diff --git a/src/Core/Services/VaultTimeoutService.cs b/src/Core/Services/VaultTimeoutService.cs
index d9ee8fd44..528dad82e 100644
--- a/src/Core/Services/VaultTimeoutService.cs
+++ b/src/Core/Services/VaultTimeoutService.cs
@@ -63,12 +63,20 @@ namespace Bit.Core.Services
         /// </param>
         public async Task<bool> IsLockedAsync(string userId = null)
         {
+            // If biometrics are used, we can use the flag to determine locked state taking into account the auto unlock key for vault timeout never.
+            var biometricSet = await IsBiometricLockSetAsync(userId);
+            var hasAutoUnlockKey = await _cryptoService.HasAutoUnlockKeyAsync(userId);
+            if (biometricSet && await _stateService.GetBiometricLockedAsync(userId) && !hasAutoUnlockKey)
+            {
+                return true;
+            }
+
             if (!await _cryptoService.HasUserKeyAsync(userId))
             {
                 try
                 {
                     // Filter out accounts without auto key
-                    if (!await _cryptoService.HasAutoUnlockKeyAsync(userId))
+                    if (!hasAutoUnlockKey)
                     {
                         return true;
                     }
@@ -84,7 +92,6 @@ namespace Bit.Core.Services
                     // Legacy users must migrate on web vault before login
                     await LogOutAsync(false, userId);
                 }
-
             }
 
             // Check again to verify auto key was set