Feature Request: Backup access codes printed on paper in case master password is lost. Google and LastPass have this. Thx. I did a search a didn’t find anything related to this.
Thank you for your post!
- Enter the name/concept of the feature being requested
- What will this feature do differently?
- What benefits will this feature bring?
- Remember to add a tag for each client application that will be affected
Related topics + references
- Are there any related topics that may help explain the need and function of this feature?
- Are there any references to this feature or function on other platforms that may be helpful?
If you are referring to 2FA access codes to get into your account (screenshot), there is no reason you could not copy and paste them into a text file or word document and just print from there (it even recommends doing so).
If you are referring to access codes as a backup to your master password I do not believe this exists at all, nor have I ever seen this feature on any platform as it seems redundant. Could you not just print/write down your master password? Why do you need randomly generated alternate codes?
I have all such backup codes printed on pieces of paper, as well as stored elsewhere. You either get the option to copy them or print them when setting things up (can’t remember which in Bitwarden).
To clarify, the poster is not referring to the 2FA code. In Last Pass, there is an option for One time Password Recovery code. A bank of about 10 code is generated that you can print out on paper. If you forget your master password, you can enter the code and you will be prompted to change the master password. The code only works once, so if you use up all of your code, then you will use up that option. This feature is also on google account.
I would like this as a backup means to access my vault if I have to use a computer at an internet cafe and must assume that the PC is insecure.
Thanks for your clarification of my original post. Good points. I have a feeling the BW engineers will come to see the importance of this option. There’s a reason why LastPass and Google spent money to implement it.
I need backup code insteade two auth app
For those advocating this feature request, I am curious why backup access codes printed on paper are better than printing your master password on a piece of paper?
I think that’s pretty obvious.
My master password is my first factor. I once had my Yubikey break on me, so that broke my second factor and I could not get in to my system (it was keepassXC back then, but same would go here). With my yubikey being broken, I could not get into my vault.
Secondly, that ‘recovery code’ is something that is stored somewhere away from normal usage (under my pillow, sown into my teddybear… so only to be used in dear urgency).
I do agree though that it doesn’t make sense to have a “backup master password”. This is like having a second key that fits your lock. It weakens the safety: just imagine that your backup recovery key ends up in a password breach list… chances are really slim… but twice as big as when you only have a single strong password.
The point is that we do not want to use our master password on a public machine, not necessarily as a backup to a lost master password. We want to have the ability to use a one-time equivalent of the master password so that if the one time password is captured on the compromised public machine, it will do the adversary no good. Think about the use case when you are travelling… do you really want to use your master password on a machine you have no reason to trust?
Users posting in this thread seem to want different things. For example, @robertpaulson and @metoo are looking for a “temporary”/one-time version of the Master Password to use when one does not feel secure entering the “real” Master Password. There is a separate Feature Request for that exact functionality: Temporary Master Password, so posts supporting such a feature should probably be posted there, not here.
Others who have posted in this thread seem to be asking for recovery codes for 2FA, which is a function that already exists, as pointed out by @Cjkeenan above.
That leaves only OP, who seems to want a printout of codes that can be used as a substitute for a forgotten Master Password. The obvious question (“why backup access codes printed on paper are better than printing your master password on a piece of paper”?) was asked by @dh024 and @Cjkeenan, but so far there has been no clarification of this.