Reminder for Bitwarden users: Starting in February, users without two-step login (2FA) enabled will need to enter a verification code sent to their email when logging in from an unrecognized device
-
Bitwarden users who store their email account credentials within their Bitwarden vaults would have trouble accessing the sent codes if they are unable to log in to their email.
To prevent getting locked out of your vault, be sure you can access the email associated with your Bitwarden account so you can access the emailed codes, or turn on any form of two-step login to not be subject to this process altogether.
-
T [email protected] shared this topic
-
[email protected]replied to [email protected] last edited by
using a password manager without 2FA is insanity, glad they're doing it
-
[email protected]replied to [email protected] last edited by
Insanity is when you lose or can't access your 2FA device and you're locked out of your account.
-
[email protected]replied to [email protected] last edited by
Where do you store your 2FA recovery codes?
-
[email protected]replied to [email protected] last edited by
On Bitwarden!
-
[email protected]replied to [email protected] last edited by
Well thats a good way to lock yourself out of your account!
-
[email protected]replied to [email protected] last edited by
Well, not really. Vault is cached on your devices, so if you have it unlocked or available on one of them you can always use it to check your 2FA.
By the way, it was a joke. I also use Aegis as a backup.
-
[email protected]replied to [email protected] last edited by
Backup codes.
-
[email protected]replied to [email protected] last edited by
That's what recovery codes are for.
-
[email protected]replied to [email protected] last edited by
insanity is also relying on a single 2FA device, ffs
- Have multiple factors
- 3-2-1 vault backups
- Setup emergency access if you have a person you trust
-
[email protected]replied to [email protected] last edited by
Sounds like a second password then.
-
[email protected]replied to [email protected] last edited by
...which you keep in a separate secure location in case you lose your 2FA device.
-
[email protected]replied to [email protected] last edited by
Why can't I keep my password in a secure location then?
-
[email protected]replied to [email protected] last edited by
Is it possible to change emails on the account? I haven't found how...
-
[email protected]replied to [email protected] last edited by
It is possible here I think : https://vault.bitwarden.com/#/login
-
[email protected]replied to [email protected] last edited by
obviously you do but it can be leaked/phished or hacked in other ways. a second "factor" such as possession of a token device is a safeguard against that.
you can actually read about all this many places online, it's nothing new: https://en.wikipedia.org/wiki/Multi-factor_authentication
-
[email protected]replied to [email protected] last edited by
-
secure location in your home (physical copy in a safe or a digital copy on an encrypted disk)
-
in case of a disaster like a home fire where you lose the 2FA device and local backup: in a remote location such as an encrypted file in a cloud service or at a trusted friend/family's house.
-
-
[email protected]replied to [email protected] last edited by
I know the recommendations. Im suggesting that everyone take a look at those practices and be sure to have them implemented.
If you're not printing out the codes on paper and sticking them in a safe deposit box as a remote backup, you're absolutely risking it.
-
[email protected]replied to [email protected] last edited by
I can't believe people are arguing about and downvoting this.
-
[email protected]replied to [email protected] last edited by
And this changes the username to the new email, too?
