengthLevel.VeryWeak;
+            }
+            else if (PasswordStrength <= 0.6f)
+            {
+                PasswordStrengthLevel = Controls.PasswordStrengthLevel.Weak;
+            }
+            else if (PasswordStrength <= 0.8f)
+            {
+                PasswordStrengthLevel = Controls.PasswordStrengthLevel.Good;
+            }
+            else
+            {
+                PasswordStrengthLevel = Controls.PasswordStrengthLevel.Strong;
+            }
+        }
+    }
+}
+

src/App/Models/AppOptions.cs

@@ -1,5 +1,6 @@
 using System;
 using Bit.Core.Enums;
+using Bit.Core.Utilities;
 
 namespace Bit.App.Models
 {
@@ -23,6 +24,7 @@ namespace Bit.App.Models
         public Tuple<SendType, string, byte[], string> CreateSend { get; set; }
         public bool CopyInsteadOfShareAfterSaving { get; set; }
         public bool HideAccountSwitcher { get; set; }
+        public OtpData? OtpData { get; set; }
 
         public void SetAllFrom(AppOptions o)
         {
@@ -48,6 +50,7 @@ namespace Bit.App.Models
             CreateSend = o.CreateSend;
             CopyInsteadOfShareAfterSaving = o.CopyInsteadOfShareAfterSaving;
             HideAccountSwitcher = o.HideAccountSwitcher;
+            OtpData = o.OtpData;
         }
     }
 }

src/App/Pages/Accounts/BaseChangePasswordViewModel.cs

@@ -1,9 +1,8 @@
-using System.Collections.Generic;
-using System.Text;
-using System.Text.RegularExpressions;
+using System.Text;
 using System.Threading.Tasks;
 using Bit.App.Abstractions;
 using Bit.App.Resources;
+using Bit.Core;
 using Bit.Core.Abstractions;
 using Bit.Core.Models.Domain;
 using Bit.Core.Utilities;
@@ -71,13 +70,13 @@ namespace Bit.App.Pages
             set => SetProperty(ref _policy, value);
         }
 
-        public string ShowPasswordIcon => ShowPassword ? "" : "";
+        public string ShowPasswordIcon => ShowPassword ? BitwardenIcons.EyeSlash : BitwardenIcons.Eye;
         public string PasswordVisibilityAccessibilityText => ShowPassword ? AppResources.PasswordIsVisibleTapToHide : AppResources.PasswordIsNotVisibleTapToShow;
         public string MasterPassword { get; set; }
         public string ConfirmMasterPassword { get; set; }
         public string Hint { get; set; }
 
-        public async Task InitAsync(bool forceSync = false)
+        public virtual async Task InitAsync(bool forceSync = false)
         {
             if (forceSync)
             {
@@ -147,8 +146,8 @@ namespace Bit.App.Pages
             }
             if (IsPolicyInEffect)
             {
-                var userInput = await GetPasswordStrengthUserInput();
-                var passwordStrength = _passwordGenerationService.PasswordStrength(MasterPassword, userInput);
+                var userInputs = _passwordGenerationService.GetPasswordStrengthUserInput(await _stateService.GetEmailAsync());
+                var passwordStrength = _passwordGenerationService.PasswordStrength(MasterPassword, userInputs);
                 if (!await _policyService.EvaluateMasterPassword(passwordStrength.Score, MasterPassword, Policy))
                 {
                     await _platformUtilsService.ShowDialogAsync(AppResources.MasterPasswordPolicyValidationMessage,
@@ -158,9 +157,9 @@ namespace Bit.App.Pages
             }
             else
             {
-                if (MasterPassword.Length < 8)
+                if (MasterPassword.Length < Constants.MasterPasswordMinimumChars)
                 {
-                    await _platformUtilsService.ShowDialogAsync(AppResources.MasterPasswordLengthValMessage,
+                    await _platformUtilsService.ShowDialogAsync(string.Format(AppResources.MasterPasswordLengthValMessageX, Constants.MasterPasswordMinimumChars),
                         AppResources.MasterPasswordPolicyValidationTitle, AppResources.Ok);
                     return false;
                 }
@@ -174,19 +173,5 @@ namespace Bit.App.Pages
 
             return true;
         }
-
-        private async Task<List<string>> GetPasswordStrengthUserInput()
-        {
-            var email = await _stateService.GetEmailAsync();
-            List<string> userInput = null;
-            var atPosition = email.IndexOf('@');
-            if (atPosition > -1)
-            {
-                var rx = new Regex("/[^A-Za-z0-9]/", RegexOptions.Compiled);
-                var data = rx.Split(email.Substring(0, atPosition).Trim().ToLower());
-                userInput = new List<string>(data);
-            }
-            return userInput;
-        }
     }
 }

src/App/Pages/Accounts/HomePage.xaml.cs

@@ -15,14 +15,13 @@ namespace Bit.App.Pages
         private readonly AppOptions _appOptions;
         private IBroadcasterService _broadcasterService;
 
-        public HomePage(AppOptions appOptions = null, bool shouldCheckRememberEmail = true)
+        public HomePage(AppOptions appOptions = null)
         {
             _broadcasterService = ServiceContainer.Resolve<IBroadcasterService>("broadcasterService");
             _appOptions = appOptions;
             InitializeComponent();
             _vm = BindingContext as HomeViewModel;
             _vm.Page = this;
-            _vm.ShouldCheckRememberEmail = shouldCheckRememberEmail;
             _vm.ShowCancelButton = _appOptions?.IosExtension ?? false;
             _vm.StartLoginAction = async () => await StartLoginAsync();
             _vm.StartRegisterAction = () => Device.BeginInvokeOnMainThread(async () => await StartRegisterAsync());
@@ -71,8 +70,6 @@ namespace Bit.App.Pages
                     });
                 }
             });
-
-            _vm.CheckNavigateLoginStep();
         }
 
         protected override bool OnBackButtonPressed()

src/App/Pages/Accounts/HomePageViewModel.cs

@@ -73,8 +73,6 @@ namespace Bit.App.Pages
 
         public bool CanContinue => !string.IsNullOrEmpty(Email);
 
-        public bool ShouldCheckRememberEmail { get; set; }
-
         public FormattedString CreateAccountText
         {
             get
@@ -110,15 +108,6 @@ namespace Bit.App.Pages
             RememberEmail = !string.IsNullOrEmpty(Email);
         }
 
-        public void CheckNavigateLoginStep()
-        {
-            if (ShouldCheckRememberEmail && RememberEmail)
-            {
-                StartLoginAction();
-            }
-            ShouldCheckRememberEmail = false;
-        }
-
         public async Task ContinueToLoginStepAsync()
         {
             try
@@ -136,16 +125,16 @@ namespace Bit.App.Pages
                         AppResources.Ok);
                     return;
                 }
+
                 await _stateService.SetRememberedEmailAsync(RememberEmail ? Email : null);
                 var userId = await _stateService.GetUserIdAsync(Email);
-                if (!string.IsNullOrWhiteSpace(userId))
+
+                if (!string.IsNullOrWhiteSpace(userId) &&
+                    (await _stateService.GetEnvironmentUrlsAsync(userId))?.Base == _environmentService.BaseUrl &&
+                    await _stateService.IsAuthenticatedAsync(userId))
                 {
-                    var userEnvUrls = await _stateService.GetEnvironmentUrlsAsync(userId);
-                    if (userEnvUrls?.Base == _environmentService.BaseUrl)
-                    {
-                        await _accountManager.PromptToSwitchToExistingAccountAsync(userId);
-                        return;
-                    }
+                    await _accountManager.PromptToSwitchToExistingAccountAsync(userId);
+                    return;
                 }
                 StartLoginAction();
             }

src/App/Pages/Accounts/LockPage.xaml

@@ -137,7 +137,7 @@
                     </StackLayout>
                     <StackLayout Padding="10, 0">
                         <Label
-                            Text="{u:I18n BiometricInvalidated}"
+                            Text="{u:I18n AccountBiometricInvalidated}"
                             StyleClass="box-footer-label,text-danger,text-bold"
                             IsVisible="{Binding BiometricIntegrityValid, Converter={StaticResource inverseBool}}" />
                         <Button Text="{Binding BiometricButtonText}" Clicked="Biometric_Clicked"

src/App/Pages/Accounts/LockPage.xaml.cs

@@ -3,6 +3,8 @@ using System.Threading.Tasks;
 using Bit.App.Models;
 using Bit.App.Resources;
 using Bit.App.Utilities;
+using Bit.Core;
+using Bit.Core.Abstractions;
 using Bit.Core.Utilities;
 using Xamarin.Forms;
 
@@ -10,6 +12,7 @@ namespace Bit.App.Pages
 {
     public partial class LockPage : BaseContentPage
     {
+        private readonly IBroadcasterService _broadcasterService;
         private readonly AppOptions _appOptions;
         private readonly bool _autoPromptBiometric;
         private readonly LockPageViewModel _vm;
@@ -22,6 +25,7 @@ namespace Bit.App.Pages
             _appOptions = appOptions;
             _autoPromptBiometric = autoPromptBiometric;
             InitializeComponent();
+            _broadcasterService = ServiceContainer.Resolve<IBroadcasterService>();
             _vm = BindingContext as LockPageViewModel;
             _vm.Page = this;
             _vm.UnlockedAction = () => Device.BeginInvokeOnMainThread(async () => await UnlockedAsync());
@@ -64,6 +68,13 @@ namespace Bit.App.Pages
         protected override async void OnAppearing()
         {
             base.OnAppearing();
+            _broadcasterService.Subscribe(nameof(LockPage), message =>
+            {
+                if (message.Command == Constants.ClearSensitiveFields)
+                {
+                    Device.BeginInvokeOnMainThread(_vm.ResetPinPasswordFields);
+                }
+            });
             if (_appeared)
             {
                 return;
@@ -129,6 +140,7 @@ namespace Bit.App.Pages
             base.OnDisappearing();
 
             _accountAvatar?.OnDisappearing();
+            _broadcasterService.Unsubscribe(nameof(LockPage));
         }
 
         private void Unlock_Clicked(object sender, EventArgs e)

src/App/Pages/Accounts/LockPageViewModel.cs

@@ -9,6 +9,7 @@ using Bit.Core.Abstractions;
 using Bit.Core.Enums;
 using Bit.Core.Models.Domain;
 using Bit.Core.Models.Request;
+using Bit.Core.Services;
 using Bit.Core.Utilities;
 using Xamarin.CommunityToolkit.Helpers;
 using Xamarin.Forms;
@@ -30,8 +31,12 @@ namespace Bit.App.Pages
         private readonly ILogger _logger;
         private readonly IWatchDeviceService _watchDeviceService;
         private readonly WeakEventManager<int?> _secretEntryFocusWeakEventManager = new WeakEventManager<int?>();
+        private readonly IPolicyService _policyService;
+        private readonly IPasswordGenerationService _passwordGenerationService;
 
         private string _email;
+        private string _masterPassword;
+        private string _pin;
         private bool _showPassword;
         private bool _pinLock;
         private bool _biometricLock;
@@ -58,6 +63,8 @@ namespace Bit.App.Pages
             _keyConnectorService = ServiceContainer.Resolve<IKeyConnectorService>("keyConnectorService");
             _logger = ServiceContainer.Resolve<ILogger>("logger");
             _watchDeviceService = ServiceContainer.Resolve<IWatchDeviceService>();
+            _policyService = ServiceContainer.Resolve<IPolicyService>();
+            _passwordGenerationService = ServiceContainer.Resolve<IPasswordGenerationService>();
 
             PageTitle = AppResources.VerifyMasterPassword;
             TogglePasswordCommand = new Command(TogglePassword);
@@ -70,6 +77,18 @@ namespace Bit.App.Pages
             };
         }
 
+        public string MasterPassword
+        {
+            get => _masterPassword;
+            set => SetProperty(ref _masterPassword, value);
+        }
+
+        public string Pin
+        {
+            get => _pin;
+            set => SetProperty(ref _pin, value);
+        }
+
         public bool ShowPassword
         {
             get => _showPassword;
@@ -134,8 +153,6 @@ namespace Bit.App.Pages
         public Command TogglePasswordCommand { get; }
         public string ShowPasswordIcon => ShowPassword ? BitwardenIcons.EyeSlash : BitwardenIcons.Eye;
         public string PasswordVisibilityAccessibilityText => ShowPassword ? AppResources.PasswordIsVisibleTapToHide : AppResources.PasswordIsNotVisibleTapToShow;
-        public string MasterPassword { get; set; }
-        public string Pin { get; set; }
         public Action UnlockedAction { get; set; }
         public event Action<int?> FocusSecretEntry
         {
@@ -192,7 +209,7 @@ namespace Bit.App.Pages
 
             if (BiometricLock)
             {
-                BiometricIntegrityValid = await _biometricService.ValidateIntegrityAsync();
+                BiometricIntegrityValid = await _platformUtilsService.IsBiometricIntegrityValidAsync();
                 if (!_biometricIntegrityValid)
                 {
                     BiometricButtonVisible = false;
@@ -228,8 +245,7 @@ namespace Bit.App.Pages
             }
 
             ShowPassword = false;
-            var kdf = await _stateService.GetKdfTypeAsync();
-            var kdfIterations = await _stateService.GetKdfIterationsAsync();
+            var kdfConfig = await _stateService.GetActiveUserCustomDataAsync(a => new KdfConfig(a?.Profile));
 
             if (PinLock)
             {
@@ -239,7 +255,7 @@ namespace Bit.App.Pages
                     if (_isPinProtected)
                     {
                         var key = await _cryptoService.MakeKeyFromPinAsync(Pin, _email,
-                            kdf.GetValueOrDefault(KdfType.PBKDF2_SHA256), kdfIterations.GetValueOrDefault(5000),
+                            kdfConfig,
                             await _stateService.GetPinProtectedKeyAsync());
                         var encKey = await _cryptoService.GetEncKeyAsync(key);
                         var protectedPin = await _stateService.GetProtectedPinAsync();
@@ -254,8 +270,7 @@ namespace Bit.App.Pages
                     }
                     else
                     {
-                        var key = await _cryptoService.MakeKeyFromPinAsync(Pin, _email,
-                            kdf.GetValueOrDefault(KdfType.PBKDF2_SHA256), kdfIterations.GetValueOrDefault(5000));
+                        var key = await _cryptoService.MakeKeyFromPinAsync(Pin, _email, kdfConfig);
                         failed = false;
                         Pin = string.Empty;
                         await AppHelpers.ResetInvalidUnlockAttemptsAsync();
@@ -280,9 +295,10 @@ namespace Bit.App.Pages
             }
             else
             {
-                var key = await _cryptoService.MakeKeyAsync(MasterPassword, _email, kdf, kdfIterations);
+                var key = await _cryptoService.MakeKeyAsync(MasterPassword, _email, kdfConfig);
                 var storedKeyHash = await _cryptoService.GetKeyHashAsync();
                 var passwordValid = false;
+                MasterPasswordPolicyOptions enforcedMasterPasswordOptions = null;
 
                 if (storedKeyHash != null)
                 {
@@ -294,9 +310,11 @@ namespace Bit.App.Pages
                     var keyHash = await _cryptoService.HashPasswordAsync(MasterPassword, key, HashPurpose.ServerAuthorization);
                     var request = new PasswordVerificationRequest();
                     request.MasterPasswordHash = keyHash;
+
                     try
                     {
-                        await _apiService.PostAccountVerifyPasswordAsync(request);
+                        var response = await _apiService.PostAccountVerifyPasswordAsync(request);
+                        enforcedMasterPasswordOptions = response.MasterPasswordPolicy;
                         passwordValid = true;
                         var localKeyHash = await _cryptoService.HashPasswordAsync(MasterPassword, key, HashPurpose.LocalAuthorization);
                         await _cryptoService.SetKeyHashAsync(localKeyHash);
@@ -314,10 +332,17 @@ namespace Bit.App.Pages
                         var protectedPin = await _stateService.GetProtectedPinAsync();
                         var encKey = await _cryptoService.GetEncKeyAsync(key);
                         var decPin = await _cryptoService.DecryptToUtf8Async(new EncString(protectedPin), encKey);
-                        var pinKey = await _cryptoService.MakePinKeyAysnc(decPin, _email,
-                            kdf.GetValueOrDefault(KdfType.PBKDF2_SHA256), kdfIterations.GetValueOrDefault(5000));
+                        var pinKey = await _cryptoService.MakePinKeyAysnc(decPin, _email, kdfConfig);
                         await _stateService.SetPinProtectedKeyAsync(await _cryptoService.EncryptAsync(key.Key, pinKey));
                     }
+
+                    if (await RequirePasswordChangeAsync(enforcedMasterPasswordOptions))
+                    {
+                        // Save the ForcePasswordResetReason to force a password reset after unlock
+                        await _stateService.SetForcePasswordResetReasonAsync(
+                            ForcePasswordResetReason.WeakMasterPasswordOnLogin);
+                    }
+
                     MasterPassword = string.Empty;
                     await AppHelpers.ResetInvalidUnlockAttemptsAsync();
                     await SetKeyAndContinueAsync(key);
@@ -342,6 +367,37 @@ namespace Bit.App.Pages
             }
         }
 
