top | item 42854600

(no title)

sesky | 1 year ago

Agreed. There is no way to rely on the simple model of 'my master password is the single point of failure' now. With any form of 2FA, there is now lockout risk in a way that cannot be mitigated fully. Bitwarden itself recommends printing out a recovery code and storing it in a safe, but what happens if you lose access to that safe? Or if you're traveling and need emergency access to your accounts after your phone gets stolen?

On the reddit post announcing this, Bitwarden added a response saying they will provide an opt-out option. It's unclear if this opt-out is temporary or not. It would be a huge step back for their product if 2FA becomes mandatory.

discuss

foxygen|1 year ago

That actually happened to me a couple years ago. I was in a foreign country, and lost my phone. All I had to do was buy a new cheap phone and login to Bitwarden again. If I had 2FA enabled, I'd be completely screwed.

gtsteve|1 year ago

I have hidden recovery information in a few places on the internet - someone stumbling across it would not know what they are looking at, or what it's for. For example, you can hide the TOTP secret for an authenticator app, but it's useless unless you know what account and service it's for, and the associated master password.

benbristow|1 year ago

Same here, mine got pickpocketed. My mates laughed at me because they thought I was an idiot not be able to login to my accounts.

Was easily solved though, got a new SIM card from my network from the local store when I got back and recovered my Authy account via SMS which I can then generate 2FAs for my password app through. Was always a backup method I had up my sleeve. My browser keeps logged in as well so was able to get into most stuff through my PC once I got back.

alt227|1 year ago

> Bitwarden itself recommends printing out a recovery code and storing it in a safe, but what happens if you lose access to that safe?

I feel like your own creativity is limiting you here. There are lots of options to store those backup codes. Including giving them to multiple relatives to keep in a safe place so you can call and ask for it, creating a dedicated email account with no 2fa and email the code there, leave yourself a saved answerphone message with it on so you can dial in and listen, write it in the important info section of your passport so you always have it abroad etc etc...

AlotOfReading|1 year ago

It's great that recovery codes exist, but the security model can't rely on them. Unused email accounts get deleted, yubikeys get lost or reset, relatives lose documents, passports get renewed, house fires and car accidents happen, time passes, etc.

Any critical procedure needs to be exercised regularly to ensure it's still working. Normal people don't do that with recovery codes.

Macha|1 year ago

> creating a dedicated email account with no 2fa and email the code there

Of course, that account could also decide to implement mandatory 2FA. Could even be unannounced, just "This login is suspicious, we sent a message to your recovery email to confirm this login"

unknown|1 year ago

[deleted]