Allow mobile app to set which device may have access to TOTP

Feature name

  • Allow mobile app to set which device may have access to TOTP

Feature function

  • If user has mobile app installed, they will have an option in the mobile app to prevent BitWarden to load TOTP on personal computers (or other devices)

Reason

Not native speaker, please let me know if you need more context
Since computers sometimes install software from untrusted sources and has larger attack surface, I would like BitWarden to have an option that prevent syncing my TOTP to certain devices (e.g. PC browser extension. I’d like to keep my TOTP visible on my phone only)

This definitely feels like a needed feature. I store my TOTP keys in Bitwarden mainly so there’s a trusted backup somewhere as it’s a little terrifying just to be relying on my phone not to die, however I do feel it defeats the the point of TOTP as 2FA if they can be accessed through the browser extension on a potentially infected device.