Does the browser and android app do auto-login on TOTP. For example, if I enable auto-logon a site, will it auto-login the user name and password and also the TOTP, too? Just to be clear, I would not want to to do this because I rather manually fill-in the site after examining it to make sure it’s not a fake site. This is for my mom who wants everything done automatically because she can’t figure out how to use fill button on the password manager. 2fa auto-enter is still safer than no 2fa.
If you have TOTPs stored in Bitwarden, you can enable “Automatic TOTP Copy” in the extension’s Options menu. After you autofill a site, it will copy the TOTP to the clipboard, allowing you to paste it into the 2FA field on the site.
Thanks, does auto-paste the TOTP or must the user select Paste. This is not for me but for my mom. She does not understand the concept of cut and paste and I have been unable to teach it to her.
The user must select “Paste”.
If you’re on a Windows computer, it’s as simple as left-clicking on the 2FA field with the mouse (so the cursor appears there), then holding Ctrl and pressing V with the keyboard OR right-click the field with the mouse and click Paste.
If you’re on mobile, I believe all you have to do is long-press the field, a “Paste” button will appear and you tap it.
Thanks! I suppose this is not a feasible solution then. Thanks for the verification.
You’re looking for a solution that will automatically fill TOTPs? I’m not sure there is such a thing.
There are alternatives like Push notifications with Duo (which prompts you with a “Is this you” notification on your phone with a Yes or No to select) or a Yubikey (which is an encrypted USB stick that is required to be inserted when you log in).
But I suspect neither of those options are less complex to explain, and are not as widely supported as TOTP.
Come to think of it, getting a TOTP from Bitwarden is no less confusing than getting one in a text.
So, with all due respect to you, I’m not sure what solution you’re looking for.
Thanks, I do notice that enpass does actually auto-enter TOTP, but unfortunately the non-cloud nature of that product makes it impractical to managed for another person.
What I am looking for is an automated solution for a very technically challenge person, who is unable to use SMS or use cut and paste.
On the plus side, this also means her needs are minimal. I was able to swap out last pass and then replace it with bitwarden. She did not notice because the website and android app auto-login just like before, so she did not even realized that her password manager had changed.
According to this feature request on the Bitwarden Github: (https://github.com/bitwarden/browser/issues/890) “there is no standard for defining an MFA code input field, so creating an autofill solution based on a DOM name/id would be very spotty.” This is apparently whey they have opted to copy it to the clipboard rather than autofilling it directly.
But if I were you, I would add my vote to a relevant feature request either on Github or on these forums, and comment to let them know you also want this feature.
Thanks, that sound about right, so I will not request this feature.