I am currently doing various mind games for potential disasters and their effects.
I tested it: i couldn’t open my vault with 2FA without internet connection. I also couldn’t use the recovery code. That is a high risk. Do I need a local exported Vault for such a scenario?
This is by design. To download your encrypted vault data from Bitwarden’s servers, you are required to authenticate (using your username, master password, and 2FA). If Bitwarden’s servers are down, then they will not be able to serve the vault data to your computer anyway, so it is irrelevant that you are unable to complete the authentication process in this scenario.
Most users choose to not log out of their Bitwarden client apps as a convenience, in which case you can still unlock and view your locally cached vault data by turning off the internet connection. However, this is not a perfectly reliable backup method, as it is possible for your Bitwarden session to sometimes be deauthorized unexpectedly, which would purge the contents of your locally cached vault.
Therefore, yes, it is considered best practice to regularly backup the contents of your vault. There are various approaches to doing this, but the one that is most straightforward is to periodically create a password-protected encrypted JSON export (not the “account-restricted” encrypted JSON format). You should be aware that some vault data are not included in these exports (e.g., attachments, sends, password histories, and various time stamps).
An alternative backup strategy is described in this post:
Here’s another article that gives a good overview of your options.
Configuring Bitwarden Clients for Offline Access