Additional email address support for login

Feature name

the ability to login to bitwarden using a secondary email address

Feature function

this feature will allow a backup email address to be applied to the account so if the first one is somehow lost (hacked, forgot password, etc.) there is a backup way to reset your password for your vault if required.

companies like google and microsoft have been known to suspend accounts and prevent their use. this could prevent you from resetting your password for example.

How it would work

  1. first the user goes to account settings and types in their secondary email address
  2. the user then receives a prompt telling them to enter a code sent to their email
  3. the user enters the code and their password. the email is applied

preventing unauthorised use

to prevent unauthorised email addresses from being added a banner will be placed on the top of the vault and in the app for about 1 week. this could state “a additional email has been added for login. if this wasn’t you, click/tap here”.

i edited the post to make it a bit more clear

@Addreno8238 welcome!

If your email is compromised, your Bitwarden account won’t necessarily be affected. Your master password should be unique to Bitwarden to prevent someone from accessing your passwords in the event another one of your passwords was discovered. Having MFA/Two-step login enabled protects your that much more.

Also, currently, since the Master Password is part of your encryption, there is no ‘reset’ function,you’d simply change your Master Password (if you know it) or delete and re-create your account :slight_smile:

Further to @tgreer 's advice, even if your login email is deactivated somehow, you will still be able to use it to login to Bitwarden and change to a new email address. Bitwarden will send the confirmation to the new address, not the old one. After that, you can change to a new password as well, if desired.

Of course, it would be a very good idea to make a full backup of your vault before you change your email, just in case (and make it non-encrypted if you are changing passwords, otherwise you won’t be able to unlock it).

@Addreno8238 - if this satisfies your need, please let us know so that this request can be marked as SOLVED.