The time-based one-time passwords that are generated by Bitwarden after entering the Authenticator Key aren’t accepted by some websites, namely binance.com, binance.je and nexo.io. All three are related to cryptocurrencies, but I guess that’s just coincidental.
The same Authenticator Key in Google Authenticator or Authy generates a different TOTP, which is accepted by said websites.
With many more websites, the TOTPs that Bitwarden generates work just fine and are identical to the ones that are generated in said authenticating apps.
I hoped I could finally resort to an authenticating app just for Bitwarden itself, but apparently I still can’t. Has anybody else encountered this issue? Thanks.
I’ve just checked my Binance TOTPs in Bitwarden and Authy and they are identical. Are you sure you’ve entered the keys correctly?
Thank you for reporting your experience with Binance specifically.
Yes, I’m sure I’ve entered the key correctly. After that I have disabled and re-enabled 2FA in Binance, but I’m still getting different TOTPs in Bitwarden and GoogleAuth/Authy. I don’t know what else to try.
Do you have further suggestions?
So sorry for spreading FUD!
I checked again and they all seem to work now. I might be wrong but I guess after leaving an item open for a while in the web vault, the TOTP lags behind and eventually doesn’t match what the website expects, which is easily solved by closing the item and opening it again.
1 Like
At last I figured out the cause of the issue: time on my Home PC wasn’t exact.
https://time.is is a quick and convenient way to check if your time is exact. You’re good to go as long as it says “Your time is exact”).
Time syncronization on my Windows 10 must have stopped working at some point, without a warning, causing system time to be just a few seconds late. Not enough to ring any alarm, but apparently just enough for Bitwarden to yield incorrect TOTPs.
Oddly enough, before fixing the time (I had to resort to third-party tool NetTime as I couldn’t seem to fix it in any other way), Authy for PC was yielding correct TOTPs, despite the wrong time. I guess somehow it’s not dependent on system time.
I’m so glad I figured it out because I was literally going crazy! I was getting different TOTPs on vault.bitwarden.com on my Home PC (locally) and on my Work PC (on corporate network over VMWare Horizon).
I hope this helps somebody else!
2 Likes
Thanks for finding the cause of issue and posting the solution!
I was bugged by the same problem, but my PC time was ahead by only 40 seconds and sometime TOTP key was accepted (in the end of it’s time).
1 Like
Thanks for this post i had the issue and now i am trying but can’t solve is someone can reply me what i am doing wrong.
TOTP errors are almost always caused by the time on the device being inaccurate. Double-check that your clock is set to the correct time and timezone.
I got it thanks i check for more than 3 times and i got that.
I also observed this behavior, and my PC time is correct (in sync with https://time.is). The TOTP url is: otpauth://totp/[provider]:[user]?algorithm=SHA1&digits=6&issuer=[provider]&period=30&secret=[xxx]
I observe different codes being generated at the same time from the google authenticator app. The google authenticator codes work.