Add Real MFA

I was testing this app since yesterday, but the MFA bothered me, because I turned MFA on, logged one time, checked “Remember me” and I just can log again without entering the MFA code…

What’s the point to have MFA in a team if someone can turn on this option and never use MFA again?

In admin options should have an option to avoid this checkbox, because if someone stole one notebook, just need to know the master key… The MFA, that should increase security, is not being used in the case, even if it’s enabled.

I think the obvious solution is to simply never enable the option “Remember Me” if you always want to use 2FA. To be fair, it is not enabled by default.

Perhaps the more relevant feature request would be to “undo” the option if it were ever enabled by mistake. I can’t figure out how to do this, except for revoking trust for all previously trusted devices/clients. (Maybe someone can correct me if there is actually a way to do this.)

But I have a team with 15 persons… I cannot guarantee that everybody will not enable this option… I think that admin should have an option to remove this checkbox on login screen to all team, and I don’t think that this option exists.

I think I understand your concern, and perhaps there may be others who share your cautious approach.

I view the purpose of 2FA as a mechanism to trust devices/clients to download your encrypted Bitwarden vault. Once that trust has been established, I would presume that password protection is sufficient to secure your information. If you ever did run into the situation where a laptop was stolen, you always have the option of revoking trust for all devices on the account, which would force 2FA again before anyone could access your vault.