+        /// <summary>
+        /// Checks if the master password requires updating to meet the enforced policy requirements
+        /// </summary>
+        /// <param name="options"></param>
+        private async Task<bool> RequirePasswordChangeAsync(MasterPasswordPolicyOptions options = null)
+        {
+            // If no policy options are provided, attempt to load them from the policy service
+            var enforcedOptions = options ?? await _policyService.GetMasterPasswordPolicyOptions();
+
+            // No policy to enforce on login/unlock
+            if (!(enforcedOptions is { EnforceOnLogin: true }))
+            {
+                return false;
+            }
+
+            var strength = _passwordGenerationService.PasswordStrength(
+                MasterPassword, _passwordGenerationService.GetPasswordStrengthUserInput(_email))?.Score;
+
+            if (!strength.HasValue)
+            {
+                _logger.Error("Unable to evaluate master password strength during unlock");
+                return false;
+            }
+
+            return !await _policyService.EvaluateMasterPassword(
+                strength.Value,
+                MasterPassword,
+                enforcedOptions
+            );
+        }
+
         public async Task LogOutAsync()
         {
             var confirmed = await _platformUtilsService.ShowDialogAsync(AppResources.LogoutConfirmation,
@@ -352,6 +408,20 @@ namespace Bit.App.Pages
             }
         }
 
+        public void ResetPinPasswordFields()
+        {
+            try
+            {
+                MasterPassword = string.Empty;
+                Pin = string.Empty;
+                ShowPassword = false;
+            }
+            catch (Exception ex)
+            {
+                LoggerHelper.LogEvenIfCantBeResolved(ex);
+            }
+        }
+
         public void TogglePassword()
         {
             ShowPassword = !ShowPassword;
@@ -361,7 +431,8 @@ namespace Bit.App.Pages
 
         public async Task PromptBiometricAsync()
         {
-            BiometricIntegrityValid = await _biometricService.ValidateIntegrityAsync();
+            BiometricIntegrityValid = await _platformUtilsService.IsBiometricIntegrityValidAsync();
+            BiometricButtonVisible = BiometricIntegrityValid;
             if (!BiometricLock || !BiometricIntegrityValid)
             {
                 return;

src/App/Pages/Accounts/LoginPage.xaml.cs

@@ -2,6 +2,7 @@
 using System.Threading.Tasks;
 using Bit.App.Models;
 using Bit.App.Utilities;
+using Bit.Core;
 using Bit.Core.Abstractions;
 using Bit.Core.Services;
 using Bit.Core.Utilities;
@@ -12,6 +13,7 @@ namespace Bit.App.Pages
 {
     public partial class LoginPage : BaseContentPage
     {
+        private readonly IBroadcasterService _broadcasterService;
         private readonly LoginPageViewModel _vm;
         private readonly AppOptions _appOptions;
 
@@ -23,6 +25,7 @@ namespace Bit.App.Pages
         {
             _appOptions = appOptions;
             InitializeComponent();
+            _broadcasterService = ServiceContainer.Resolve<IBroadcasterService>();
             _vm = BindingContext as LoginPageViewModel;
             _vm.Page = this;
             _vm.StartTwoFactorAction = () => Device.BeginInvokeOnMainThread(async () => await StartTwoFactorAsync());
@@ -70,6 +73,13 @@ namespace Bit.App.Pages
         protected override async void OnAppearing()
         {
             base.OnAppearing();
+            _broadcasterService.Subscribe(nameof(LoginPage), message =>
+            {
+                if (message.Command == Constants.ClearSensitiveFields)
+                {
+                    Device.BeginInvokeOnMainThread(_vm.ResetPasswordField);
+                }
+            });
             _mainContent.Content = _mainLayout;
             _accountAvatar?.OnAppearing();
 
@@ -104,6 +114,7 @@ namespace Bit.App.Pages
             base.OnDisappearing();
 
             _accountAvatar?.OnDisappearing();
+            _broadcasterService.Unsubscribe(nameof(LoginPage));
         }
 
         private async void LogIn_Clicked(object sender, EventArgs e)

src/App/Pages/Accounts/LoginPageViewModel.cs

@@ -40,6 +40,7 @@ namespace Bit.App.Pages
         private string _masterPassword;
         private bool _isEmailEnabled;
         private bool _isKnownDevice;
+        private bool _isExecutingLogin;
 
         public LoginPageViewModel()
         {
@@ -143,21 +144,27 @@ namespace Bit.App.Pages
             try
             {
                 await _deviceActionService.ShowLoadingAsync(AppResources.Loading);
+                await _stateService.SetPreLoginEmailAsync(Email);
                 await AccountSwitchingOverlayViewModel.RefreshAccountViewsAsync();
                 if (string.IsNullOrWhiteSpace(Email))
                 {
                     Email = await _stateService.GetRememberedEmailAsync();
                 }
-                var deviceIdentifier = await _appIdService.GetAppIdAsync();
-                // TODO uncomment to enable login with device
-                //IsKnownDevice = await _apiService.GetKnownDeviceAsync(Email, deviceIdentifier);
                 CanRemoveAccount = await _stateService.GetActiveUserEmailAsync() != Email;
-                await _deviceActionService.HideLoadingAsync();
+                IsKnownDevice = await _apiService.GetKnownDeviceAsync(Email, await _appIdService.GetAppIdAsync());
+            }
+            catch (ApiException apiEx) when (apiEx.Error.StatusCode == System.Net.HttpStatusCode.Unauthorized)
+            {
+                _logger.Exception(apiEx);
             }
             catch (Exception ex)
             {
                 HandleException(ex);
             }
+            finally
+            {
+                await _deviceActionService.HideLoadingAsync();
+            }
         }
 
         public async Task LogInAsync(bool showLoading = true, bool checkForExistingAccount = false)
@@ -192,6 +199,7 @@ namespace Bit.App.Pages
             ShowPassword = false;
             try
             {
+                _isExecutingLogin = true;
                 if (checkForExistingAccount)
                 {
                     var userId = await _stateService.GetUserIdAsync(Email);
@@ -253,6 +261,26 @@ namespace Bit.App.Pages
                         AppResources.AnErrorHasOccurred, AppResources.Ok);
                 }
             }
+            finally
+            {
+                _isExecutingLogin = false;
+            }
+        }
+
+        public void ResetPasswordField()
+        {
+            try
+            {
+                if (!_isExecutingLogin)
+                {
+                    MasterPassword = string.Empty;
+                    ShowPassword = false;
+                }
+            }
+            catch (Exception ex)
+            {
+                LoggerHelper.LogEvenIfCantBeResolved(ex);
+            }
         }
 
         private async Task MoreAsync()

src/App/Pages/Accounts/LoginPasswordlessRequestViewModel.cs

@@ -171,7 +171,7 @@ namespace Bit.App.Pages
             var response = await _authService.PasswordlessCreateLoginRequestAsync(_email);
             if (response != null)
             {
-                FingerprintPhrase = response.RequestFingerprint;
+                FingerprintPhrase = response.FingerprintPhrase;
                 _requestId = response.Id;
                 _requestAccessCode = response.RequestAccessCode;
                 _requestKeyPair = response.RequestKeyPair;

src/App/Pages/Accounts/LoginPasswordlessViewModel.cs

@@ -118,7 +118,7 @@ namespace Bit.App.Pages
             }
 
             var loginRequestData = await _authService.GetPasswordlessLoginRequestByIdAsync(LoginRequest.Id);
-            if (loginRequestData.RequestApproved.HasValue && loginRequestData.ResponseDate.HasValue)
+            if (loginRequestData.IsAnswered)
             {
                 await _platformUtilsService.ShowDialogAsync(AppResources.ThisRequestIsNoLongerValid);
                 await Page.Navigation.PopModalAsync();

src/App/Pages/Accounts/LoginSsoPageViewModel.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Net;
 using System.Threading.Tasks;
 using System.Windows.Input;
 using Bit.App.Abstractions;
@@ -27,6 +28,7 @@ namespace Bit.App.Pages
         private readonly IPlatformUtilsService _platformUtilsService;
         private readonly IStateService _stateService;
         private readonly ILogger _logger;
+        private readonly IOrganizationService _organizationService;
 
         private string _orgIdentifier;
 
@@ -42,6 +44,7 @@ namespace Bit.App.Pages
             _platformUtilsService = ServiceContainer.Resolve<IPlatformUtilsService>("platformUtilsService");
             _stateService = ServiceContainer.Resolve<IStateService>("stateService");
             _logger = ServiceContainer.Resolve<ILogger>("logger");
+            _organizationService = ServiceContainer.Resolve<IOrganizationService>();
 
 
             PageTitle = AppResources.Bitwarden;
@@ -63,9 +66,25 @@ namespace Bit.App.Pages
 
         public async Task InitAsync()
         {
-            if (string.IsNullOrWhiteSpace(OrgIdentifier))
+            try
             {
-                OrgIdentifier = await _stateService.GetRememberedOrgIdentifierAsync();
+                if (await TryClaimedDomainLogin())
+                {
+                    return;
+                }
+
+                if (string.IsNullOrWhiteSpace(OrgIdentifier))
+                {
+                    OrgIdentifier = await _stateService.GetRememberedOrgIdentifierAsync();
+                }
+            }
+            catch (Exception ex)
+            {
+                _logger.Exception(ex);
+            }
+            finally
+            {
+                await _deviceActionService.HideLoadingAsync();
             }
         }
 
@@ -207,5 +226,37 @@ namespace Bit.App.Pages
                     AppResources.AnErrorHasOccurred);
             }
         }
+
+        private async Task<bool> TryClaimedDomainLogin()
+        {
+            try
+            {
+                await _deviceActionService.ShowLoadingAsync(AppResources.Loading);
+                var userEmail = await _stateService.GetPreLoginEmailAsync();
+                var claimedDomainOrgDetails = await _organizationService.GetClaimedOrganizationDomainAsync(userEmail);
+                await _deviceActionService.HideLoadingAsync();
+
+                if (claimedDomainOrgDetails == null || !claimedDomainOrgDetails.SsoAvailable)
+                {
+                    return false;
+                }
+
+                if (string.IsNullOrEmpty(claimedDomainOrgDetails.OrganizationIdentifier))
+                {
+                    await _platformUtilsService.ShowDialogAsync(AppResources.OrganizationSsoIdentifierRequired, AppResources.AnErrorHasOccurred);
+                    return false;
+                }
+
+                OrgIdentifier = claimedDomainOrgDetails.OrganizationIdentifier;
+                await LogInAsync();
+                return true;
+            }
+            catch (Exception ex)
+            {
+                HandleException(ex);
+            }
+
+            return false;
+        }
     }
 }

src/App/Pages/Accounts/RegisterPage.xaml

@@ -25,7 +25,7 @@
     </ContentPage.ToolbarItems>
 
     <ScrollView>
-        <StackLayout Spacing="20">
+        <StackLayout Spacing="10">
             <StackLayout StyleClass="box">
                 <StackLayout StyleClass="box-row">
                     <Label
@@ -72,8 +72,19 @@
                         AutomationProperties.HelpText="{Binding PasswordVisibilityAccessibilityText}"/>
                 </Grid>
                 <Label
-                    Text="{u:I18n MasterPasswordDescription}"
-                    StyleClass="box-footer-label" />
+                    StyleClass="box-sub-label"
+                    Margin="0,0,0,10">
+                        <Label.FormattedText>
+                            <FormattedString>
+                                <Span Text="{u:I18n Important}" TextColor="{DynamicResource InfoColor}"/>
+                                <Span Text=": " TextColor="{DynamicResource InfoColor}"/>
+                                <Span Text="{Binding MasterPasswordMininumCharactersDescription}" TextColor="{DynamicResource MutedColor}"/>
+                            </FormattedString>
+                        </Label.FormattedText>
+                </Label>
+                <controls:PasswordStrengthProgressBar
+                    BindingContext="{Binding PasswordStrengthViewModel}"
+                    Margin="0,0"/>
             </StackLayout>
             <StackLayout StyleClass="box">
                 <Grid StyleClass="box-row">
@@ -126,6 +137,17 @@
                     StyleClass="box-footer-label" />
             </StackLayout>
             <StackLayout StyleClass="box">
+                <StackLayout StyleClass="box-row, box-row-switch">
+                    <Switch
+                        IsToggled="{Binding CheckExposedMasterPassword}"
+                        StyleClass="box-value"
+                        HorizontalOptions="Start"
+                        Margin="0, 0, 10, 0"/>
+                    <Label
+                        Text="{u:I18n CheckKnownDataBreachesForThisPassword}"
+                        StyleClass="box-footer-label"
+                        VerticalOptions="Center"/>
+                </StackLayout>
                 <StackLayout StyleClass="box-row, box-row-switch"
                             IsVisible="{Binding ShowTerms}">
                     <Switch

src/App/Pages/Accounts/RegisterPageViewModel.cs

@@ -1,28 +1,36 @@
 using System;
+using System.Collections.Generic;
 using System.Threading.Tasks;
 using System.Windows.Input;
 using Bit.App.Abstractions;
+using Bit.App.Controls;
 using Bit.App.Resources;
+using Bit.App.Utilities;
 using Bit.Core;
 using Bit.Core.Abstractions;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Models.Request;
+using Bit.Core.Services;
 using Bit.Core.Utilities;
 using Xamarin.Forms;
 
 namespace Bit.App.Pages
 {
-    public class RegisterPageViewModel : CaptchaProtectedViewModel
+    public class RegisterPageViewModel : CaptchaProtectedViewModel, IPasswordStrengthable
     {
         private readonly IDeviceActionService _deviceActionService;
         private readonly II18nService _i18nService;
         private readonly IEnvironmentService _environmentService;
+        private readonly IAuditService _auditService;
         private readonly IApiService _apiService;
         private readonly ICryptoService _cryptoService;
         private readonly IPlatformUtilsService _platformUtilsService;
+        private string _email;
+        private string _masterPassword;
         private bool _showPassword;
         private bool _acceptPolicies;
+        private bool _checkExposedMasterPassword;
 
         public RegisterPageViewModel()
         {
@@ -32,12 +40,15 @@ namespace Bit.App.Pages
             _platformUtilsService = ServiceContainer.Resolve<IPlatformUtilsService>("platformUtilsService");
             _i18nService = ServiceContainer.Resolve<II18nService>("i18nService");
             _environmentService = ServiceContainer.Resolve<IEnvironmentService>("environmentService");
+            _auditService = ServiceContainer.Resolve<IAuditService>();
 
