Hello,
is it possible to set up that you have to go through 2 or more 2FA verifications when logging in on a new device? e.g. 2FA app and email code.
@XHyperDEVX Welcome to the forum!
No, this is not possible. Could you provide more information about why you feel that something like this is necessary?
@grb
Thanks 
I think it would be a step to drastically increase the account security again. Let me explain it with a fictional scenario:
I have a Bitwarden account with all my passwords + 2FA via auth app and email.
But now someone hacks my email address, finds out that the account is registered at Bitwarden and cracks my password there as well. Then you have to pick one thing to get through the 2FA. Since the hacker already has access to my email account, the 2FA is useless in this case.
If you had to go through 2 2FA authentications, the first one would go to the email that the hacker has, but then you would still have to retrieve the code on my phone. And of course the hacker doesn’t have that.
You can also turn the whole example around so that the hacker has access to the cell phone [e.g. stolen?], but not to the email.
I think it is not absolutely necessary, but it would be a simple step to allow users to make their account more secure.
Well, a pre-requisite for using Bitwarden as intended is to create an uncrackable master password. In practice, this means that your master password should be a unique, randomly generated passphrase containing at least 4 words that have been randomly selected from a word list containing a minimum of 6000 words.
Likewise, your email account should be secured by a unique, uncrackable password (in this case, a random character string consisting mixed-case alphanumeric characters and special characters, and having a length in the range 13-41 characters), as well as some form of 2FA.
I just think it would be an extra layer of security that doesn’t require much effort but is very effective.
Is there any way I can submit this as a “feature request”?
Yes, you can submit a feature request by making a post in the Feature Request section of the forum.
Thank you!
I opened a feature request here.