Hello
When several 2FA-methods are enabled, Bitwarden takes the following priority:
(From Two-step Login Methods | Bitwarden )
Meaning if I have Webauthn and Yubikey enabled, but I want to primarily use the Yubikey (which is quicker on the phone) I have to press the “use another two-step login method” every time. It would be practical if we could change this priority 
Please… I have exactly the same remark!
Title: User selected 2FA method prioritization
I had my Yubico Security key NFC setup as one of my methods (in addition to Google Authenticator). The dongle worked great at home, I could plug in the USB and voila. However, my phone (Pixel 5a) just will not recognize the dang NFC dongle, no matter how many times I try. And, it’s not a USB-C type connector, so no luck there. I even tried a USB-A - USB-C converter thingy, but the phone simply wouldn’t accept anything but NFC for this dongle. For some reason, I also didn’t see how I could select another of my chosen Bitwarden 2FA methods (Google Authenticator) when trying to login on my phone… unlike when I was on my computer. Whew, hope that explains it.
I suspect having a physical dongle “may” be more secure than Google Authenticator (but I’m not a security expert)… so that’s probably what led to the dongle being the preferred 2FA method?
Anyway, IMV it would be nice to be able to prioritize the 2FA methods to suit your preference.
Thanks for considering this feature request,
–tim
Hi Tim - you can select a different 2FA method on Android - when you are prompted with the WebAuthn prompt, just click the X in the top-right corner of the screen to back out, which takes you back to a screen with a button that allows you to “Try Again”. But this screen has a three-dot menu in the top-right corner that you can select and chose Use Another Two-Step Login Method. Then you can pick what you want.
Also, NFC FIDO2 keys should be supported by Android, but I have had issues with it because I use the Firefox browser by default. I have heard (although, not tried it myself) that it works with Chrome. Maybe someone else here has more experience and can confirm or correct me.
Finally, your feature request for setting the 2FA method priority is a good one - I am going to merge it with an existing thread requesting something similar to clean up a bit. I hope you don’t mind! Cheers.
Just as an addendum, in case it helps somebody else:
The method to click the “X”, described by David H above, didn’t work in DuckDuckGo for me. I had to change my default browser to Chrome to get it to work.
YMMV.
Bumping this old thread as I came to post the same request.
Please provide an option to change 2FA priority.
I personally use an authenticator app as my primary method and own a Yubikey as a backup that I keep locked in a drawer. Bitwarden defaults to Yubikey and I have to cancel the Windows/Edge prompts every time.
Same issue here! I Have Authy, Yubico, and FIdo2 WebAuthn, the app keeps asking for the last one I registered! It would be easier if we could define the preferred one, or if the app remembers the last one used!
Exactly what P92 writes! It seems that this request has been here for a while. Just setup FIDO2 Webauthn for backup and have Auth app as day to day MFA. FIDO2 prompts before anything else(except duo) which is really annoying having to tap the three dots and change it manually.
Please, please consider allowing manual priority order of MFA. I recently moved from another pass manager, one reason being FIDO2 Webauthn support, but that priority is annoying!
Thanks 
Every few months I come back here to check if there is any update.
Not being able to choose the priority of 2FA-methods is so annoying.
On Android with Firefox it is even worse because sometimes you can get stuck in FIDO Webauthn screen and then you have to restart Bitwarden and enter your password again.
It can not be that hard to implement this or is it? Please consider.
please allow this, i bought a yubi key as a backup to TOTP i dont want to use it daily, but it defaults to yubi over it
found this thread and was surprised this is not a thing yet.
i vaguely remember that one could set a default mfa method a long time ago. maybe that feature was removed?
Just added my YubiKey and another Security Key for authentication via WebAuthn. I intended to use the YubiKey as my daily driver. The security key (WebAuthn) should stay at home in the safe.