             PageTitle = AppResources.CreateAccount;
             TogglePasswordCommand = new Command(TogglePassword);
             ToggleConfirmPasswordCommand = new Command(ToggleConfirmPassword);
             SubmitCommand = new Command(async () => await SubmitAsync());
             ShowTerms = !_platformUtilsService.IsSelfHost();
+            PasswordStrengthViewModel = new PasswordStrengthViewModel(this);
+            CheckExposedMasterPassword = true;
         }
 
         public ICommand PoliciesClickCommand => new Command<string>((url) =>
@@ -61,6 +72,34 @@ namespace Bit.App.Pages
             get => _acceptPolicies;
             set => SetProperty(ref _acceptPolicies, value);
         }
+
+        public bool CheckExposedMasterPassword
+        {
+            get => _checkExposedMasterPassword;
+            set => SetProperty(ref _checkExposedMasterPassword, value);
+        }
+
+        public string MasterPassword
+        {
+            get => _masterPassword;
+            set
+            {
+                SetProperty(ref _masterPassword, value);
+                PasswordStrengthViewModel.CalculatePasswordStrength();
+            }
+        }
+
+        public string Email
+        {
+            get => _email;
+            set => SetProperty(ref _email, value);
+        }
+
+        public string Password => MasterPassword;
+        public List<string> UserInputs => PasswordStrengthViewModel.GetPasswordStrengthUserInput(Email);
+        public string MasterPasswordMininumCharactersDescription => string.Format(AppResources.YourMasterPasswordCannotBeRecoveredIfYouForgetItXCharactersMinimum,
+                                                                            Constants.MasterPasswordMinimumChars);
+        public PasswordStrengthViewModel PasswordStrengthViewModel { get; }
         public bool ShowTerms { get; set; }
         public Command SubmitCommand { get; }
         public Command TogglePasswordCommand { get; }
@@ -68,13 +107,10 @@ namespace Bit.App.Pages
         public string ShowPasswordIcon => ShowPassword ? BitwardenIcons.EyeSlash : BitwardenIcons.Eye;
         public string PasswordVisibilityAccessibilityText => ShowPassword ? AppResources.PasswordIsVisibleTapToHide : AppResources.PasswordIsNotVisibleTapToShow;
         public string Name { get; set; }
-        public string Email { get; set; }
-        public string MasterPassword { get; set; }
         public string ConfirmMasterPassword { get; set; }
         public string Hint { get; set; }
         public Action RegistrationSuccess { get; set; }
         public Action CloseAction { get; set; }
-
         protected override II18nService i18nService => _i18nService;
         protected override IEnvironmentService environmentService => _environmentService;
         protected override IDeviceActionService deviceActionService => _deviceActionService;
@@ -110,9 +146,9 @@ namespace Bit.App.Pages
                     AppResources.Ok);
                 return;
             }
-            if (MasterPassword.Length < 8)
+            if (MasterPassword.Length < Constants.MasterPasswordMinimumChars)
             {
-                await _platformUtilsService.ShowDialogAsync(AppResources.MasterPasswordLengthValMessage,
+                await _platformUtilsService.ShowDialogAsync(string.Format(AppResources.MasterPasswordLengthValMessageX, Constants.MasterPasswordMinimumChars),
                     AppResources.AnErrorHasOccurred, AppResources.Ok);
                 return;
             }
@@ -128,8 +164,10 @@ namespace Bit.App.Pages
                     AppResources.AnErrorHasOccurred, AppResources.Ok);
                 return;
             }
-
-            // TODO: Password strength check?
+            if (await IsPasswordWeakOrExposed())
+            {
+                return;
+            }
 
             if (showLoading)
             {
@@ -138,9 +176,8 @@ namespace Bit.App.Pages
 
             Name = string.IsNullOrWhiteSpace(Name) ? null : Name;
             Email = Email.Trim().ToLower();
-            var kdf = KdfType.PBKDF2_SHA256;
-            var kdfIterations = 100_000;
-            var key = await _cryptoService.MakeKeyAsync(MasterPassword, Email, kdf, kdfIterations);
+            var kdfConfig = new KdfConfig(KdfType.PBKDF2_SHA256, Constants.Pbkdf2Iterations, null, null);
+            var key = await _cryptoService.MakeKeyAsync(MasterPassword, Email, kdfConfig);
             var encKey = await _cryptoService.MakeEncKeyAsync(key);
             var hashedPassword = await _cryptoService.HashPasswordAsync(MasterPassword, key);
             var keys = await _cryptoService.MakeKeyPairAsync(encKey.Item1);
@@ -151,8 +188,10 @@ namespace Bit.App.Pages
                 MasterPasswordHash = hashedPassword,
                 MasterPasswordHint = Hint,
                 Key = encKey.Item2.EncryptedString,
-                Kdf = kdf,
-                KdfIterations = kdfIterations,
+                Kdf = kdfConfig.Type,
+                KdfIterations = kdfConfig.Iterations,
+                KdfMemory = kdfConfig.Memory,
+                KdfParallelism = kdfConfig.Parallelism,
                 Keys = new KeysRequest
                 {
                     PublicKey = keys.Item1,
@@ -160,6 +199,7 @@ namespace Bit.App.Pages
                 },
                 CaptchaResponse = _captchaToken,
             };
+
             // TODO: org invite?
 
             try
@@ -208,5 +248,43 @@ namespace Bit.App.Pages
             entry.Focus();
             entry.CursorPosition = String.IsNullOrEmpty(ConfirmMasterPassword) ? 0 : ConfirmMasterPassword.Length;
         }
+
+        private async Task<bool> IsPasswordWeakOrExposed()
+        {
+            try
+            {
+                var title = string.Empty;
+                var message = string.Empty;
+                var exposedPassword = CheckExposedMasterPassword ? await _auditService.PasswordLeakedAsync(MasterPassword) > 0 : false;
+                var weakPassword = PasswordStrengthViewModel.PasswordStrengthLevel <= PasswordStrengthLevel.Weak;
+
+                if (exposedPassword && weakPassword)
+                {
+                    title = AppResources.WeakAndExposedMasterPassword;
+                    message = AppResources.WeakPasswordIdentifiedAndFoundInADataBreachAlertDescription;
+                }
+                else if (exposedPassword)
+                {
+                    title = AppResources.ExposedMasterPassword;
+                    message = AppResources.PasswordFoundInADataBreachAlertDescription;
+                }
+                else if (weakPassword)
+                {
+                    title = AppResources.WeakMasterPassword;
+                    message = AppResources.WeakPasswordIdentifiedUseAStrongPasswordToProtectYourAccount;
+                }
+
+                if (exposedPassword || weakPassword)
+                {
+                    return !await _platformUtilsService.ShowDialogAsync(message, title, AppResources.Yes, AppResources.No);
+                }
+            }
+            catch (Exception ex)
+            {
+                HandleException(ex);
+            }
+
+            return false;
+        }
     }
 }

src/App/Pages/Accounts/SetPasswordPageViewModel.cs

@@ -5,6 +5,7 @@ using System.Text.RegularExpressions;
 using System.Threading.Tasks;
 using Bit.App.Abstractions;
 using Bit.App.Resources;
+using Bit.App.Utilities;
 using Bit.Core;
 using Bit.Core.Abstractions;
 using Bit.Core.Enums;
@@ -137,8 +138,8 @@ namespace Bit.App.Pages
             }
             if (IsPolicyInEffect)
             {
-                var userInput = await GetPasswordStrengthUserInput();
-                var passwordStrength = _passwordGenerationService.PasswordStrength(MasterPassword, userInput);
+                var userInputs = _passwordGenerationService.GetPasswordStrengthUserInput(await _stateService.GetEmailAsync());
+                var passwordStrength = _passwordGenerationService.PasswordStrength(MasterPassword, userInputs);
                 if (!await _policyService.EvaluateMasterPassword(passwordStrength.Score, MasterPassword, Policy))
                 {
                     await Page.DisplayAlert(AppResources.MasterPasswordPolicyValidationTitle,
@@ -148,10 +149,10 @@ namespace Bit.App.Pages
             }
             else
             {
-                if (MasterPassword.Length < 8)
+                if (MasterPassword.Length < Constants.MasterPasswordMinimumChars)
                 {
                     await Page.DisplayAlert(AppResources.MasterPasswordPolicyValidationTitle,
-                        AppResources.MasterPasswordLengthValMessage, AppResources.Ok);
+                        string.Format(AppResources.MasterPasswordLengthValMessageX, Constants.MasterPasswordMinimumChars), AppResources.Ok);
                     return;
                 }
             }
@@ -162,10 +163,9 @@ namespace Bit.App.Pages
                 return;
             }
 
-            var kdf = KdfType.PBKDF2_SHA256;
-            var kdfIterations = 100000;
+            var kdfConfig = new KdfConfig(KdfType.PBKDF2_SHA256, Constants.Pbkdf2Iterations, null, null);
             var email = await _stateService.GetEmailAsync();
-            var key = await _cryptoService.MakeKeyAsync(MasterPassword, email, kdf, kdfIterations);
+            var key = await _cryptoService.MakeKeyAsync(MasterPassword, email, kdfConfig);
             var masterPasswordHash = await _cryptoService.HashPasswordAsync(MasterPassword, key, HashPurpose.ServerAuthorization);
             var localMasterPasswordHash = await _cryptoService.HashPasswordAsync(MasterPassword, key, HashPurpose.LocalAuthorization);
 
@@ -186,8 +186,10 @@ namespace Bit.App.Pages
                 MasterPasswordHash = masterPasswordHash,
                 Key = encKey.Item2.EncryptedString,
                 MasterPasswordHint = Hint,
-                Kdf = kdf,
-                KdfIterations = kdfIterations,
+                Kdf = kdfConfig.Type.GetValueOrDefault(KdfType.PBKDF2_SHA256),
+                KdfIterations = kdfConfig.Iterations.GetValueOrDefault(Constants.Pbkdf2Iterations),
+                KdfMemory = kdfConfig.Memory,
+                KdfParallelism = kdfConfig.Parallelism,
                 OrgIdentifier = OrgIdentifier,
                 Keys = new KeysRequest
                 {
@@ -201,8 +203,7 @@ namespace Bit.App.Pages
                 await _deviceActionService.ShowLoadingAsync(AppResources.CreatingAccount);
                 // Set Password and relevant information
                 await _apiService.SetPasswordAsync(request);
-                await _stateService.SetKdfTypeAsync(kdf);
-                await _stateService.SetKdfIterationsAsync(kdfIterations);
+                await _stateService.SetKdfConfigurationAsync(kdfConfig);
                 await _cryptoService.SetKeyAsync(key);
                 await _cryptoService.SetKeyHashAsync(localMasterPasswordHash);
                 await _cryptoService.SetEncKeyAsync(encKey.Item2.EncryptedString);

src/App/Pages/Accounts/UpdateTempPasswordPage.xaml

@@ -46,7 +46,7 @@
                            BackgroundColor="Transparent"
                            BorderColor="{DynamicResource PrimaryColor}">
                         <Label
-                            Text="{u:I18n UpdateMasterPasswordWarning}"
+                            Text="{Binding UpdateMasterPasswordWarningText }"
                             StyleClass="text-muted, text-sm, text-bold"
                             HorizontalTextAlignment="Center" />
                     </Frame>
@@ -74,6 +74,40 @@
                             HorizontalTextAlignment="Start" />
                     </Frame>
                 </Grid>
+                <Grid StyleClass="box-row" IsVisible="{Binding RequireCurrentPassword }">
+                    <Grid.RowDefinitions>
+                        <RowDefinition Height="Auto" />
+                        <RowDefinition Height="*" />
+                    </Grid.RowDefinitions>
+                    <Grid.ColumnDefinitions>
+                        <ColumnDefinition Width="*" />
+                        <ColumnDefinition Width="Auto" />
+                    </Grid.ColumnDefinitions>
+                    <Label
+                        Text="{u:I18n CurrentMasterPassword}"
+                        StyleClass="box-label" 
+                        Grid.Row="0"
+                        Grid.Column="0" />
+                    <controls:MonoEntry
+                        x:Name="_currentMasterPassword"
+                        Text="{Binding CurrentMasterPassword}"
+                        StyleClass="box-value"
+                        IsSpellCheckEnabled="False"
+                        IsTextPredictionEnabled="False"
+                        IsPassword="{Binding ShowPassword, Converter={StaticResource inverseBool}}"
+                        Grid.Row="1"
+                        Grid.Column="0" />
+                    <controls:IconButton
+                        StyleClass="box-row-button, box-row-button-platform"
+                        Text="{Binding ShowPasswordIcon}"
+                        Command="{Binding TogglePasswordCommand}"
+                        Grid.Row="0"
+                        Grid.Column="1"
+                        Grid.RowSpan="2"
+                        AutomationProperties.IsInAccessibleTree="True"
+                        AutomationProperties.Name="{u:I18n ToggleVisibility}"
+                        AutomationProperties.HelpText="{Binding PasswordVisibilityAccessibilityText}" />
+                </Grid>
                 <Grid StyleClass="box-row">
                     <Grid.RowDefinitions>
                         <RowDefinition Height="Auto" />

src/App/Pages/Accounts/UpdateTempPasswordPageViewModel.cs

@@ -1,27 +1,68 @@
 using System;
 using System.Threading.Tasks;
 using Bit.App.Resources;
+using Bit.Core.Abstractions;
+using Bit.Core.Enums;
 using Bit.Core.Exceptions;
+using Bit.Core.Models.Domain;
 using Bit.Core.Models.Request;
+using Bit.Core.Utilities;
+using Xamarin.CommunityToolkit.ObjectModel;
 using Xamarin.Forms;
 
 namespace Bit.App.Pages
 {
     public class UpdateTempPasswordPageViewModel : BaseChangePasswordViewModel
     {
+        private readonly IUserVerificationService _userVerificationService;
+
+        private ForcePasswordResetReason _reason = ForcePasswordResetReason.AdminForcePasswordReset;
+
         public UpdateTempPasswordPageViewModel()
         {
             PageTitle = AppResources.UpdateMasterPassword;
             TogglePasswordCommand = new Command(TogglePassword);
             ToggleConfirmPasswordCommand = new Command(ToggleConfirmPassword);
-            SubmitCommand = new Command(async () => await SubmitAsync());
+            SubmitCommand = new AsyncCommand(SubmitAsync,
+                onException: ex => HandleException(ex),
+                allowsMultipleExecutions: false);
+
+            _userVerificationService = ServiceContainer.Resolve<IUserVerificationService>();
         }
 
-        public Command SubmitCommand { get; }
+        public AsyncCommand SubmitCommand { get; }
         public Command TogglePasswordCommand { get; }
         public Command ToggleConfirmPasswordCommand { get; }
         public Action UpdateTempPasswordSuccessAction { get; set; }
         public Action LogOutAction { get; set; }
+        public string CurrentMasterPassword { get; set; }
+
+        public override async Task InitAsync(bool forceSync = false)
+        {
+            await base.InitAsync(forceSync);
+
+            var forcePasswordResetReason = await _stateService.GetForcePasswordResetReasonAsync();
+
+            if (forcePasswordResetReason.HasValue)
+            {
+                _reason = forcePasswordResetReason.Value;
+            }
+        }
+
+        public bool RequireCurrentPassword
+        {
+            get => _reason == ForcePasswordResetReason.WeakMasterPasswordOnLogin;
+        }
+
+        public string UpdateMasterPasswordWarningText
+        {
+            get
+            {
+                return _reason == ForcePasswordResetReason.WeakMasterPasswordOnLogin
+                    ? AppResources.UpdateWeakMasterPasswordWarning
+                    : AppResources.UpdateMasterPasswordWarning;
+            }
+        }
 
         public void TogglePassword()
         {
@@ -42,33 +83,46 @@ namespace Bit.App.Pages
                 return;
             }
 
