Authenticator + Malware question

Assume I have Google authenticator 2FA set up on my bitwarden account. lets say I am using the desktop version and I happen to have a spyware/malware on my computer. now i dont know that and I login to my bitwarden desktop application. lets say that spyware/malware is able to see what keystrokes I make and copies my bitwarden password but it still wont be able to get in without my 2FA code. But after I have logged in to the desktop app will it be able to see my login ID’s and passwords that I have saved in the bitwarden application?

Yes, it will. Take all precautions to defend against malware, and never use Bitwarden in a device that you don’t trust 100%. If your Google login credentials are stored in Bitwarden, the attacker will also be able to access all of your Google Authenticator 2FA keys.

1 Like