I have Bitwarden installed on my phone and PC (and as a Firefox extension).
When trying to login to a known website, my fingerprint failed 3 times (although must have been dirt or something as works fine now) and now the phone app then asked my to enter an Authenticator code. No idea I even had an authenticator (although may have set-up on my old phone). So now I can’t login on my phone.
The PC app (version 2024.6.4) won’t login with master password as says the app needs updating, but when I check for updates, it says there are none available and I’m on the latest version.
When I try and login on web, it again accepts the master password but asks for an authenticator code (which I don’t have).
The Firefox extension is logged in an accessible but I cannot see how to produce a recovery code nor change the MFA settings (as the only link to the website). Surely someone has considered mobile phone changes and that this breaks MFA if you don’t have you’re recovery code…?
None of the menu’s shows the option for authenticating via a different method.
I assume I am therefore stuck and have no option but to export my vault, delete my account (somehow) and open a new account with the same email address and re-import my vault? Or does Customer Service let me remove MFA if I can prove ownership / identity?
Any help much appreciated.
Thanks,
Jon
@redstamp Welcome to the forum!
Authenticator code? – Or does it ask for a “verification code”?
Do you see the phrase “we don’t recognize your device”? Like in this example:
Could you clarify?
PS:
That version is completely outdated. The latest desktop app is version 2026.5.0.
I have no idea why the desktop app would say there is no update, but here’s the 2026.5.0 release; select Bitwarden-Installer-2026.5.0.exe for Windows installation:
The question @Nail1684 asked is very important because it may determine whether your current account is toasted, because if you really set up the 2FA and have no recovery code, there is no way to recover the account.
P.S.: It appears that your only remaining logged-in client is the extension; you’d better export the vault now just in case.
Yeah, sorry, asks for Verification Code:
Okay, thanks. The important part here is indeed that it wants a code from your “authenticator app”. That means, you set up 2FA before (TOTP / “authenticator app”) and, unfortunately, your account is now “toasted” as @Neuron5569 wrote:
Disconnect the device where you use that Firefox extension from the internet. Make an export from that extension – make sure it is a JSON (unencrypted or password-protected – under no circumstances choose account-restricted) or ZIP export.
After that, create a new BW account. Later on, you can delete your “deserted” BW account.
Yeah, dunno why PC app says won’t update - thought it was old, but also assumed it might not quibble about verification code, as installed locally, so worth a try - assume I need to uninstall and re-install (not that that will help my current lock-out problem).
Have exported to multiple formats now just in case, but now holding unencrypted passwords locally, so I’m gonna have to delete and ‘clean’ all free disk space when I get sorted.
Also worth adding the phone isn’t new and have been using BitWarden for months since I bought this phone, so the fingerprint failure seems to have triggered the current lock-out issue, which is annoying as fingerprint failures are pretty common.
Thanks for your help both btw.
Jon
Perfect - thanks for your help.
Must remember not to use ‘authenticator’ MFA in future as I am forever losing phones 
Or at least store a recovery code somewhere I can remember…
Presume I’ll have to set-up a new email address to create a new account, as old one still live and can’t seem to delete from Firefox extension?
Thanks again,
Jon
Update - ignore the last question - found in help - can delete account without having access via email link, then immediately create new one with same email address - phew!
Thanks both.
Yeah, definitely store the 2FA recovery code on your emergency sheets.
You can use that again… Besides the 2FA recovery code, you can also store the “authenticator app (TOTP)” seed code on your emergency sheet. When you have the seed code, you can always set it up again with any authenticator app.
Yeah, you can’t use the same email address. Maybe use a “plus”-variant of your email address (like it is possible with e.g. Gmail), or use another alias. – I would let the Firefox extension untouched now, until you set up your new BW account and can verify that the import worked successfully.
… regarding your desktop app:
Agreed. 
Safely kept and reliably accessible emergency sheet is essential in keeping Bitwarden accessible to yourself and your family. So you may want to be covered this time around.
Suggestions for 2FA and backups include: 1) TOTP authenticator that can be backed up (encrypted), such as 2FAS or Aegis, 2) “Passkey” 2FA which you can use a) Windows hello (with TPM), b) Google password manager on Android, and c) FIDO2 security keys to store them.
Also, you can already see the importance of having regular backups: you could have recovered from this even without any logged-in clients.