+            if (RequireCurrentPassword &&
+                !await _userVerificationService.VerifyUser(CurrentMasterPassword, VerificationType.MasterPassword))
+            {
+                return;
+            }
+
             // Retrieve details for key generation
-            var kdf = await _stateService.GetKdfTypeAsync();
-            var kdfIterations = await _stateService.GetKdfIterationsAsync();
+            var kdfConfig = await _stateService.GetActiveUserCustomDataAsync(a => new KdfConfig(a?.Profile));
             var email = await _stateService.GetEmailAsync();
 
             // Create new key and hash new password
-            var key = await _cryptoService.MakeKeyAsync(MasterPassword, email, kdf, kdfIterations);
+            var key = await _cryptoService.MakeKeyAsync(MasterPassword, email, kdfConfig);
             var masterPasswordHash = await _cryptoService.HashPasswordAsync(MasterPassword, key);
 
             // Create new encKey for the User
             var newEncKey = await _cryptoService.RemakeEncKeyAsync(key);
 
-            // Create request
-            var request = new UpdateTempPasswordRequest
-            {
-                Key = newEncKey.Item2.EncryptedString,
-                NewMasterPasswordHash = masterPasswordHash,
-                MasterPasswordHint = Hint
-            };
-
             // Initiate API action
             try
             {
                 await _deviceActionService.ShowLoadingAsync(AppResources.UpdatingPassword);
-                await _apiService.PutUpdateTempPasswordAsync(request);
+
+                switch (_reason)
+                {
+                    case ForcePasswordResetReason.AdminForcePasswordReset:
+                        await UpdateTempPasswordAsync(masterPasswordHash, newEncKey.Item2.EncryptedString);
+                        break;
+                    case ForcePasswordResetReason.WeakMasterPasswordOnLogin:
+                        await UpdatePasswordAsync(masterPasswordHash, newEncKey.Item2.EncryptedString);
+                        break;
+                    default:
+                        throw new ArgumentOutOfRangeException();
+                }
                 await _deviceActionService.HideLoadingAsync();
 
+                // Clear the force reset password reason
+                await _stateService.SetForcePasswordResetReasonAsync(null);
+
+                _platformUtilsService.ShowToast(null, null, AppResources.UpdatedMasterPassword);
+
                 UpdateTempPasswordSuccessAction?.Invoke();
             }
             catch (ApiException e)
@@ -86,5 +140,32 @@ namespace Bit.App.Pages
                 }
             }
         }
+
+        private async Task UpdateTempPasswordAsync(string newMasterPasswordHash, string newEncKey)
+        {
+            var request = new UpdateTempPasswordRequest
+            {
+                Key = newEncKey,
+                NewMasterPasswordHash = newMasterPasswordHash,
+                MasterPasswordHint = Hint
+            };
+
+            await _apiService.PutUpdateTempPasswordAsync(request);
+        }
+
+        private async Task UpdatePasswordAsync(string newMasterPasswordHash, string newEncKey)
+        {
+            var currentPasswordHash = await _cryptoService.HashPasswordAsync(CurrentMasterPassword, null);
+
+            var request = new PasswordRequest
+            {
+                MasterPasswordHash = currentPasswordHash,
+                Key = newEncKey,
+                NewMasterPasswordHash = newMasterPasswordHash,
+                MasterPasswordHint = Hint
+            };
+
+            await _apiService.PostPasswordAsync(request);
+        }
     }
 }

src/App/Pages/BaseContentPage.cs

@@ -129,8 +129,8 @@ namespace Bit.App.Pages
         {
             if (useCurrentActiveAccount)
             {
-                return new AvatarImageSource(await _stateService.GetActiveUserIdAsync(),
-                    await _stateService.GetNameAsync(), await _stateService.GetEmailAsync());
+                var user = await _stateService.GetActiveUserCustomDataAsync(a => (a?.Profile?.UserId, a?.Profile?.Name, a?.Profile?.Email, a?.Profile?.AvatarColor));
+                return new AvatarImageSource(user.UserId, user.Name, user.Email, user.AvatarColor);
             }
             return new AvatarImageSource();
         }

src/App/Pages/BaseViewModel.cs

@@ -3,6 +3,7 @@ using Bit.App.Abstractions;
 using Bit.App.Controls;
 using Bit.App.Resources;
 using Bit.Core.Abstractions;
+using Bit.Core.Exceptions;
 using Bit.Core.Services;
 using Bit.Core.Utilities;
 using Xamarin.Forms;
@@ -33,6 +34,11 @@ namespace Bit.App.Pages
 
         protected void HandleException(Exception ex, string message = null)
         {
+            if (ex is ApiException apiException && apiException.Error != null)
+            {
+                message = apiException.Error.GetSingleMessage();
+            }
+
             Xamarin.Essentials.MainThread.InvokeOnMainThreadAsync(async () =>
             {
                 await _deviceActionService.Value.HideLoadingAsync();

src/App/Pages/Generator/GeneratorPage.xaml

@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8" ?>
+<?xml version="1.0" encoding="utf-8" ?>
 <pages:BaseContentPage 
     xmlns="http://xamarin.com/schemas/2014/forms"
     xmlns:x="http://schemas.microsoft.com/winfx/2009/xaml"
@@ -20,6 +20,7 @@
         <ResourceDictionary>
             <u:InverseBoolConverter x:Key="inverseBool" />
             <u:LocalizableEnumConverter x:Key="localizableEnum" />
+            <u:IconGlyphConverter x:Key="iconGlyphConverter" />
             <xct:EnumToBoolConverter x:Key="enumToBool"/>
             <ToolbarItem Text="{u:I18n Cancel}" Command="{Binding CloseCommand}" Order="Primary" Priority="-1"
                          x:Name="_closeItem" x:Key="closeItem" />
@@ -251,7 +252,7 @@
                                 Grid.Row="1"/>
                             <controls:IconButton
                                 StyleClass="box-row-button, box-row-button-platform"
-                                Text="{Binding ShowAnonAddyHiddenValueIcon}"
+                                Text="{Binding ShowAnonAddyApiAccessToken, Converter={StaticResource inverseBool, iconGlyphConverter}, ConverterParameter={x:Static u:BooleanGlyphType.Eye}}"
                                 Command="{Binding ToggleForwardedEmailHiddenValueCommand}"
                                 Grid.Row="1"
                                 Grid.Column="1"/>
@@ -280,7 +281,7 @@
                                 IsPassword="{Binding ShowFirefoxRelayApiAccessToken, Converter={StaticResource inverseBool}}"/>
                             <controls:IconButton
                                 StyleClass="box-row-button, box-row-button-platform"
-                                Text="{Binding ShowFirefoxRelayHiddenValueIcon}"
+                                Text="{Binding ShowFirefoxRelayApiAccessToken, Converter={StaticResource inverseBool, iconGlyphConverter}, ConverterParameter={x:Static u:BooleanGlyphType.Eye}}"
                                 Command="{Binding ToggleForwardedEmailHiddenValueCommand}"
                                 Grid.Row="1"
                                 Grid.Column="1"/>
@@ -301,7 +302,49 @@
                                 IsPassword="{Binding ShowSimpleLoginApiKey, Converter={StaticResource inverseBool}}"/>
                             <controls:IconButton 
                                 StyleClass="box-row-button, box-row-button-platform"
-                                Text="{Binding ShowSimpleLoginHiddenValueIcon}"
+                                Text="{Binding ShowSimpleLoginApiKey, Converter={StaticResource inverseBool, iconGlyphConverter}, ConverterParameter={x:Static u:BooleanGlyphType.Eye}}"
+                                Command="{Binding ToggleForwardedEmailHiddenValueCommand}"
+                                Grid.Row="1"
+                                Grid.Column="1"/>
+                        </Grid>
+                        <!--DUCKDUCKGO OPTIONS-->
+                        <Grid StyleClass="box-row, box-row-input"
+                              IsVisible="{Binding ForwardedEmailServiceSelected, Converter={StaticResource enumToBool}, ConverterParameter={x:Static enums:ForwardedEmailServiceType.DuckDuckGo}}"
+                              Grid.RowDefinitions="Auto,*"
+                              Grid.ColumnDefinitions="*,Auto">
+                            <Label
+                                Text="{u:I18n APIKeyRequiredParenthesis}"
+                                StyleClass="box-label"/>
+                            <Entry
+                                x:Name="_duckDuckGoApiAccessTokenEntry"
+                                Text="{Binding DuckDuckGoApiKey}"
+                                StyleClass="box-value"
+                                Grid.Row="1"
+                                IsPassword="{Binding ShowDuckDuckGoApiKey, Converter={StaticResource inverseBool}}"/>
+                            <controls:IconButton
+                                StyleClass="box-row-button, box-row-button-platform"
+                                Text="{Binding ShowDuckDuckGoApiKey, Converter={StaticResource inverseBool, iconGlyphConverter}, ConverterParameter={x:Static u:BooleanGlyphType.Eye}}"
+                                Command="{Binding ToggleForwardedEmailHiddenValueCommand}"
+                                Grid.Row="1"
+                                Grid.Column="1"/>
+                        </Grid>
+                        <!--FASTMAIL OPTIONS-->
+                        <Grid StyleClass="box-row, box-row-input"
+                              IsVisible="{Binding ForwardedEmailServiceSelected, Converter={StaticResource enumToBool}, ConverterParameter={x:Static enums:ForwardedEmailServiceType.Fastmail}}"
+                              Grid.RowDefinitions="Auto,*"
+                              Grid.ColumnDefinitions="*,Auto">
+                            <Label
+                                Text="{u:I18n APIKeyRequiredParenthesis}"
+                                StyleClass="box-label"/>
+                            <Entry
+                                x:Name="_fastmailApiAccessTokenEntry"
+                                Text="{Binding FastmailApiKey}"
+                                StyleClass="box-value"
+                                Grid.Row="1"
+                                IsPassword="{Binding ShowFastmailApiKey, Converter={StaticResource inverseBool}}"/>
+                            <controls:IconButton
+                                StyleClass="box-row-button, box-row-button-platform"
+                                Text="{Binding ShowFastmailApiKey, Converter={StaticResource iconGlyphConverter}, ConverterParameter={x:Static u:BooleanGlyphType.Eye}}"
                                 Command="{Binding ToggleForwardedEmailHiddenValueCommand}"
                                 Grid.Row="1"
                                 Grid.Column="1"/>

src/App/Pages/Generator/GeneratorPageViewModel.cs

@@ -52,6 +52,8 @@ namespace Bit.App.Pages
         private bool _showFirefoxRelayApiAccessToken;
         private bool _showAnonAddyApiAccessToken;
         private bool _showSimpleLoginApiKey;
+        private bool _showDuckDuckGoApiKey;
+        private bool _showFastmailApiKey;
         private bool _editMode;
 
         public GeneratorPageViewModel()
@@ -79,6 +81,8 @@ namespace Bit.App.Pages
 
             ForwardedEmailServiceTypeOptions = new List<ForwardedEmailServiceType> {
                 ForwardedEmailServiceType.AnonAddy,
+                ForwardedEmailServiceType.DuckDuckGo,
+                ForwardedEmailServiceType.Fastmail,
                 ForwardedEmailServiceType.FirefoxRelay,
                 ForwardedEmailServiceType.SimpleLogin
             };
@@ -461,15 +465,9 @@ namespace Bit.App.Pages
             {
                 return _showAnonAddyApiAccessToken;
             }
-            set => SetProperty(ref _showAnonAddyApiAccessToken, value,
-                additionalPropertyNames: new string[]
-                {
-                    nameof(ShowAnonAddyHiddenValueIcon)
-                });
+            set => SetProperty(ref _showAnonAddyApiAccessToken, value);
         }
 
-        public string ShowAnonAddyHiddenValueIcon => _showAnonAddyApiAccessToken ? BitwardenIcons.EyeSlash : BitwardenIcons.Eye;
-
         public string AnonAddyDomainName
         {
             get => _usernameOptions.AnonAddyDomainName;
@@ -504,15 +502,9 @@ namespace Bit.App.Pages
             {
                 return _showFirefoxRelayApiAccessToken;
             }
-            set => SetProperty(ref _showFirefoxRelayApiAccessToken, value,
-                additionalPropertyNames: new string[]
-                {
-                    nameof(ShowFirefoxRelayHiddenValueIcon)
-                });
+            set => SetProperty(ref _showFirefoxRelayApiAccessToken, value);
         }
 
-        public string ShowFirefoxRelayHiddenValueIcon => _showFirefoxRelayApiAccessToken ? BitwardenIcons.EyeSlash : BitwardenIcons.Eye;
-
         public string SimpleLoginApiKey
         {
             get => _usernameOptions.SimpleLoginApiKey;
@@ -533,14 +525,55 @@ namespace Bit.App.Pages
             {
                 return _showSimpleLoginApiKey;
             }
-            set => SetProperty(ref _showSimpleLoginApiKey, value,
-                additionalPropertyNames: new string[]
-                {
-                    nameof(ShowSimpleLoginHiddenValueIcon)
-                });
+            set => SetProperty(ref _showSimpleLoginApiKey, value);
         }
 
