top | item 44825408

(no title)

lhamil64 | 6 months ago

I personally don't do this because I feel like it defeats the whole purpose of 2fa. If someone gets into your bitwarden account, now they have your passwords and can generate 2fa codes. Of course, if the alternative is just not doing 2fa then it's better than nothing but I'd still prefer an authenticator app or hardware key than putting them in bitwarden.

discuss

bccdee|6 months ago

That's why my bitwarden account is protected with 2FA! If an adversary has gotten into my bitwarden secrets, my second factor is already compromised.

And if I lose my phone, I only need to do the recovery flow with the printed codes for one account, rather than for all of my accounts.

mvieira38|6 months ago

Getting into your bitwarden account should be at least as hard as getting into your authenticator app or stealing your hardware key, though, if you're using it as intended, so I think it's ok for 2FA

ihattendorf|6 months ago

2FA keys are easily stolen from a desktop with a password manager running in the background when running a malicious executable, vs. 2FA keys on a 2FA app on a phone and running a malicious app.