Bitwarden (BW) TOTP Seed & Master Password (MP) Within BW Itself?

A Bitwarden blog mentioned the following:

Your Bitwarden Vault hopefully already has two-step login using some other method. (ie. do not use the Bitwarden Authenticator to protect your Bitwarden account.) Therefore it is currently protected with a high level of security and, in fact, two-step login.

Question: albeit seemingly counterintuitive to do this, what are the potential downsides of having…

  1. the MP in BW itself.
  2. the BW TOTP seed in a 2FA app as well as in BW itself?

If a remote individual without access to you laptop/PC or phone gains access to your BW vault, would this not indicate said person already has knowledge of your TOTP service key & MP to begin with?

Now, if this person had direct access to, say, your laptop with the BW vault left opened, I can see the advantage of not having a BW TOTP seed & MP stored in BW since this would prevent them from accessing BW from a remote location later on and making changes to the account that otherwise require authentication using your MP.

Note: I am not talking about securing BW using only Bitwarden. I’m talking about already using a 2FA app (I use 2FAS Auth) other than BW with the additional placement of the TOTP Seed & MP in BW.

You’re right - if they’re in your vault they have either gathered your MP + 2FA, or you have left the vault unlocked.

The only real downside is that if it’s the scenario where you have just left the vault unlocked - you’ve just given them the keys.

It’s all about everyone’s individual security requirements, though!