-        public string ShowSimpleLoginHiddenValueIcon => _showSimpleLoginApiKey ? BitwardenIcons.EyeSlash : BitwardenIcons.Eye;
+        public string DuckDuckGoApiKey
+        {
+            get => _usernameOptions.DuckDuckGoApiKey;
+            set
+            {
+                if (_usernameOptions.DuckDuckGoApiKey != value)
+                {
+                    _usernameOptions.DuckDuckGoApiKey = value;
+                    TriggerPropertyChanged(nameof(DuckDuckGoApiKey));
+                    SaveUsernameOptionsAsync(false).FireAndForget();
+                }
+            }
+        }
+
+        public bool ShowDuckDuckGoApiKey
+        {
+            get
+            {
+                return _showDuckDuckGoApiKey;
+            }
+            set => SetProperty(ref _showDuckDuckGoApiKey, value);
+        }
+
+
+        public string FastmailApiKey
+        {
+            get => _usernameOptions.FastMailApiKey;
+            set
+            {
+                if (_usernameOptions.FastMailApiKey != value)
+                {
+                    _usernameOptions.FastMailApiKey = value;
+                    TriggerPropertyChanged(nameof(FastmailApiKey));
+                    SaveUsernameOptionsAsync(false).FireAndForget();
+                }
+            }
+        }
+
+        public bool ShowFastmailApiKey
+        {
+            get
+            {
+                return _showFastmailApiKey;
+            }
+            set => SetProperty(ref _showFastmailApiKey, value);
+        }
 
         public bool CapitalizeRandomWordUsername
         {
@@ -778,6 +811,8 @@ namespace Bit.App.Pages
             TriggerPropertyChanged(nameof(FirefoxRelayApiAccessToken));
             TriggerPropertyChanged(nameof(AnonAddyDomainName));
             TriggerPropertyChanged(nameof(AnonAddyApiAccessToken));
+            TriggerPropertyChanged(nameof(DuckDuckGoApiKey));
+            TriggerPropertyChanged(nameof(FastmailApiKey));
             TriggerPropertyChanged(nameof(CatchAllEmailDomain));
             TriggerPropertyChanged(nameof(ForwardedEmailServiceSelected));
             TriggerPropertyChanged(nameof(UsernameTypeSelected));
@@ -849,6 +884,12 @@ namespace Bit.App.Pages
                 case ForwardedEmailServiceType.SimpleLogin:
                     ShowSimpleLoginApiKey = !ShowSimpleLoginApiKey;
                     break;
+                case ForwardedEmailServiceType.DuckDuckGo:
+                    ShowDuckDuckGoApiKey = !ShowDuckDuckGoApiKey;
+                    break;
+                case ForwardedEmailServiceType.Fastmail:
+                    ShowFastmailApiKey = !ShowFastmailApiKey;
+                    break;
             }
         }
     }

src/App/Pages/Settings/LoginPasswordlessRequestsListPage.xaml

@@ -0,0 +1,107 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<pages:BaseContentPage 
+    xmlns="http://xamarin.com/schemas/2014/forms"
+    xmlns:x="http://schemas.microsoft.com/winfx/2009/xaml"
+    xmlns:xct="http://xamarin.com/schemas/2020/toolkit"
+    x:Class="Bit.App.Pages.LoginPasswordlessRequestsListPage"
+    xmlns:pages="clr-namespace:Bit.App.Pages"
+    x:DataType="pages:LoginPasswordlessRequestsListViewModel"
+    xmlns:models="clr-namespace:Bit.Core.Models.Response;assembly=BitwardenCore"
+    xmlns:core="clr-namespace:Bit.Core;assembly=BitwardenCore"
+    xmlns:controls="clr-namespace:Bit.App.Controls"
+    xmlns:u="clr-namespace:Bit.App.Utilities"
+    Title="{Binding PageTitle}">
+    
+    <ContentPage.BindingContext>
+        <pages:LoginPasswordlessRequestsListViewModel />
+    </ContentPage.BindingContext>
+
+     <ContentPage.ToolbarItems>
+            <ToolbarItem Text="{u:I18n Close}" Clicked="Close_Clicked" Order="Primary" Priority="-1" />
+    </ContentPage.ToolbarItems>
+
+    <ContentPage.Resources>
+        <ResourceDictionary>
+            <u:DateTimeConverter x:Key="dateTime" />
+            <xct:ItemSelectedEventArgsConverter x:Key="ItemSelectedEventArgsConverter" />
+            <controls:SelectionChangedEventArgsConverter x:Key="SelectionChangedEventArgsConverter" />
+            <DataTemplate
+                x:Key="loginRequestTemplate"
+                x:DataType="models:PasswordlessLoginResponse">
+                    <Grid
+                        Padding="10, 0"
+                        RowSpacing="0"
+                        RowDefinitions="*, Auto, *, 10"
+                        ColumnDefinitions="*, *">
+                        <Label
+                            Text="{u:I18n FingerprintPhrase}"
+                            FontSize="Small"
+                            Padding="0, 10, 0 ,0"
+                            FontAttributes="Bold"/>
+                        <controls:MonoLabel
+                            FormattedText="{Binding FingerprintPhrase}"
+                            Grid.Row="1"
+                            Grid.ColumnSpan="2"
+                            FontSize="Small"
+                            Padding="0, 5, 0, 10"
+                            VerticalTextAlignment="Center"
+                            TextColor="{DynamicResource FingerprintPhrase}"/>
+                        <Label
+                            Grid.Row="2"
+                            HorizontalOptions="Start"
+                            HorizontalTextAlignment="Start"
+                            Text="{Binding RequestDeviceType}"
+                            StyleClass="list-header-sub" />
+                        <Label
+                            Grid.Row="2"
+                            Grid.Column="1"
+                            HorizontalOptions="End"
+                            HorizontalTextAlignment="End"
+                            Text="{Binding CreationDate, Converter={StaticResource dateTime}}"
+                            StyleClass="list-header-sub" />
+                        <BoxView
+                            StyleClass="list-section-separator-top, list-section-separator-top-platform"
+                            VerticalOptions="End"
+                            Grid.Row="3"
+                            Grid.ColumnSpan="2"/>
+                    </Grid>
+	        </DataTemplate>
+
+            <StackLayout
+                x:Key="mainLayout"
+                x:Name="_mainLayout"
+                Padding="0, 10">
+                <RefreshView
+                    IsRefreshing="{Binding IsRefreshing}"
+                    Command="{Binding RefreshCommand}"
+                    VerticalOptions="FillAndExpand"
+                    BackgroundColor="{DynamicResource BackgroundColor}">
+                    <controls:ExtendedCollectionView
+                        ItemsSource="{Binding LoginRequests}"
+                        ItemTemplate="{StaticResource loginRequestTemplate}"
+                        SelectionMode="Single"
+                        ExtraDataForLogging="Login requests page" >
+                        <controls:ExtendedCollectionView.Behaviors>
+                            <xct:EventToCommandBehavior
+                                EventName="SelectionChanged"
+                                Command="{Binding AnswerRequestCommand}"
+                                EventArgsConverter="{StaticResource SelectionChangedEventArgsConverter}" />
+                        </controls:ExtendedCollectionView.Behaviors>
+                    </controls:ExtendedCollectionView>
+                </RefreshView>
+                <controls:IconLabelButton
+                        VerticalOptions="End"
+                        Margin="10,0"
+                        Icon="{Binding Source={x:Static core:BitwardenIcons.Trash}}"
+                        Label="{u:I18n DeclineAllRequests}"
+                        ButtonCommand="{Binding DeclineAllRequestsCommand}"/>
+            </StackLayout>
+        </ResourceDictionary>
+    </ContentPage.Resources>
+
+    <ContentView 
+        x:Name="_mainContent">
+    </ContentView>
+
+</pages:BaseContentPage>
+

src/App/Pages/Settings/LoginPasswordlessRequestsListPage.xaml.cs

@@ -0,0 +1,38 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using Bit.Core.Abstractions;
+using Bit.Core.Models.Response;
+using Bit.Core.Utilities;
+using Xamarin.Forms;
+
+namespace Bit.App.Pages
+{
+    public partial class LoginPasswordlessRequestsListPage : BaseContentPage
+    {
+        private LoginPasswordlessRequestsListViewModel _vm;
+
+        public LoginPasswordlessRequestsListPage()
+        {
+            InitializeComponent();
+            SetActivityIndicator(_mainContent);
+            _vm = BindingContext as LoginPasswordlessRequestsListViewModel;
+            _vm.Page = this;
+        }
+
+        protected override async void OnAppearing()
+        {
+            base.OnAppearing();
+            await LoadOnAppearedAsync(_mainLayout, false, _vm.RefreshAsync, _mainContent);
+        }
+
+        private async void Close_Clicked(object sender, System.EventArgs e)
+        {
+            if (DoOnce())
+            {
+                await Navigation.PopModalAsync();
+            }
+        }
+    }
+}
+

src/App/Pages/Settings/LoginPasswordlessRequestsListViewModel.cs

@@ -0,0 +1,139 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using System.Windows.Input;
+using Bit.App.Abstractions;
+using Bit.App.Resources;
+using Bit.Core.Abstractions;
+using Bit.Core.Models.Response;
+using Bit.Core.Utilities;
+using Xamarin.CommunityToolkit.ObjectModel;
+using Xamarin.Forms;
+
+namespace Bit.App.Pages
+{
+    public class LoginPasswordlessRequestsListViewModel : BaseViewModel
+    {
+        private readonly IAuthService _authService;
+        private readonly IStateService _stateService;
+        private readonly IDeviceActionService _deviceActionService;
+        private readonly IPlatformUtilsService _platformUtilsService;
+        private bool _isRefreshing;
+
+        public LoginPasswordlessRequestsListViewModel()
+        {
+            _authService = ServiceContainer.Resolve<IAuthService>();
+            _stateService = ServiceContainer.Resolve<IStateService>();
+            _deviceActionService = ServiceContainer.Resolve<IDeviceActionService>();
+            _platformUtilsService = ServiceContainer.Resolve<IPlatformUtilsService>();
+
+            PageTitle = AppResources.PendingLogInRequests;
+            LoginRequests = new ObservableRangeCollection<PasswordlessLoginResponse>();
+
+            AnswerRequestCommand = new AsyncCommand<PasswordlessLoginResponse>(PasswordlessLoginAsync,
+                onException: ex => HandleException(ex),
+                allowsMultipleExecutions: false);
+
+            DeclineAllRequestsCommand = new AsyncCommand(DeclineAllRequestsAsync,
+                onException: ex => HandleException(ex),
+                allowsMultipleExecutions: false);
+
+            RefreshCommand = new Command(async () => await RefreshAsync());
+        }
+
+        public ICommand RefreshCommand { get; }
+
+        public AsyncCommand<PasswordlessLoginResponse> AnswerRequestCommand { get; }
+
+        public AsyncCommand DeclineAllRequestsCommand { get; }
+
+        public ObservableRangeCollection<PasswordlessLoginResponse> LoginRequests { get; }
+
+        public bool IsRefreshing
+        {
+            get => _isRefreshing;
+            set => SetProperty(ref _isRefreshing, value);
+        }
+
+        public async Task RefreshAsync()
+        {
+            try
+            {
+                IsRefreshing = true;
+                LoginRequests.ReplaceRange(await _authService.GetActivePasswordlessLoginRequestsAsync());
+                if (!LoginRequests.Any())
+                {
+                    Page.Navigation.PopModalAsync().FireAndForget();
+                }
+            }
+            catch (Exception ex)
+            {
+                HandleException(ex);
+            }
+            finally
+            {
+                IsRefreshing = false;
+            }
+        }
+
+        private async Task PasswordlessLoginAsync(PasswordlessLoginResponse request)
+        {
+            if (request.IsExpired)
+            {
+                await _platformUtilsService.ShowDialogAsync(AppResources.LoginRequestHasAlreadyExpired);
+                await Page.Navigation.PopModalAsync();
+                return;
+            }
+
+            var loginRequestData = await _authService.GetPasswordlessLoginRequestByIdAsync(request.Id);
+            if (loginRequestData.IsAnswered)
+            {
+                await _platformUtilsService.ShowDialogAsync(AppResources.ThisRequestIsNoLongerValid);
+                return;
+            }
+
+            var page = new LoginPasswordlessPage(new LoginPasswordlessDetails()
+            {
+                PubKey = loginRequestData.PublicKey,
+                Id = loginRequestData.Id,
+                IpAddress = loginRequestData.RequestIpAddress,
+                Email = await _stateService.GetEmailAsync(),
+                FingerprintPhrase = loginRequestData.FingerprintPhrase,
+                RequestDate = loginRequestData.CreationDate,
+                DeviceType = loginRequestData.RequestDeviceType,
+                Origin = loginRequestData.Origin
+            });
+
+            await Device.InvokeOnMainThreadAsync(() => Application.Current.MainPage.Navigation.PushModalAsync(new NavigationPage(page)));
+        }
+
+        private async Task DeclineAllRequestsAsync()
+        {
+            try
+            {
+                if (!await _platformUtilsService.ShowDialogAsync(AppResources.AreYouSureYouWantToDeclineAllPendingLogInRequests, null, AppResources.Yes, AppResources.No))
+                {
+                    return;
+                }
+
+                await _deviceActionService.ShowLoadingAsync(AppResources.Loading);
+                var taskList = new List<Task>();
+                foreach (var request in LoginRequests)
+                {
+                    taskList.Add(_authService.PasswordlessLoginAsync(request.Id, request.PublicKey, false));
+                }
+                await Task.WhenAll(taskList);
+                await _deviceActionService.HideLoadingAsync();
+                await RefreshAsync();
+                _platformUtilsService.ShowToast("info", null, AppResources.RequestsDeclined);
+            }
+            catch (Exception ex)
+            {
+                HandleException(ex);
+                RefreshAsync().FireAndForget();
+            }
+        }
+    }
+}
+

src/App/Pages/Settings/OptionsPage.xaml

@@ -80,6 +80,22 @@
                     Text="{u:I18n ClearClipboardDescription}"
                     StyleClass="box-footer-label" />
             </StackLayout>
+            <StackLayout StyleClass="box">
+                <StackLayout StyleClass="box-row, box-row-input, box-row-input-options-platform">
+                    <Label
+                        Text="{u:I18n Language}"
+                        StyleClass="box-label" />
+                    <Picker
+                        x:Name="_languagePicker"
+                        ItemsSource="{Binding LocalesOptions, Mode=OneTime}"
+                        SelectedItem="{Binding SelectedLocale}"
+                        ItemDisplayBinding="{Binding Value}"
+                        StyleClass="box-value" />
+                </StackLayout>
+                <Label
+                    Text="{u:I18n LanguageChangeRequiresAppRestart}"
+                    StyleClass="box-footer-label" />
+            </StackLayout>
             <StackLayout StyleClass="box">
                 <StackLayout StyleClass="box-row, box-row-switch">
                     <Label

src/App/Pages/Settings/OptionsPage.xaml.cs

@@ -34,6 +34,7 @@ namespace Bit.App.Pages
                 _autoDarkThemePicker.On<iOS>().SetUpdateMode(UpdateMode.WhenFinished);
                 _uriMatchPicker.On<iOS>().SetUpdateMode(UpdateMode.WhenFinished);
                 _clearClipboardPicker.On<iOS>().SetUpdateMode(UpdateMode.WhenFinished);
+                _languagePicker.On<iOS>().SetUpdateMode(UpdateMode.WhenFinished);
             }
         }
 

src/App/Pages/Settings/OptionsPageViewModel.cs

@@ -1,4 +1,5 @@
 using System.Collections.Generic;
+using System.Linq;
 using System.Threading.Tasks;
 using Bit.App.Resources;
 using Bit.App.Utilities;
@@ -14,7 +15,8 @@ namespace Bit.App.Pages
     {
         private readonly IStateService _stateService;
         private readonly IMessagingService _messagingService;
-
+        private readonly II18nService _i18nService;
+        private readonly IPlatformUtilsService _platformUtilsService;
 
         private bool _autofillSavePrompt;
         private string _autofillBlockedUris;
@@ -24,6 +26,7 @@ namespace Bit.App.Pages
         private int _themeSelectedIndex;
         private int _autoDarkThemeSelectedIndex;
         private int _uriMatchSelectedIndex;
+        private KeyValuePair<string, string> _selectedLocale;
         private bool _inited;
         private bool _updatingAutofill;
         private bool _showAndroidAutofillSettings;
@@ -32,6 +35,8 @@ namespace Bit.App.Pages
         {
             _stateService = ServiceContainer.Resolve<IStateService>("stateService");
             _messagingService = ServiceContainer.Resolve<IMessagingService>("messagingService");
+            _i18nService = ServiceContainer.Resolve<II18nService>();
+            _platformUtilsService = ServiceContainer.Resolve<IPlatformUtilsService>();
 
             PageTitle = AppResources.Options;
             var iosIos = Device.RuntimePlatform == Device.iOS;
@@ -74,12 +79,18 @@ namespace Bit.App.Pages
                 new KeyValuePair<UriMatchType?, string>(UriMatchType.Exact, AppResources.Exact),
                 new KeyValuePair<UriMatchType?, string>(UriMatchType.Never, AppResources.Never),
             };
+            LocalesOptions = new List<KeyValuePair<string, string>>
+            {
+                new KeyValuePair<string, string>(null, AppResources.DefaultSystem)
+            };
+            LocalesOptions.AddRange(_i18nService.LocaleNames.ToList());
         }
 
         public List<KeyValuePair<int?, string>> ClearClipboardOptions { get; set; }
         public List<KeyValuePair<string, string>> ThemeOptions { get; set; }
         public List<KeyValuePair<string, string>> AutoDarkThemeOptions { get; set; }
         public List<KeyValuePair<UriMatchType?, string>> UriMatchOptions { get; set; }
+        public List<KeyValuePair<string, string>> LocalesOptions { get; }
 
         public int ClearClipboardSelectedIndex
         {
@@ -133,6 +144,18 @@ namespace Bit.App.Pages
             }
         }
 
