So like many others before me all of a sudden I don’t seem to receive emails from Bitwarden therefore blocking email verification. Bummer. It’s a simple OVH forward to gmail, idk what’s wrong.
Since I had a many devices already logged in, I enables 2FA apps and was able to log in with that.
Can I just change my mail now? What I really don’t want is to lock myself out… To create a passkey I need a verification code so that path is closed. If I change my email say to gmail and gmail still doesn’t get the mails, can this lock me out?
You can export your vault to guarantee recovery of the contents. Some people recommend encrypted exports so your credentials are never stored in plain text, but sometimes plaintext exports may be better short-term insurance against vault loss. If you want even more assurance, then maybe do it from multiple clients.
You can change your email in the web vault now. Most of the time this WILL log you out of all your devices (because your encryption key changes). So make sure you have the following ready:
Your correct password
Your 2FA authenticator
Your 2FA recovery code, just in case (and to make sure you have a copy that should be kept safely and reliably accessible)
In the past, when anything changed your encryption key the vault could become corrupted, but the devs may have made this less likely recently; we don’t know for sure, so that’s why step 1 may still be important.
P.S. Using your Gmail +address may be more reliable than some alternatives. If Bitwarden stops sending email to Gmail, it’ll probably get fixed relatively quickly. OTOH, having separate 2FAs (and a recovery code) makes this less imperative, BUT you still want to reliably receive security notifications from your Bitwarden account.
I might try that.
The reason why I always prefer using my domain with the redirect is that I own the domain therefore I own the address and can always change host if I have an issue with OVH or Google.
GMail is GMail, owned by Google and if one day for any stupid reason I lose the account, my life could be hell. But in 2026 redirects can be a problem as they break DKIM/SPF/DMARC and that can cause problems.
Thanks for the help, I’ll probably have to switch to Gmail indeed.
If you own your own domain, why not host a mail server there (i.e., set up the MX and TXT records in your DNS record, so that they use an email service that has proper DKIM/SPF/DMARC)? If you have Google Workspace, you can even use your domain with Google as your email host:
I don’t know the details how to set up a domain so it forwards and is received by GMail properly. Some of my messages go to an alias (SimpleLogin), which forwards to another mailbox which also forwards to Gmail; when I “Show original” (look at the headers):
I don’t see the word “fail” anywhere in the headers, which would appear if DKIM/SPF/DMARC had a hard or soft failure.
I think Gmail recently expanded authentication methods that allow correct validation of redirected/forwarded emails. You may want to investigate that. Specialized mail forwarders like SimpleLogin and Addy.io may be your friends (not sure, since I don’t use a domain.)
mxtoolbox's parsing result for DMARC/DKIM/SPF validations
