Allow increased security (2FA) for some accounts/pwds without creating second bitwarden account

Enable 2FA per item and allow multiple emails to receive 2FA code

Feature function

Feature: Instead of toggling 2FA per account globally allow to toggle 2FA per item in the vault
Use Case:
I use bitwarden to store all the credentials I may have to enter in a browser (including low security items like some random web shops etc and high security items like admin to my NAS and bank accounts etc). Also I want one or more other trusted persons to be available to access my credentials in case of emergency without them needing to know my master password, details see below.

In addition, I setup my wife to be able to access the same bitwarden account in case she needs access to things and I am unable to do so (accident or what ever).

Currently, the only way to partition credentials into high security (with 2FA) and low security (without 2FA) is to have two separate bitwarden accounts. This is cumbersome during daily usage (all my browsers on desktop and mobile are logged into one bitwarden account and switching accounts back and forth is a pain). Also, things get much more complicated for my wife in case she needs to access things (now she is setup to access one account and will find all credentials there (using bio unlock on her mobile, so she does not even need to know the master pwd) , no need to know/handle a second account).

To make this use case complete, it would be even better if I could set multiple emails for 2FA (so myself and my wife) so that she would also get the 2FA code without additional effort when she needs to address something, just use her fingerprint and then the 2FA code form the mail when accessing the more secured credentials.

Having 2FA for everything seems also cumbersome and over the top for low security credentials (user account to post comments on some random web page etc)

I just saw that you have Emergency Access | Bitwarden Help & Support ,so the wife part here is handled. Still configuring 2FA per credential would be appreciated.

I agree, this is a natural extension to using the Master Password re-prompt to protect individual login items. But based on that webpage’s warning message, this re-prompt is not an encryption mechanism, just an interface-guard rail. I think the underlying vault encryption seems to be tied deeply to the entire vault itself and adding another layer 2FA for handpicked high-security logins may not be straightforward (not a Bitwarden dev, so just a guess).

But the suggestion is fantastic. It’s so awkward to use 2FA when I’m on the bus or train, just to login to some casual website.

  • this.
    This is one of the few things my management wants to be implemented.
    Thanks for the request, you have my vote!
1 Like