Three Factor Authentication for all new devices
The difference would be that if you logged into your Bitwarden account with a new device, it would ask for TOTP from your Authenticator, as well as either email token, a passphrase or a security question.
As this is a password manager with a TOTP generator built in, it is pretty important to keep the account as secure as possible. Just like many cryptocurrency sites do, I would like Bitwarden to ask for these when logging into my account from a new device:
- Master Password
- 2FA TOTP (Google Authenticator, etc.)
- token sent to my email address, OR a passphrase, OR a security question
It would greatly enhance the security and lower the chance of someone getting into your customer’s account. To be quite honest, this is what is keeping me from upgrading to Premium for sure.
I hope more people find this useful, thanks