However, I quickly learned that WebAuthn is considered to be more secure and therefore will be the standard option for 2FA. As the Bitwarden support told me, there is a set priority of the 2FA methods, namely (source):
If WebAuthn, YubiKey and 2FA apps are all configured, WebAuthn is automatically set as the default. If it’s not configured, YubiKey would be the standard method, and so on.
While it’s possible to choose a different method, it’s also annoying as you need to cancel the whole process by clicking four times etc. Also, WebAuthn doesn’t work as smoothly on mobile devices as my YubiKey NFC.
Therefore, I’d like to be able to specify which 2FA method I want to use as a standard method. In my case, YubiKey, even though WebAuthn is available too.
Anyone else who would like to be able to change the priority of the 2FA methods?
To clarify your use-case, could you explain under what conditions you would pull the security key out of the safe to use it instead of the Yubikey OTP?
Basically, it’s a backup method should I lose the YubiKey, as I don’t have a backup YubiKey. Originally, I wanted to save some money. Therefore, I bought one of the expensive (€65) and one of the less expensive (€35) keys, to carry one with me and leave one at home.
But then when they arrived, I learned that the less expensive one only supports WebAuthn. My mistake, didn’t know that when I ordered. Thought about sending it back, but as WebAuthn is even more secure, and I just need a backup in case I lose the YubiKey, it wouldn’t really matter. Would there be an option to change the default 2FA method.^^
You can (and should) print out a 32-character recovery code and store that in your safe. Then, if you ever lose your Yubikey, you can use the recovery code to disable 2FA on your account.
With this method, you can remove the FIDO2 Webauthn 2FA option and directly use Yubikey OTP as your 2FA.
I’m not saying there may not be other use-cases for your Feature Request, but I can’t think of any (which is why I had asked in my previous response).
That is a great tip! I completely forgot that I could recover my vault by just using the recovery code (that I’ve already printed out weeks before) in case I lose the YubiKey.
I also can’t think of any good argument as to why that feature would be important to some users right now. Other websites I use allow choosing a preferred method, and perhaps there are users who want to use their YubiKey even though they’ve configured Duo 2FA for whatever reason.
But yes, for my use-case, I will get along with your suggestion. Thanks again!
My guess is you have a YubiKey (possibly 5 series?) and a Yubico Security Key, the later of which only supports WebAuthn and not the Yubico OTP or others.
If that’s the case, why not simply have your main security key as WebAuthn for 2FA in your vault, as well as your backup Yubikey in the safe set with WebAuthn for 2FA login, as well as the 2FA recovery code as @grb recommends.
You can have up to 5 WebAuthn compatible devices set up for 2FA on your Bitwarden vault, along with the remaining following options as you specified Yubico OTP, Duo, TOTP authenticator app, and last email.
If you have your main security key with you, you could keep a 2FA backup method (either Yubikey or recovery code) in your safe, and another at a trusted contacts house so even in a catastrophic disaster such as fire you have an off-site recovery plan in place.
Kent, the main reason I didn’t suggest switching to WebAuthn was the fact that OP alluded to some problems using WebAuthn on his mobile devices. Either way, he’ll probably prefer carrying the Yubikey over the Security Key, since Yubikey OTP will be compatible with many more web services than FIDO2/U2F.
I agree that the Yubikey would be preferred as it has the broader functionality of the two, perhaps I misunderstood as the OP referenced WebAuthn along with the Yubikey NFC
You think so? I would imagine the opposite to be true, in my experience more sites have added support for FIDO2 WebAuthn over adding support for a proprietary Yubico OTP
Yes, the original statement is ambiguous. I interpreted “Yubikey NFC” in that context to be a shorthand for “Security Key NFC by Yubico”, but in any case he is having some issue with WebAuthn on the mobile devices.
You are correct, I was confusing YubiKey OTP with the OATH-TOTP protocol that is also supported by the YubiKey 5 series. If the OP is using the Yubico Authenticator with TOTP seeds stored on the YubiKey, then my previous point (that carrying the YubiKey will provide greater flexibility) still holds.