+        public KeyValuePair<string, string> SelectedLocale
+        {
+            get => _selectedLocale;
+            set
+            {
+                if (SetProperty(ref _selectedLocale, value))
+                {
+                    UpdateCurrentLocaleAsync().FireAndForget();
+                }
+            }
+        }
+
         public bool Favicon
         {
             get => _favicon;
@@ -184,19 +207,30 @@ namespace Bit.App.Pages
         public async Task InitAsync()
         {
             AutofillSavePrompt = !(await _stateService.GetAutofillDisableSavePromptAsync()).GetValueOrDefault();
+
             var blockedUrisList = await _stateService.GetAutofillBlacklistedUrisAsync();
             AutofillBlockedUris = blockedUrisList != null ? string.Join(", ", blockedUrisList) : null;
+
             AutoTotpCopy = !(await _stateService.GetDisableAutoTotpCopyAsync() ?? false);
+
             Favicon = !(await _stateService.GetDisableFaviconAsync()).GetValueOrDefault();
+
             var theme = await _stateService.GetThemeAsync();
             ThemeSelectedIndex = ThemeOptions.FindIndex(k => k.Key == theme);
+
             var autoDarkTheme = await _stateService.GetAutoDarkThemeAsync() ?? "dark";
             AutoDarkThemeSelectedIndex = AutoDarkThemeOptions.FindIndex(k => k.Key == autoDarkTheme);
+
             var defaultUriMatch = await _stateService.GetDefaultUriMatchAsync();
             UriMatchSelectedIndex = defaultUriMatch == null ? 0 :
                 UriMatchOptions.FindIndex(k => (int?)k.Key == defaultUriMatch);
+
             var clearClipboard = await _stateService.GetClearClipboardAsync();
             ClearClipboardSelectedIndex = ClearClipboardOptions.FindIndex(k => k.Key == clearClipboard);
+
+            var appLocale = _stateService.GetLocale();
+            SelectedLocale = appLocale == null ? LocalesOptions.First() : LocalesOptions.FirstOrDefault(kv => kv.Key == appLocale);
+
             _inited = true;
         }
 
@@ -288,5 +322,17 @@ namespace Bit.App.Pages
                 catch { }
             }
         }
+
+        private async Task UpdateCurrentLocaleAsync()
+        {
+            if (!_inited)
+            {
+                return;
+            }
+
+            _stateService.SetLocale(SelectedLocale.Key);
+
+            await _platformUtilsService.ShowDialogAsync(string.Format(AppResources.LanguageChangeXDescription, SelectedLocale.Value), AppResources.Language, AppResources.Ok);
+        }
     }
 }

src/App/Pages/Settings/SettingsPage/SettingsPageViewModel.cs

@@ -7,9 +7,7 @@ using Bit.App.Pages.Accounts;
 using Bit.App.Resources;
 using Bit.Core.Abstractions;
 using Bit.Core.Enums;
-using Bit.Core.Models;
 using Bit.Core.Models.Domain;
-using Bit.Core.Models.View;
 using Bit.Core.Services;
 using Bit.Core.Utilities;
 using Xamarin.CommunityToolkit.ObjectModel;
@@ -35,6 +33,7 @@ namespace Bit.App.Pages
         private readonly IClipboardService _clipboardService;
         private readonly ILogger _loggerService;
         private readonly IPushNotificationService _pushNotificationService;
+        private readonly IAuthService _authService;
         private readonly IWatchDeviceService _watchDeviceService;
         private const int CustomVaultTimeoutValue = -100;
 
@@ -49,8 +48,7 @@ namespace Bit.App.Pages
         private bool _reportLoggingEnabled;
         private bool _approvePasswordlessLoginRequests;
         private bool _shouldConnectToWatch;
-
-        private List<KeyValuePair<string, int?>> _vaultTimeouts =
+        private readonly static List<KeyValuePair<string, int?>> VaultTimeoutOptions =
             new List<KeyValuePair<string, int?>>
             {
                 new KeyValuePair<string, int?>(AppResources.Immediately, 0),
@@ -64,7 +62,7 @@ namespace Bit.App.Pages
                 new KeyValuePair<string, int?>(AppResources.Never, null),
                 new KeyValuePair<string, int?>(AppResources.Custom, CustomVaultTimeoutValue),
             };
-        private List<KeyValuePair<string, VaultTimeoutAction>> _vaultTimeoutActions =
+        private readonly static List<KeyValuePair<string, VaultTimeoutAction>> VaultTimeoutActionOptions =
             new List<KeyValuePair<string, VaultTimeoutAction>>
             {
                 new KeyValuePair<string, VaultTimeoutAction>(AppResources.Lock, VaultTimeoutAction.Lock),
@@ -73,6 +71,8 @@ namespace Bit.App.Pages
 
         private Policy _vaultTimeoutPolicy;
         private int? _vaultTimeout;
+        private List<KeyValuePair<string, int?>> _vaultTimeoutOptions = VaultTimeoutOptions;
+        private List<KeyValuePair<string, VaultTimeoutAction>> _vaultTimeoutActionOptions = VaultTimeoutActionOptions;
 
         public SettingsPageViewModel()
         {
@@ -92,8 +92,8 @@ namespace Bit.App.Pages
             _clipboardService = ServiceContainer.Resolve<IClipboardService>("clipboardService");
             _loggerService = ServiceContainer.Resolve<ILogger>("logger");
             _pushNotificationService = ServiceContainer.Resolve<IPushNotificationService>();
+            _authService = ServiceContainer.Resolve<IAuthService>();
             _watchDeviceService = ServiceContainer.Resolve<IWatchDeviceService>();
-
             GroupedItems = new ObservableRangeCollection<ISettingsPageListItem>();
             PageTitle = AppResources.Settings;
 
@@ -116,20 +116,28 @@ namespace Bit.App.Pages
                     _localizeService.GetLocaleShortTime(lastSync.Value));
             }
 
+            _vaultTimeoutPolicy = null;
+            _vaultTimeoutOptions = VaultTimeoutOptions;
+            _vaultTimeoutActionOptions = VaultTimeoutActionOptions;
+
+            _vaultTimeout = await _vaultTimeoutService.GetVaultTimeout();
+            _vaultTimeoutDisplayValue = _vaultTimeoutOptions.FirstOrDefault(o => o.Value == _vaultTimeout).Key;
+            _vaultTimeoutDisplayValue ??= _vaultTimeoutOptions.Where(o => o.Value == CustomVaultTimeoutValue).First().Key;
+
+            var action = await _vaultTimeoutService.GetVaultTimeoutAction() ?? VaultTimeoutAction.Lock;
+            _vaultTimeoutActionDisplayValue = _vaultTimeoutActionOptions.FirstOrDefault(o => o.Value == action).Key;
+
             if (await _policyService.PolicyAppliesToUser(PolicyType.MaximumVaultTimeout))
             {
+                // if we have a vault timeout policy, we need to filter the timeout options
                 _vaultTimeoutPolicy = (await _policyService.GetAll(PolicyType.MaximumVaultTimeout)).First();
-                var minutes = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes").GetValueOrDefault();
-                _vaultTimeouts = _vaultTimeouts.Where(t =>
-                    t.Value <= minutes &&
+                var policyMinutes = _policyService.GetPolicyInt(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_MINUTES);
+                _vaultTimeoutOptions = _vaultTimeoutOptions.Where(t =>
+                    t.Value <= policyMinutes &&
                     (t.Value > 0 || t.Value == CustomVaultTimeoutValue) &&
                     t.Value != null).ToList();
             }
 
-            _vaultTimeout = await _vaultTimeoutService.GetVaultTimeout();
-            _vaultTimeoutDisplayValue = _vaultTimeouts.FirstOrDefault(o => o.Value == _vaultTimeout).Key;
-            var action = await _stateService.GetVaultTimeoutActionAsync() ?? VaultTimeoutAction.Lock;
-            _vaultTimeoutActionDisplayValue = _vaultTimeoutActions.FirstOrDefault(o => o.Value == action).Key;
             var pinSet = await _vaultTimeoutService.IsPinLockSetAsync();
             _pin = pinSet.Item1 || pinSet.Item2;
             _biometric = await _vaultTimeoutService.IsBiometricLockSetAsync();
@@ -144,7 +152,6 @@ namespace Bit.App.Pages
                 !await _keyConnectorService.GetUsesKeyConnector();
             _reportLoggingEnabled = await _loggerService.IsEnabled();
             _approvePasswordlessLoginRequests = await _stateService.GetApprovePasswordlessLoginsAsync();
-
             _shouldConnectToWatch = await _stateService.GetShouldConnectToWatchAsync();
 
             BuildList();
@@ -266,7 +273,7 @@ namespace Bit.App.Pages
         {
             var oldTimeout = _vaultTimeout;
 
-            var options = _vaultTimeouts.Select(
+            var options = _vaultTimeoutOptions.Select(
                 o => o.Key == _vaultTimeoutDisplayValue ? $"✓ {o.Key}" : o.Key).ToArray();
             if (promptOptions)
             {
@@ -277,7 +284,7 @@ namespace Bit.App.Pages
                     return;
                 }
                 var cleanSelection = selection.Replace("✓ ", string.Empty);
-                var selectionOption = _vaultTimeouts.FirstOrDefault(o => o.Key == cleanSelection);
+                var selectionOption = _vaultTimeoutOptions.FirstOrDefault(o => o.Key == cleanSelection);
 
                 // Check if the selected Timeout action is "Never" and if it's different from the previous selected value
                 if (selectionOption.Value == null && selectionOption.Value != oldTimeout)
@@ -295,13 +302,13 @@ namespace Bit.App.Pages
 
             if (_vaultTimeoutPolicy != null)
             {
-                var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes");
+                var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_MINUTES);
 
                 if (newTimeout > maximumTimeout)
                 {
                     await _platformUtilsService.ShowDialogAsync(AppResources.VaultTimeoutToLarge, AppResources.Warning);
                     var timeout = await _vaultTimeoutService.GetVaultTimeout();
-                    _vaultTimeoutDisplayValue = _vaultTimeouts.FirstOrDefault(o => o.Value == timeout).Key ??
+                    _vaultTimeoutDisplayValue = _vaultTimeoutOptions.FirstOrDefault(o => o.Value == timeout).Key ??
                                                 AppResources.Custom;
                     return;
                 }
@@ -374,7 +381,13 @@ namespace Bit.App.Pages
 
         public async Task VaultTimeoutActionAsync()
         {
-            var options = _vaultTimeoutActions.Select(o =>
+            if (_vaultTimeoutPolicy != null &&
+                !string.IsNullOrEmpty(_policyService.GetPolicyString(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_ACTION)))
+            {
+                // do nothing if we have a policy set
+                return;
+            }
+            var options = _vaultTimeoutActionOptions.Select(o =>
                 o.Key == _vaultTimeoutActionDisplayValue ? $"✓ {o.Key}" : o.Key).ToArray();
             var selection = await Page.DisplayActionSheet(AppResources.VaultTimeoutAction,
                 AppResources.Cancel, null, options);
@@ -393,7 +406,7 @@ namespace Bit.App.Pages
                     cleanSelection = AppResources.Lock;
                 }
             }
-            var selectionOption = _vaultTimeoutActions.FirstOrDefault(o => o.Key == cleanSelection);
+            var selectionOption = _vaultTimeoutActionOptions.FirstOrDefault(o => o.Key == cleanSelection);
             var changed = _vaultTimeoutActionDisplayValue != selectionOption.Key;
             _vaultTimeoutActionDisplayValue = selectionOption.Key;
             await _vaultTimeoutService.SetVaultTimeoutOptionsAsync(_vaultTimeout,
@@ -422,12 +435,9 @@ namespace Bit.App.Pages
                             AppResources.Yes, AppResources.No);
                     }
 
-                    var kdf = await _stateService.GetKdfTypeAsync();
-                    var kdfIterations = await _stateService.GetKdfIterationsAsync();
+                    var kdfConfig = await _stateService.GetActiveUserCustomDataAsync(a => new KdfConfig(a?.Profile));
                     var email = await _stateService.GetEmailAsync();
-                    var pinKey = await _cryptoService.MakePinKeyAysnc(pin, email,
-                        kdf.GetValueOrDefault(Core.Enums.KdfType.PBKDF2_SHA256),
-                        kdfIterations.GetValueOrDefault(5000));
+                    var pinKey = await _cryptoService.MakePinKeyAysnc(pin, email, kdfConfig);
                     var key = await _cryptoService.GetKeyAsync();
                     var pinProtectedKey = await _cryptoService.EncryptAsync(key.Key, pinKey);
 
@@ -566,6 +576,14 @@ namespace Bit.App.Pages
                     ExecuteAsync = () => TwoStepAsync()
                 }
             };
+            if (_approvePasswordlessLoginRequests)
+            {
+                manageItems.Add(new SettingsPageListItem
+                {
+                    Name = AppResources.PendingLogInRequests,
+                    ExecuteAsync = () => PendingLoginRequestsAsync()
+                });
+            }
             if (_supportsBiometric || _biometric)
             {
                 var biometricName = AppResources.Biometrics;
@@ -592,14 +610,36 @@ namespace Bit.App.Pages
             }
             if (_vaultTimeoutPolicy != null)
             {
-                var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes").GetValueOrDefault();
-                securityItems.Insert(0, new SettingsPageListItem
+                var policyMinutes = _policyService.GetPolicyInt(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_MINUTES);
+                var policyAction = _policyService.GetPolicyString(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_ACTION);
+
+                if (policyMinutes.HasValue || !string.IsNullOrWhiteSpace(policyAction))
                 {
-                    Name = string.Format(AppResources.VaultTimeoutPolicyInEffect,
-                        Math.Floor((float)maximumTimeout / 60),
-                        maximumTimeout % 60),
-                    UseFrame = true,
-                });
+                    string policyAlert;
+                    if (policyMinutes.HasValue && string.IsNullOrWhiteSpace(policyAction))
+                    {
+                        policyAlert = string.Format(AppResources.VaultTimeoutPolicyInEffect,
+                            Math.Floor((float)policyMinutes / 60),
+                            policyMinutes % 60);
+                    }
+                    else if (!policyMinutes.HasValue && !string.IsNullOrWhiteSpace(policyAction))
+                    {
+                        policyAlert = string.Format(AppResources.VaultTimeoutActionPolicyInEffect,
+                            policyAction == PolicyService.TIMEOUT_POLICY_ACTION_LOCK ? AppResources.Lock : AppResources.LogOut);
+                    }
+                    else
+                    {
+                        policyAlert = string.Format(AppResources.VaultTimeoutPolicyWithActionInEffect,
+                            Math.Floor((float)policyMinutes / 60),
+                            policyMinutes % 60,
+                            policyAction == PolicyService.TIMEOUT_POLICY_ACTION_LOCK ? AppResources.Lock : AppResources.LogOut);
+                    }
+                    securityItems.Insert(0, new SettingsPageListItem
+                    {
+                        Name = policyAlert,
+                        UseFrame = true,
+                    });
+                }
             }
             if (Device.RuntimePlatform == Device.Android)
             {
@@ -757,6 +797,25 @@ namespace Bit.App.Pages
             }
         }
 
