Can I Create QR from TOTP?

Thank you for your post!

Feature name

Create QR from TOTP

Feature function

It would be a nice to have feature if Bitwarded would be able to create a QR code out of an existing TOTP code.
So if you enable MFA/2FA at a website you 1st of all copy the new TOTP code to your Bitwarden.
After that you generate the QR code and scan it with another device (e.g. mobile phone).

So you would have a backup of your TOTP in a different location/app.

So if you enable MFA/2FA at a website you 1st of all copy the new TOTP code to your Bitwarden.

Why don’t you do it simultaneously? Add the TOTP to both Bitwarden and your backup-app in the same moment. Then compare the verification codes on both devices with eachother and if they show the same finalize the process.

2 Likes

That’s what I do - Bitwarden and Authy at the time of setting up 2FA.

In general yes.
But what would you do if e.g. you break your phone and do not have any backup of your TOTP app.
I’d like to bypass all TOTP apps that have a background synchronisation to a central server.

From my point of view it would be a good possiblity to have a QR generator within Bitwarden, so you would be able to scan all your TOTP entries.

That is why I use Authy and have it installed on both my phone and my PC.

Yeah that might be a possibility but Authy is not open source and when it comes to security I rather do not trust any companies which stores such things.

Why have a second application in addition to Bitwarden? BW is multi device so no need for another app at all. If you lock yourself out of BW you have some serious other issue.

I would only use an app like a Authy to store the TOTP token for Bitwarden itself and store the rest in BW.

There are of course reasons to NOT store TOTP in BW:

  • you need Premium and you’re cheap
  • you like to separate your tokens from your passwords and trade in convenience for additional security

I agree - I just have a 2nd application as a backup.
To be honest I did not used BW QR scanner (as I was not aware that there is one :slight_smile:).

I had several issues with breaking my phone and was not able to recover any TOTP and had to use recovery codes to regenerate any TOTP I had in use.

That’s why I thought that it might be useful to just scan BW with your mobile phone and have all TOTPs again.

Here is another idea for you:
Start a text-document. Everytime you implement 2FA make a screenshot of the QR-code, then add it to that document. So in case you loose access to your 2FA-tool you can re-add those QR-codes very fast just by going from one picture to the next. This way you would not even have to go through every single entry inside Bitwarden to find the TOTP-codes. For already existing TOTP-codes you can re-create your QR-code from a page like this one:

Thanks for all the input!

So as this is clear for me now, is there a possiblity to close/delete this feature request?

You could just leave it as is or ask a forum admin to move the discussion to the support category