I recently got started with my first password manager after spending so much time trying to come up with complex patterns and ending up wasting a lot of time resetting quite a few logins. Can I have all my accounts on bitwarden? I use email for 2FA because I dont want to use any authenticator app and lose access to my phone. I understand the importance of security but I cant sacrifice all convenience. I guess my question is this the best practice to use a password manager? free netflix tech news
You can totally use email for 2FA. Just make sure you have 2FA enabled on your email provider.
You can, however, use 2FA app in your phone as backup/easier solution when you need 2FA for Bitwarden. What I would suggest (if you use Android) is andOTP.
It is open source and simple 2FA app, compatible with all 2FA QR codes and what not. You can also back up the 2FA accounts with encrpted JSOS file and savely store it either on external storage or your cloud backup provider (if you use one). If you choose to go more advanced, you can re-encrypt that file either with 7-Zip or with encryption software. However, this password you MUST remember at all times.
All in all, it must be targeted attack if somebody would get their hands on that file, “crack it open” and use the 2FA code for accessing your BW account.
Just about the point about not using 2FA because you don’t always have access to your phone - 2FA applications like Authy (authy.com) have options to generate the one time password on your laptop. They can also backup and sync the secret among multiple devices. That way you can protect yourself from losing access just because you don’t have your phone working with you.
Another common backup for 2FA is to pre-generate security codes and store them in a safe place off-line (I usually print them on a piece of paper and store it safely).
For instance - here are Google’s instructions for pre-generating backup codes: https://support.google.com/accounts/answer/1187538