+        private async Task PendingLoginRequestsAsync()
+        {
+            try
+            {
+                var requests = await _authService.GetActivePasswordlessLoginRequestsAsync();
+                if (requests == null || !requests.Any())
+                {
+                    _platformUtilsService.ShowToast("info", null, AppResources.NoPendingRequests);
+                    return;
+                }
+
+                Page.Navigation.PushModalAsync(new NavigationPage(new LoginPasswordlessRequestsListPage())).FireAndForget();
+            }
+            catch (Exception ex)
+            {
+                HandleException(ex);
+            }
+        }
+
         private bool IncludeLinksWithSubscriptionInfo()
         {
             if (Device.RuntimePlatform == Device.iOS)
@@ -768,12 +827,12 @@ namespace Bit.App.Pages
 
         private VaultTimeoutAction GetVaultTimeoutActionFromKey(string key)
         {
-            return _vaultTimeoutActions.FirstOrDefault(o => o.Key == key).Value;
+            return _vaultTimeoutActionOptions.FirstOrDefault(o => o.Key == key).Value;
         }
 
         private int? GetVaultTimeoutFromKey(string key)
         {
-            return _vaultTimeouts.FirstOrDefault(o => o.Key == key).Value;
+            return _vaultTimeoutOptions.FirstOrDefault(o => o.Key == key).Value;
         }
 
         private string CreateSelectableOption(string option, bool selected) => selected ? $"✓ {option}" : option;
@@ -782,11 +841,6 @@ namespace Bit.App.Pages
 
         public async Task SetScreenCaptureAllowedAsync()
         {
-            if (CoreHelpers.ForceScreenCaptureEnabled())
-            {
-                return;
-            }
-
             try
             {
                 if (!_screenCaptureAllowed

src/App/Pages/TabsPage.cs

@@ -3,6 +3,7 @@ using System.Threading.Tasks;
 using Bit.App.Effects;
 using Bit.App.Models;
 using Bit.App.Resources;
+using Bit.Core;
 using Bit.Core.Abstractions;
 using Bit.Core.Models.Data;
 using Bit.Core.Utilities;
@@ -15,6 +16,7 @@ namespace Bit.App.Pages
         private readonly IBroadcasterService _broadcasterService;
         private readonly IMessagingService _messagingService;
         private readonly IKeyConnectorService _keyConnectorService;
+        private readonly IStateService _stateService;
         private readonly LazyResolve<ILogger> _logger = new LazyResolve<ILogger>("logger");
 
         private NavigationPage _groupingsPage;
@@ -26,6 +28,7 @@ namespace Bit.App.Pages
             _broadcasterService = ServiceContainer.Resolve<IBroadcasterService>("broadcasterService");
             _messagingService = ServiceContainer.Resolve<IMessagingService>("messagingService");
             _keyConnectorService = ServiceContainer.Resolve<IKeyConnectorService>("keyConnectorService");
+            _stateService = ServiceContainer.Resolve<IStateService>();
 
             _groupingsPage = new NavigationPage(new GroupingsPage(true, previousPage: previousPage))
             {
@@ -95,6 +98,13 @@ namespace Bit.App.Pages
             {
                 _messagingService.Send("convertAccountToKeyConnector");
             }
+
+            var forcePasswordResetReason = await _stateService.GetForcePasswordResetReasonAsync();
+
+            if (forcePasswordResetReason.HasValue)
+            {
+                _messagingService.Send(Constants.ForceUpdatePassword);
+            }
         }
 
         protected override void OnDisappearing()

src/App/Pages/Vault/AutofillCiphersPageViewModel.cs

@@ -1,91 +1,29 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
-using Bit.App.Abstractions;
-using Bit.App.Controls;
 using Bit.App.Models;
 using Bit.App.Resources;
 using Bit.App.Utilities;
 using Bit.Core;
-using Bit.Core.Abstractions;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Models.View;
 using Bit.Core.Utilities;
-using Xamarin.CommunityToolkit.ObjectModel;
 using Xamarin.Forms;
 
 namespace Bit.App.Pages
 {
-    public class AutofillCiphersPageViewModel : BaseViewModel
+    public class AutofillCiphersPageViewModel : CipherSelectionPageViewModel
     {
-        private readonly IPlatformUtilsService _platformUtilsService;
-        private readonly IDeviceActionService _deviceActionService;
-        private readonly IAutofillHandler _autofillHandler;
-        private readonly ICipherService _cipherService;
-        private readonly IStateService _stateService;
-        private readonly IPasswordRepromptService _passwordRepromptService;
-        private readonly IMessagingService _messagingService;
-        private readonly ILogger _logger;
+        private CipherType? _fillType;
 
-        private bool _showNoData;
-        private bool _showList;
-        private string _noDataText;
-        private bool _websiteIconsEnabled;
-
-        public AutofillCiphersPageViewModel()
-        {
-            _platformUtilsService = ServiceContainer.Resolve<IPlatformUtilsService>("platformUtilsService");
-            _cipherService = ServiceContainer.Resolve<ICipherService>("cipherService");
-            _deviceActionService = ServiceContainer.Resolve<IDeviceActionService>("deviceActionService");
-            _autofillHandler = ServiceContainer.Resolve<IAutofillHandler>();
-            _stateService = ServiceContainer.Resolve<IStateService>("stateService");
-            _passwordRepromptService = ServiceContainer.Resolve<IPasswordRepromptService>("passwordRepromptService");
-            _messagingService = ServiceContainer.Resolve<IMessagingService>("messagingService");
-            _logger = ServiceContainer.Resolve<ILogger>("logger");
-
-            GroupedItems = new ObservableRangeCollection<IGroupingsPageListItem>();
-            CipherOptionsCommand = new Command<CipherView>(CipherOptionsAsync);
-
-            AccountSwitchingOverlayViewModel = new AccountSwitchingOverlayViewModel(_stateService, _messagingService, _logger)
-            {
-                AllowAddAccountRow = false
-            };
-        }
-
-        public string Name { get; set; }
         public string Uri { get; set; }
-        public Command CipherOptionsCommand { get; set; }
-        public bool LoadedOnce { get; set; }
-        public ObservableRangeCollection<IGroupingsPageListItem> GroupedItems { get; set; }
-        public AccountSwitchingOverlayViewModel AccountSwitchingOverlayViewModel { get; }
 
-        public bool ShowNoData
-        {
-            get => _showNoData;
-            set => SetProperty(ref _showNoData, value);
-        }
-
-        public bool ShowList
-        {
-            get => _showList;
-            set => SetProperty(ref _showList, value);
-        }
-
-        public string NoDataText
-        {
-            get => _noDataText;
-            set => SetProperty(ref _noDataText, value);
-        }
-        public bool WebsiteIconsEnabled
-        {
-            get => _websiteIconsEnabled;
-            set => SetProperty(ref _websiteIconsEnabled, value);
-        }
-
-        public void Init(AppOptions appOptions)
+        public override void Init(AppOptions appOptions)
         {
             Uri = appOptions?.Uri;
+            _fillType = appOptions.FillType;
+
             string name = null;
             if (Uri?.StartsWith(Constants.AndroidAppProtocol) ?? false)
             {
@@ -104,14 +42,11 @@ namespace Bit.App.Pages
             NoDataText = string.Format(AppResources.NoItemsForUri, Name ?? "--");
         }
 
-        public async Task LoadAsync()
+        protected override async Task<List<GroupingsPageListGroup>> LoadGroupedItemsAsync()
         {
-            LoadedOnce = true;
-            ShowList = false;
-            ShowNoData = false;
-            WebsiteIconsEnabled = !(await _stateService.GetDisableFaviconAsync()).GetValueOrDefault();
             var groupedItems = new List<GroupingsPageListGroup>();
             var ciphers = await _cipherService.GetAllDecryptedByUrlAsync(Uri, null);
+
             var matching = ciphers.Item1?.Select(c => new GroupingsPageListItem { Cipher = c }).ToList();
             var hasMatching = matching?.Any() ?? false;
             if (matching?.Any() ?? false)
@@ -119,6 +54,7 @@ namespace Bit.App.Pages
                 groupedItems.Add(
                     new GroupingsPageListGroup(matching, AppResources.MatchingItems, matching.Count, false, true));
             }
+
             var fuzzy = ciphers.Item2?.Select(c =>
                 new GroupingsPageListItem { Cipher = c, FuzzyAutofill = true }).ToList();
             if (fuzzy?.Any() ?? false)
@@ -128,123 +64,88 @@ namespace Bit.App.Pages
                     !hasMatching));
             }
 
-            // TODO: refactor this
-            if (Device.RuntimePlatform == Device.Android
-                ||
-                GroupedItems.Any())
-            {
-                var items = new List<IGroupingsPageListItem>();
-                foreach (var itemGroup in groupedItems)
-                {
-                    items.Add(new GroupingsPageHeaderListItem(itemGroup.Name, itemGroup.ItemCount));
-                    items.AddRange(itemGroup);
-                }
-
-                GroupedItems.ReplaceRange(items);
-            }
-            else
-            {
-                // HACK: we need this on iOS, so that it doesn't crash when adding coming from an empty list
-                var first = true;
-                var items = new List<IGroupingsPageListItem>();
-                foreach (var itemGroup in groupedItems)
-                {
-                    if (!first)
-                    {
-                        items.Add(new GroupingsPageHeaderListItem(itemGroup.Name, itemGroup.ItemCount));
-                    }
-                    else
-                    {
-                        first = false;
-                    }
-                    items.AddRange(itemGroup);
-                }
-
-                if (groupedItems.Any())
-                {
-                    GroupedItems.ReplaceRange(new List<IGroupingsPageListItem> { new GroupingsPageHeaderListItem(groupedItems[0].Name, groupedItems[0].ItemCount) });
-                    GroupedItems.AddRange(items);
-                }
-                else
-                {
-                    GroupedItems.Clear();
-                }
-            }
-            ShowList = groupedItems.Any();
-            ShowNoData = !ShowList;
+            return groupedItems;
         }
 
-        public async Task SelectCipherAsync(CipherView cipher, bool fuzzy)
+        protected override async Task SelectCipherAsync(IGroupingsPageListItem item)
         {
-            if (cipher == null)
+            if (!(item is GroupingsPageListItem listItem) || listItem.Cipher is null)
             {
                 return;
             }
+
+            var cipher = listItem.Cipher;
+
             if (_deviceActionService.SystemMajorVersion() < 21)
             {
                 await AppHelpers.CipherListOptions(Page, cipher, _passwordRepromptService);
+                return;
             }
-            else
+
+            if (cipher.Reprompt != CipherRepromptType.None && !await _passwordRepromptService.ShowPasswordPromptAsync())
             {
-                if (cipher.Reprompt != CipherRepromptType.None && !await _passwordRepromptService.ShowPasswordPromptAsync())
+                return;
+            }
+            var autofillResponse = AppResources.Yes;
+            if (listItem.FuzzyAutofill)
+            {
+                var options = new List<string> { AppResources.Yes };
+                if (cipher.Type == CipherType.Login &&
+                    Xamarin.Essentials.Connectivity.NetworkAccess != Xamarin.Essentials.NetworkAccess.None)
                 {
-                    return;
+                    options.Add(AppResources.YesAndSave);
                 }
-                var autofillResponse = AppResources.Yes;
-                if (fuzzy)
+                autofillResponse = await _deviceActionService.DisplayAlertAsync(null,
+                    string.Format(AppResources.BitwardenAutofillServiceMatchConfirm, Name), AppResources.No,
+                    options.ToArray());
+            }
+            if (autofillResponse == AppResources.YesAndSave && cipher.Type == CipherType.Login)
+            {
+                var uris = cipher.Login?.Uris?.ToList();
+                if (uris == null)
                 {
-                    var options = new List<string> { AppResources.Yes };
-                    if (cipher.Type == CipherType.Login &&
-                        Xamarin.Essentials.Connectivity.NetworkAccess != Xamarin.Essentials.NetworkAccess.None)
-                    {
-                        options.Add(AppResources.YesAndSave);
-                    }
-                    autofillResponse = await _deviceActionService.DisplayAlertAsync(null,
-                        string.Format(AppResources.BitwardenAutofillServiceMatchConfirm, Name), AppResources.No,
-                        options.ToArray());
+                    uris = new List<LoginUriView>();
                 }
-                if (autofillResponse == AppResources.YesAndSave && cipher.Type == CipherType.Login)
+                uris.Add(new LoginUriView
                 {
-                    var uris = cipher.Login?.Uris?.ToList();
-                    if (uris == null)
+                    Uri = Uri,
+                    Match = null
+                });
+                cipher.Login.Uris = uris;
+                try
+                {
+                    await _deviceActionService.ShowLoadingAsync(AppResources.Saving);
+                    await _cipherService.SaveWithServerAsync(await _cipherService.EncryptAsync(cipher));
+                    await _deviceActionService.HideLoadingAsync();
+                }
+                catch (ApiException e)
+                {
+                    await _deviceActionService.HideLoadingAsync();
+                    if (e?.Error != null)
                     {
-                        uris = new List<LoginUriView>();
-                    }
-                    uris.Add(new LoginUriView
-                    {
-                        Uri = Uri,
-                        Match = null
-                    });
-                    cipher.Login.Uris = uris;
-                    try
-                    {
-                        await _deviceActionService.ShowLoadingAsync(AppResources.Saving);
-                        await _cipherService.SaveWithServerAsync(await _cipherService.EncryptAsync(cipher));
-                        await _deviceActionService.HideLoadingAsync();
-                    }
-                    catch (ApiException e)
-                    {
-                        await _deviceActionService.HideLoadingAsync();
-                        if (e?.Error != null)
-                        {
-                            await _platformUtilsService.ShowDialogAsync(e.Error.GetSingleMessage(),
-                                AppResources.AnErrorHasOccurred);
-                        }
+                        await _platformUtilsService.ShowDialogAsync(e.Error.GetSingleMessage(),
+                            AppResources.AnErrorHasOccurred);
                     }
                 }
-                if (autofillResponse == AppResources.Yes || autofillResponse == AppResources.YesAndSave)
-                {
-                    _autofillHandler.Autofill(cipher);
-                }
+            }
+            if (autofillResponse == AppResources.Yes || autofillResponse == AppResources.YesAndSave)
+            {
+                _autofillHandler.Autofill(cipher);
             }
         }
 
-        private async void CipherOptionsAsync(CipherView cipher)
+        protected override async Task AddCipherAsync()
         {
-            if ((Page as BaseContentPage).DoOnce())
+            if (_fillType.HasValue && _fillType != CipherType.Login)
             {
-                await AppHelpers.CipherListOptions(Page, cipher, _passwordRepromptService);
+                var pageForOther = new CipherAddEditPage(type: _fillType, fromAutofill: true);
+                await Page.Navigation.PushModalAsync(new NavigationPage(pageForOther));
+                return;
             }
+
+            var pageForLogin = new CipherAddEditPage(null, CipherType.Login, uri: Uri, name: Name,
+                fromAutofill: true);
+            await Page.Navigation.PushModalAsync(new NavigationPage(pageForLogin));
         }
     }
 }

src/App/Pages/Vault/CipherAddEditPageViewModel.cs

@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
+using Bit.App.Abstractions;
 using Bit.App.Lists.ItemViewModels.CustomFields;
 using Bit.App.Models;
 using Bit.App.Resources;
@@ -30,6 +31,7 @@ namespace Bit.App.Pages
         private readonly IClipboardService _clipboardService;
         private readonly IAutofillHandler _autofillHandler;
         private readonly IWatchDeviceService _watchDeviceService;
+        private readonly IAccountsManager _accountsManager;
 
         private bool _showNotesSeparator;
         private bool _showPassword;
@@ -44,6 +46,8 @@ namespace Bit.App.Pages
         private bool _hasCollections;
         private string _previousCipherId;
         private List<Core.Models.View.CollectionView> _writeableCollections;
+        private bool _fromOtp;
+
         protected override string[] AdditionalPropertiesToRaiseOnCipherChanged => new string[]
         {
             nameof(IsLogin),
@@ -82,6 +86,8 @@ namespace Bit.App.Pages
             _clipboardService = ServiceContainer.Resolve<IClipboardService>("clipboardService");
             _autofillHandler = ServiceContainer.Resolve<IAutofillHandler>();
             _watchDeviceService = ServiceContainer.Resolve<IWatchDeviceService>();
+            _accountsManager = ServiceContainer.Resolve<IAccountsManager>();
+
 
