Auto-Login for TOTP

Does the browser and android app do auto-login on TOTP. For example, if I enable auto-logon a site, will it auto-login the user name and password and also the TOTP, too? Just to be clear, I would not want to to do this because I rather manually fill-in the site after examining it to make sure it’s not a fake site. This is for my mom who wants everything done automatically because she can’t figure out how to use fill button on the password manager. 2fa auto-enter is still safer than no 2fa.

If you have TOTPs stored in Bitwarden, you can enable “Automatic TOTP Copy” in the extension’s Options menu. After you autofill a site, it will copy the TOTP to the clipboard, allowing you to paste it into the 2FA field on the site.

Thanks, does auto-paste the TOTP or must the user select Paste. This is not for me but for my mom. She does not understand the concept of cut and paste and I have been unable to teach it to her.

The user must select “Paste”.

image

If you’re on a Windows computer, it’s as simple as left-clicking on the 2FA field with the mouse (so the cursor appears there), then holding Ctrl and pressing V with the keyboard OR right-click the field with the mouse and click Paste.

If you’re on mobile, I believe all you have to do is long-press the field, a “Paste” button will appear and you tap it.

Thanks! I suppose this is not a feasible solution then. Thanks for the verification.

You’re looking for a solution that will automatically fill TOTPs? I’m not sure there is such a thing.

There are alternatives like Push notifications with Duo (which prompts you with a “Is this you” notification on your phone with a Yes or No to select) or a Yubikey (which is an encrypted USB stick that is required to be inserted when you log in).

But I suspect neither of those options are less complex to explain, and are not as widely supported as TOTP.

Come to think of it, getting a TOTP from Bitwarden is no less confusing than getting one in a text.

So, with all due respect to you, I’m not sure what solution you’re looking for.

Thanks, I do notice that enpass does actually auto-enter TOTP, but unfortunately the non-cloud nature of that product makes it impractical to managed for another person.

What I am looking for is an automated solution for a very technically challenge person, who is unable to use SMS or use cut and paste.

On the plus side, this also means her needs are minimal. I was able to swap out last pass and then replace it with bitwarden. She did not notice because the website and android app auto-login just like before, so she did not even realized that her password manager had changed.

According to this feature request on the Bitwarden Github: (https://github.com/bitwarden/browser/issues/890) “there is no standard for defining an MFA code input field, so creating an autofill solution based on a DOM name/id would be very spotty.” This is apparently whey they have opted to copy it to the clipboard rather than autofilling it directly.

But if I were you, I would add my vote to a relevant feature request either on Github or on these forums, and comment to let them know you also want this feature.

Thanks, that sound about right, so I will not request this feature.