Additional Security Alert Email

Regarding these alert emails, is there any indication from Bitwarden or anywhere else, on just where exactly the failed login attempt is occurring? Master Password vs MFA?

To me there is a considerable difference. If it’s too many master password failed attempts, then I’m not going to sweat it as much.

If it is MFA, there’s some scarier implications. It’d be nice to know if what I use for my Master Password has been leaked somewhere else on the internet, and therefore know never to use anything close to that password again.

Yes, there is a different email notice if the login attempts failed on the 2FA step.

The key difference is that the notice for failure on the username/password step says “If this was not you, don’t worry” (below the login attempt data). In contrast, the notice for failure on the 2FA step says “If this was not you, you should change your master password immediately”.

1 Like

This is great! Thank you very much for this.

This was the first time I’d ever received any email alerts of this sort, so I had no idea there were 2 types.

Appreciate it.

1 Like