             GeneratePasswordCommand = new Command(GeneratePassword);
             TogglePasswordCommand = new Command(TogglePassword);
@@ -115,6 +121,7 @@ namespace Bit.App.Pages
                 new KeyValuePair<string, string>("JCB", "JCB"),
                 new KeyValuePair<string, string>("Maestro", "Maestro"),
                 new KeyValuePair<string, string>("UnionPay", "UnionPay"),
+                new KeyValuePair<string, string>("RuPay", "RuPay"),
                 new KeyValuePair<string, string>(AppResources.Other, "Other")
             };
             CardExpMonthOptions = new List<KeyValuePair<string, string>>
@@ -139,6 +146,7 @@ namespace Bit.App.Pages
                 new KeyValuePair<string, string>(AppResources.Mr, AppResources.Mr),
                 new KeyValuePair<string, string>(AppResources.Mrs, AppResources.Mrs),
                 new KeyValuePair<string, string>(AppResources.Ms, AppResources.Ms),
+                new KeyValuePair<string, string>(AppResources.Mx, AppResources.Mx),
                 new KeyValuePair<string, string>(AppResources.Dr, AppResources.Dr),
             };
             FolderOptions = new List<KeyValuePair<string, string>>();
@@ -301,6 +309,7 @@ namespace Bit.App.Pages
         public string PasswordVisibilityAccessibilityText => ShowPassword ? AppResources.PasswordIsVisibleTapToHide : AppResources.PasswordIsNotVisibleTapToShow;
         public bool HasTotpValue => IsLogin && !string.IsNullOrEmpty(Cipher?.Login?.Totp);
         public string SetupTotpText => $"{BitwardenIcons.Camera} {AppResources.SetupTotp}";
+
         public void Init()
         {
             PageTitle = EditMode && !CloneMode ? AppResources.EditItem : AppResources.AddItem;
@@ -308,6 +317,8 @@ namespace Bit.App.Pages
 
         public async Task<bool> LoadAsync(AppOptions appOptions = null)
         {
+            _fromOtp = appOptions?.OtpData != null;
+
             var myEmail = await _stateService.GetEmailAsync();
             OwnershipOptions.Add(new KeyValuePair<string, string>(myEmail, null));
             var orgs = await _organizationService.GetAllAsync();
@@ -357,6 +368,10 @@ namespace Bit.App.Pages
                             Cipher.OrganizationId = OrganizationId;
                         }
                     }
+                    if (appOptions?.OtpData != null && Cipher.Type == CipherType.Login)
+                    {
+                        Cipher.Login.Totp = appOptions.OtpData.Value.Uri;
+                    }
                 }
                 else
                 {
@@ -379,6 +394,7 @@ namespace Bit.App.Pages
                         Cipher.Type = appOptions.SaveType.GetValueOrDefault(Cipher.Type);
                         Cipher.Login.Username = appOptions.SaveUsername;
                         Cipher.Login.Password = appOptions.SavePassword;
+                        Cipher.Login.Totp = appOptions.OtpData?.Uri;
                         Cipher.Card.Code = appOptions.SaveCardCode;
                         if (int.TryParse(appOptions.SaveCardExpMonth, out int month) && month <= 12 && month >= 1)
                         {
@@ -423,6 +439,11 @@ namespace Bit.App.Pages
                 {
                     Fields.ResetWithRange(Cipher.Fields?.Select(f => _customFieldItemFactory.CreateCustomFieldItem(f, true, Cipher, null, null, FieldOptionsCommand)));
                 }
+
+                if (appOptions?.OtpData != null)
+                {
+                    _platformUtilsService.ShowToast(null, AppResources.AuthenticatorKey, AppResources.AuthenticatorKeyAdded);
+                }
             }
 
             if (EditMode && _previousCipherId != CipherId)
@@ -516,6 +537,10 @@ namespace Bit.App.Pages
                     // Close and go back to app
                     _autofillHandler.CloseAutofill();
                 }
+                else if (_fromOtp)
+                {
+                    await _accountsManager.StartDefaultNavigationFlowAsync(op => op.OtpData = null);
+                }
                 else
                 {
                     if (CloneMode)

src/App/Pages/Vault/CipherSelectionPage.xaml

@@ -1,19 +1,15 @@
 <?xml version="1.0" encoding="utf-8" ?>
 <pages:BaseContentPage xmlns="http://xamarin.com/schemas/2014/forms"
              xmlns:x="http://schemas.microsoft.com/winfx/2009/xaml"
-             x:Class="Bit.App.Pages.AutofillCiphersPage"
+             xmlns:xct="http://xamarin.com/schemas/2020/toolkit"
+             x:Class="Bit.App.Pages.CipherSelectionPage"
              xmlns:pages="clr-namespace:Bit.App.Pages"
              xmlns:u="clr-namespace:Bit.App.Utilities"
              xmlns:controls="clr-namespace:Bit.App.Controls"
              xmlns:effects="clr-namespace:Bit.App.Effects;assembly=BitwardenApp"
-             x:DataType="pages:AutofillCiphersPageViewModel"
+             x:DataType="pages:CipherSelectionPageViewModel"
              Title="{Binding PageTitle}"
              x:Name="_page">
-
-    <ContentPage.BindingContext>
-        <pages:AutofillCiphersPageViewModel />
-    </ContentPage.BindingContext>
-
     <ContentPage.ToolbarItems>
         <controls:ExtendedToolbarItem
             x:Name="_accountAvatar"
@@ -24,7 +20,7 @@
             UseOriginalImage="True"
             AutomationProperties.IsInAccessibleTree="True"
             AutomationProperties.Name="{u:I18n Account}" />
-        <ToolbarItem Icon="search.png" Clicked="Search_Clicked"
+        <ToolbarItem IconImageSource="search.png" Clicked="Search_Clicked"
                      AutomationProperties.IsInAccessibleTree="True"
                      AutomationProperties.Name="{u:I18n Search}" />
     </ContentPage.ToolbarItems>
@@ -32,6 +28,21 @@
     <ContentPage.Resources>
         <ResourceDictionary>
             <u:InverseBoolConverter x:Key="inverseBool" />
+            <controls:SelectionChangedEventArgsConverter x:Key="SelectionChangedEventArgsConverter" />
+                        
+            <ToolbarItem
+                x:Name="_closeItem"
+                x:Key="_closeItem"
+                Text="{u:I18n Close}"
+                Clicked="CloseItem_Clicked"
+                Order="Primary"
+                Priority="-1" />
+            <ToolbarItem x:Name="_addItem" x:Key="addItem"
+                         IconImageSource="plus.png"
+                         Command="{Binding AddCipherCommand}"
+                         Order="Primary"
+                         AutomationProperties.IsInAccessibleTree="True"
+                         AutomationProperties.Name="{u:I18n AddItem}" />
 
             <DataTemplate x:Key="cipherTemplate"
                           x:DataType="pages:GroupingsPageListItem">
@@ -70,23 +81,44 @@
                     Padding="20, 0"
                     Spacing="20"
                     IsVisible="{Binding ShowNoData}">
+                    <Image
+                        Source="empty_items_state" />
                     <Label
                         Text="{Binding NoDataText}"
                         HorizontalTextAlignment="Center"></Label>
                     <Button
                         Text="{u:I18n AddAnItem}"
-                        Clicked="AddButton_Clicked"></Button>
+                        Command="{Binding AddCipherCommand}" />
                 </StackLayout>
 
+                <Frame
+                    IsVisible="{Binding ShowCallout}"
+                    Padding="10"
+                    Margin="20, 10"
+                    HasShadow="False"
+                    BackgroundColor="Transparent"
+                    BorderColor="{DynamicResource PrimaryColor}">
+                    <Label
+                        Text="{u:I18n AddTheKeyToAnExistingOrNewItem}"
+                        StyleClass="text-muted, text-sm, text-bold"
+                        HorizontalTextAlignment="Center" />
+                </Frame>
+
                 <controls:ExtendedCollectionView
                     IsVisible="{Binding ShowList}"
                     ItemsSource="{Binding GroupedItems}"
                     VerticalOptions="FillAndExpand"
                     ItemTemplate="{StaticResource listItemDataTemplateSelector}"
                     SelectionMode="Single"
-                    SelectionChanged="RowSelected"
                     StyleClass="list, list-platform"
-                    ExtraDataForLogging="Autofill Ciphers Page" />
+                    ExtraDataForLogging="Autofill Ciphers Page">
+                    <controls:ExtendedCollectionView.Behaviors>
+                        <xct:EventToCommandBehavior
+                            EventName="SelectionChanged"
+                            Command="{Binding SelectCipherCommand}"
+                            EventArgsConverter="{StaticResource SelectionChangedEventArgsConverter}" />
+                    </controls:ExtendedCollectionView.Behaviors>
+                </controls:ExtendedCollectionView>
             </StackLayout>
         </ResourceDictionary>
     </ContentPage.Resources>
@@ -104,9 +136,10 @@
         <!-- Android FAB -->
         <Button
             x:Name="_fab"
-            Image="plus.png"
-            Clicked="AddButton_Clicked"
+            ImageSource="plus.png"
+            Command="{Binding AddCipherCommand}"
             Style="{StaticResource btn-fab}"
+            IsVisible="{OnPlatform iOS=false, Android=true}"
             AbsoluteLayout.LayoutFlags="PositionProportional"
             AbsoluteLayout.LayoutBounds="1, 1, AutoSize, AutoSize">
             <Button.Effects>

src/App/Pages/Vault/CipherSelectionPage.xaml.cs

@@ -1,7 +1,6 @@
 using System;
-using System.Linq;
 using System.Threading.Tasks;
-using Bit.App.Controls;
+using Bit.App.Abstractions;
 using Bit.App.Models;
 using Bit.App.Utilities;
 using Bit.Core.Abstractions;
@@ -12,27 +11,46 @@ using Xamarin.Forms;
 
 namespace Bit.App.Pages
 {
-    public partial class AutofillCiphersPage : BaseContentPage
+    public partial class CipherSelectionPage : BaseContentPage
     {
         private readonly AppOptions _appOptions;
         private readonly IBroadcasterService _broadcasterService;
         private readonly ISyncService _syncService;
         private readonly IVaultTimeoutService _vaultTimeoutService;
+        private readonly IAccountsManager _accountsManager;
 
-        private AutofillCiphersPageViewModel _vm;
+        private readonly CipherSelectionPageViewModel _vm;
 
-        public AutofillCiphersPage(AppOptions appOptions)
+        public CipherSelectionPage(AppOptions appOptions)
         {
             _appOptions = appOptions;
+
+            if (appOptions?.OtpData is null)
+            {
+                BindingContext = new AutofillCiphersPageViewModel();
+            }
+            else
+            {
+                BindingContext = new OTPCipherSelectionPageViewModel();
+            }
+
             InitializeComponent();
+
+            if (Device.RuntimePlatform == Device.iOS)
+            {
+                ToolbarItems.Add(_closeItem);
+                ToolbarItems.Add(_addItem);
+            }
+
             SetActivityIndicator(_mainContent);
-            _vm = BindingContext as AutofillCiphersPageViewModel;
+            _vm = BindingContext as CipherSelectionPageViewModel;
             _vm.Page = this;
             _vm.Init(appOptions);
 
             _broadcasterService = ServiceContainer.Resolve<IBroadcasterService>("broadcasterService");
             _syncService = ServiceContainer.Resolve<ISyncService>("syncService");
             _vaultTimeoutService = ServiceContainer.Resolve<IVaultTimeoutService>("vaultTimeoutService");
+            _accountsManager = ServiceContainer.Resolve<IAccountsManager>();
         }
 
         protected async override void OnAppearing()
@@ -51,10 +69,18 @@ namespace Bit.App.Pages
                 return;
             }
 
-            _accountAvatar?.OnAppearing();
-            _vm.AvatarImageSource = await GetAvatarImageSourceAsync();
+            try
+            {
+                // don't crash the app if the avatar can't be loaded, just log the ex
+                _accountAvatar?.OnAppearing();
+                _vm.AvatarImageSource = await GetAvatarImageSourceAsync();
+            }
+            catch (Exception ex)
+            {
+                LoggerHelper.LogEvenIfCantBeResolved(ex);
+            }
 
-            _broadcasterService.Subscribe(nameof(AutofillCiphersPage), async (message) =>
+            _broadcasterService.Subscribe(nameof(CipherSelectionPage), async (message) =>
             {
                 try
                 {
@@ -116,40 +142,44 @@ namespace Bit.App.Pages
             _accountAvatar?.OnDisappearing();
         }
 
-        private async void RowSelected(object sender, SelectionChangedEventArgs e)
+        private void AddButton_Clicked(object sender, System.EventArgs e)
         {
-            ((ExtendedCollectionView)sender).SelectedItem = null;
             if (!DoOnce())
             {
                 return;
             }
-            if (e.CurrentSelection?.FirstOrDefault() is GroupingsPageListItem item && item.Cipher != null)
+
+            if (_vm is AutofillCiphersPageViewModel autofillVM)
             {
-                await _vm.SelectCipherAsync(item.Cipher, item.FuzzyAutofill);
+                AddFromAutofill(autofillVM).FireAndForget();
             }
         }
 
-        private async void AddButton_Clicked(object sender, System.EventArgs e)
+        private async Task AddFromAutofill(AutofillCiphersPageViewModel autofillVM)
         {
-            if (!DoOnce())
-            {
-                return;
-            }
             if (_appOptions.FillType.HasValue && _appOptions.FillType != CipherType.Login)
             {
                 var pageForOther = new CipherAddEditPage(type: _appOptions.FillType, fromAutofill: true);
                 await Navigation.PushModalAsync(new NavigationPage(pageForOther));
                 return;
             }
-            var pageForLogin = new CipherAddEditPage(null, CipherType.Login, uri: _vm.Uri, name: _vm.Name,
+            var pageForLogin = new CipherAddEditPage(null, CipherType.Login, uri: autofillVM.Uri, name: _vm.Name,
                 fromAutofill: true);
             await Navigation.PushModalAsync(new NavigationPage(pageForLogin));
         }
 
-        private void Search_Clicked(object sender, System.EventArgs e)
+        private void Search_Clicked(object sender, EventArgs e)
         {
-            var page = new CiphersPage(null, autofillUrl: _vm.Uri);
-            Application.Current.MainPage = new NavigationPage(page);
+            var page = new CiphersPage(null, appOptions: _appOptions);
+            Navigation.PushModalAsync(new NavigationPage(page)).FireAndForget();
+        }
+
+        void CloseItem_Clicked(object sender, EventArgs e)
+        {
+            if (DoOnce())
+            {
+                _accountsManager.StartDefaultNavigationFlowAsync(op => op.OtpData = null).FireAndForget();
+            }
         }
     }
 }