Reminder for Bitwarden users: Starting in February, users without two-step login (2FA) enabled will need to enter a verification code sent to their email when logging in from an unrecognized device
-
insanity is also relying on a single 2FA device, ffs
- Have multiple factors
- 3-2-1 vault backups
- Setup emergency access if you have a person you trust
-
Sounds like a second password then.
-
...which you keep in a separate secure location in case you lose your 2FA device.
-
Why can't I keep my password in a secure location then?
-
Is it possible to change emails on the account? I haven't found how...
-
It is possible here I think : https://vault.bitwarden.com/#/login
-
obviously you do but it can be leaked/phished or hacked in other ways. a second "factor" such as possession of a token device is a safeguard against that.
you can actually read about all this many places online, it's nothing new: https://en.wikipedia.org/wiki/Multi-factor_authentication
-
-
secure location in your home (physical copy in a safe or a digital copy on an encrypted disk)
-
in case of a disaster like a home fire where you lose the 2FA device and local backup: in a remote location such as an encrypted file in a cloud service or at a trusted friend/family's house.
-
-
I know the recommendations. Im suggesting that everyone take a look at those practices and be sure to have them implemented.
If you're not printing out the codes on paper and sticking them in a safe deposit box as a remote backup, you're absolutely risking it.
-
I can't believe people are arguing about and downvoting this.
-
And this changes the username to the new email, too?
-
ok, sorry for answering what appeared to be a genuine question.
-
Nah you hit the nail on the head. I 100% agree with you. Sorry if I came off brash.
-
Yep so you have to "switch user" after that on computer and mobile where your old email is remembered.
-
From the wikipedia link you posted:
Account recovery typically bypasses mobile-phone two-factor authentication
It also lists more advantages than disadvantages.
-
yes, that's the whole point, to recover your account if you lose your MFA device. what are you even trying to say?
-
@ForgottenFlux I lost one of my pair of hardware keys last week. Waiting for replacement to arrive - #Bitwarden will be the first thing I register it into
-
Sweet! As long as I don't lose access, I'm good. I've been trying to do that for a while, since I lost access to my old email (my own stupid fault), but couldn't figure out how to do it on the app... because you can't haha I'll have to try that through the webapp! Thanks!
-
My problem with this is my email accounts are locked behind bitwarden. Can't login to email without bitwarden. If both my devices get stolen at the same time I'm fucked. I'm not going to pay for premium to enable a emergency contact.
Downloaded bitwardens authenticatior app. Now firefox on my computer is asking for me to press on a security key which I assume is some sort of biometrics my computer doesn't have.
I love 2FA I just don't see how it is supposed to work if you need bitwarden to open your email to get your 2FA code.
Let's say your backpacking through south america and both your devices get robbed. Your ticket home is in your email. What's the solution here? You can't go to a coffee shop and login to your email because its securely locked behind bitwarden. You can't login to bitwarden because you can't access your 2FA from your email.
What am I missing?
-
Use something else for 2fa not email. I used to use keepass for 2fa on my laptop and phone, but now I'm using ente auth. It's convenient because I can login ente auth anywhere and get a code but the only thing is you'll need to remember 2 passwords which is worth it imo.
