Considering purchasing Premium but have a concern about TOTP

Good Afternoon. I just recently discovered Bitwarden and I have more or less been converted. Transition was absolutely a breeze. With that, I am getting ready to configure a new phone and go through the process of reconfiguring all of my 2FA tokens.

So, here are my questions. If I subscribe to Bitwarden Premium and my subscription lapses, what happens to my configured TOTP tokens? Am I locked out of all my applications that depend on those tokens and held at ransom until I can pay up? Is token data deleted when the subscription ends? What are the recovery options available for BitWarden’s TOTP?

Yes, I understand premium is only $10.00 per year, but that is in the now and I have no way of predicting what costs may be 5-10 years down the road and need to ensure my application access will still be available.

I searched the support documentation, reviewed this blogpost and searched the forums to no avail. Since the feature has been available for >1 year, I am hoping someone has either encountered this predicament or one of the developers can chime in.

Thank you for your time!

You will lose the ability to generate codes in Bitwarden, but your tokens won’t be deleted. You’ll be able to transfer them in another authenticator.

1 Like

Try to add codes to both Bitwarden and also an authenticator app with backup features like Authy or Microsoft Authenticator. This was your logins will be safe


I didn’t realize that was even an option, but I guess you are just scanning a QR code in most cases. Never compared the two, but I guess the same token would be generated? Not a bad idea at all, though may also increase risk if one got compromised for some reason.

Yes, same token is being generated. I was using same method before Bitwarden (in 1Password). In Bitwarden you can scan QR codes via phone and you can enter auth codes from desktop client. At the same time scan QR code to your mobile app.

As for risk, both Bitwarden and mobile authenticator need an authorization before opening, like master code, pin code or biometric like Face ID, so it shouldn’t be an issue

1 Like