Exporting Vault - verification code

Uncle_Vatreni · April 9, 2025, 1:19pm

Hello all,
I’m sure a basic question so hopefully a basic answer.

We have an instance of bitwarden (I believe vaultwarden) setup in the office by people long since departed, so nobody really administers it, but it just works.

I have 2FA on my authenticator app.

When I try to export my vault rather than request the master password, it’s requesting a verification code. However the code from Authenticator app doesn’t work, nor is it sending an email, at least not to the address the vault is logged in as. So what code is it looking for?

thanks

Nail1684 · April 10, 2025, 9:07am

@Uncle_Vatreni Welcome to the forum!

For various reasons, I think you should re-think this situation. (just two: 1. very likely, for a long time no security updates and 2. new client apps can get incompatible with older server versions - so I probably wouldn’t wait until you all lose access…)

Individual vault? I don’t know if Vaultwarden would be different here, but in the web vault, this would be an email verification code (and I think, for the email address of said Bitwarden account):

2025-04-10--11-03-49-vivaldi_HQzMRyH1Ku

(–> Export Vault Data | Bitwarden → web app-tab)

But as also shown here Export Vault Data | Bitwarden, the other Bitwarden clients (browser extension, desktop app, mobile app, CLI) also have export functions - and should work with only master password verification.

Uncle_Vatreni · April 10, 2025, 9:26am

Thanks for the reply. This is what I see but I never get an email - presumably this should be to me (owner of account) rather than the admin of the entire organisation?

If so I guess I need to try to admin it to check SMTP settings. Is there somewhere else in BW where I can test that it’s emailling out OK?

bwuser10000 · April 10, 2025, 9:40am

That looks to me like it’s expecting a 2FA code. But I could be wrong, I’ve never seen a prompt for a Verification code when doing an export.

Nail1684 · April 10, 2025, 9:43am

This looks like the browser extension. Normally, you should be asked about your master password - but with an (enterprise) organization, there could be even a “removal of the export functions for individual vaults” in place (Enterprise Policies | Bitwarden).

… So yeah, logging in as an admin seems necessary (PS: → only with admin capabilities, you have full control over every function)… I’m not familiar with self-hosting, but I think, System Administrator Portal | Bitwarden this might be a place to start.

Uncle_Vatreni · April 10, 2025, 10:47am

Managed to work round it.

When logged in from the web interface rather than the extension, it exports requesting the master password not some mystery authentication code that isn’t the vaultwarden authenticator. Exported fine.

bwuser10000 · April 10, 2025, 12:06pm

That’s good news.

I would take @Nail1684 's advice and make a plan to move forward. Most importantly, migrating to a current version of Bitwarden (and keep it current).

grb · April 10, 2025, 2:09pm

I believe this prompt appears when you have logged in using a method other than your master password (e.g., login with passkey, or login with device).