Reminder for Bitwarden users: Starting in February, users without two-step login (2FA) enabled will need to enter a verification code sent to their email when logging in from an unrecognized device
-
engywuck@lemm.eereplied to Guest 29 days ago last edited by
Well, not really. Vault is cached on your devices, so if you have it unlocked or available on one of them you can always use it to check your 2FA.
By the way, it was a joke. I also use Aegis as a backup.
-
kusimulkku@lemm.eereplied to Guest 29 days ago last edited by
Backup codes.
-
iamthetot@sh.itjust.worksreplied to Guest 29 days ago last edited by
That's what recovery codes are for.
-
eager_eagle@lemmy.worldreplied to Guest 29 days ago last edited by
insanity is also relying on a single 2FA device, ffs
- Have multiple factors
- 3-2-1 vault backups
- Setup emergency access if you have a person you trust
-
giooschi@lemmy.worldreplied to Guest 29 days ago last edited by
Sounds like a second password then.
-
acosmichippo@lemmy.worldreplied to Guest 29 days ago last edited by
...which you keep in a separate secure location in case you lose your 2FA device.
-
giooschi@lemmy.worldreplied to Guest 28 days ago last edited by
Why can't I keep my password in a secure location then?
-
01189998819991197253@infosec.pubreplied to Guest 28 days ago last edited by
Is it possible to change emails on the account? I haven't found how...
-
clusterbomb@lemmy.blahaj.zonereplied to Guest 28 days ago last edited by
It is possible here I think : https://vault.bitwarden.com/#/login
-
acosmichippo@lemmy.worldreplied to Guest 28 days ago last edited by
obviously you do but it can be leaked/phished or hacked in other ways. a second "factor" such as possession of a token device is a safeguard against that.
you can actually read about all this many places online, it's nothing new: https://en.wikipedia.org/wiki/Multi-factor_authentication
-
acosmichippo@lemmy.worldreplied to Guest 28 days ago last edited by
-
secure location in your home (physical copy in a safe or a digital copy on an encrypted disk)
-
in case of a disaster like a home fire where you lose the 2FA device and local backup: in a remote location such as an encrypted file in a cloud service or at a trusted friend/family's house.
-
-
9tr6gyp3@lemmy.worldreplied to Guest 28 days ago last edited by
I know the recommendations. Im suggesting that everyone take a look at those practices and be sure to have them implemented.
If you're not printing out the codes on paper and sticking them in a safe deposit box as a remote backup, you're absolutely risking it.
-
acosmichippo@lemmy.worldreplied to Guest 28 days ago last edited by
I can't believe people are arguing about and downvoting this.
-
01189998819991197253@infosec.pubreplied to Guest 28 days ago last edited by
And this changes the username to the new email, too?
-
acosmichippo@lemmy.worldreplied to Guest 28 days ago last edited by
ok, sorry for answering what appeared to be a genuine question.
-
9tr6gyp3@lemmy.worldreplied to Guest 28 days ago last edited by
Nah you hit the nail on the head. I 100% agree with you. Sorry if I came off brash.
-
clusterbomb@lemmy.blahaj.zonereplied to Guest 28 days ago last edited by
Yep so you have to "switch user" after that on computer and mobile where your old email is remembered.
-
giooschi@lemmy.worldreplied to Guest 28 days ago last edited by
From the wikipedia link you posted:
Account recovery typically bypasses mobile-phone two-factor authentication
It also lists more advantages than disadvantages.
-
acosmichippo@lemmy.worldreplied to Guest 28 days ago last edited by
yes, that's the whole point, to recover your account if you lose your MFA device. what are you even trying to say?
-
quokka1@mastodon.aureplied to Guest 28 days ago last edited by
@ForgottenFlux I lost one of my pair of hardware keys last week. Waiting for replacement to arrive - #Bitwarden will be the first thing I register it into
16/72