Getting TOTP to work on PC is a nightmare with Bitwarden

I bought Bitwarden Pro but I can’t get TOTP autofill to work.

I first migrated 100+ accounts from Google Authenticator to Bitwarden, and now I see my accounts in Bitwarden Authenticator. This is as far as I could get. I still have to manually open the authenticator app and manually copy the codes so there’s no difference and it’s still as annoying as any other app.

Now I want to get auto-fill working or at least have a way to get the TOTP easily on PC without opening the mobile app every time… but how?

In Chrome (PC) I have an option to “copy verification code” but it does nothing…

I have both the PC app and the Chrome extension and I can’t find where to copy TOTP codes from. In the PC app there is another option to “copy verification code” and again it does nothing.

If I go to my vault on the PC app and search the website through thousands of entries, then I get an option to copy the TOTP code for individual website, but the process is annoying and even more complicated than opening a mobile app. There is not even a dedicated window regrouping all of the TOTP codes like every single mobile app in the world…

If I go to the Bitwarden mobile app (not the authenticator) then it says I have only 3 TOTP codes yet I have more than 100 in the authenticator app… WTF is going on? Are Bitwarden and Bitwarden Authenticator two separate apps managing codes separately? How the hell am I supposed to sync them or batch add QR codes from google authenticator to Bitwarden Password Manager and not the authenticator? In the PC app I can’t even see how many verification codes are stored like in the mobile app under the “vaults” tab, this app is so bad…

Bitwarden is so confusing and frustrating, this is the second time I buy it and the second time I hate it and regret my decision. I literally have 4 different Bitwarden apps installed and none of them give me a way to copy the damn TOTP code

1 Like

@ungovernable Hi!

To answer a first question:

Yes, the Bitwarden password manager and Bitwarden Authenticator (App) are two separate things for the moment.

The Bitwarden password manager has more than one app - browser extension, desktop app, mobile app, web vault, CLI… those are all apps of the Bitwarden password manager, accessing “your vault”.

The Bitwarden authenticator app is relatively new and is “separate” from that. Though, a sync option with your Bitwarden account/vault is planned.

Here is a bit more info for the authenticator app: Bitwarden just launched a new authenticator app. Here’s what it means to users. | Bitwarden Blog (at the end of the article is a roadmap, where sync is mentioned)

BTW, the Bitwarden password manager has an integrated authenticator, so it might create more clarity in a request, to make it clear when you speak of the (dedicated) authenticator app and when of the integrated authenticator (of the password manager).

1 Like

… and yeah, as there is no sync between the authenticator app and the password manager (not available yet - but planned), that explains it here… From what you wrote, I guess you have the “more than 100 TOTP seed codes” in the authenticator app - and so it is expected, that they are not automatically there in the password manager, i.e. in the quote: your Bitwarden mobile app, accessing your Bitwarden vault. (in your vault seem to be only 3 TOTP seed codes then at the moment)

1 Like

Thank you for the fast reply.

So if I understand correctly, Bitwarden Standalone Authenticator is just another app like Google Authenticator and all of the stuff I am seeing and reading about copying codes on PC app or Chrome extension is based on the built-in authenticator inside Bitwarden main app and not the standalone authenticator app. So since I bought the pro version maybe I should use only the password manager and just uninstall the standalone authenticator app.

Let’s start with the beginning

  1. I’m looking for a multi-device 2FA solution that let me add a TOTP on PC and view it on mobile or vice versa. Whichever device I am using, I need to be able to easily copy the codes (auto-fill would even be better) without opening the other device. Can you confirm this is possible with Bitwarden Premium without having to add the QR codes twice on PC and mobile? I understand there is no sync between the standalone authenticator and the main app, but if I manage to add all the TOTP inside BW password manager, then will the PC password manager sync with the mobile password manager for the TOTP codes?

  2. What is the process to migrate 100+ accounts from Google Authenticator to Bitwarden? I have already exported the QR codes from Google app, I found how to add them in batches using Bitwarden Standalone Authenticator but I can’t find an easy way to batch add in Bitwarden password manager?

Correct…but as written above: for the moment correct. I guess Bitwarden is working right now on the sync feature between the authenticator app and the password manager…

Well, I don’t know what you have been reading! :sweat_smile: But yes, if you read something about “PC” and “using the browser extensions”, then that would be Bitwarden password manager - and not the dedicated authenticator app.

For the moment: sounds like it.

Yes, that is possible. If you add the codes to your Bitwarden vault, it doesn’t matter from which of the apps (mobile, browser extension, …) you access them.

I think I just answered that. The PW manager apps sync with the vault, so, yes.

Well, that is the ugly part… there is no dedicated “TOTP seed codes import function”. I’m not sure myself. Theoretically, a CSV could be used to import everything. (that CSV must be conditioned, then)

In the worst case, you’d have to do it manually, code by code. (the “batched” QR codes can’t be imported directly, I think, as scanning a QR code with one of the Bitwarden apps only adds one code for one login item - but there are QR code readers and I think it should be possible to extract the info from the QR codes, to use them e.g. for a CSV file)

But I think, it was discussed not long ago here somewhere - I would suggest, search for something like “Google authenticator import”…

Or maybe someone else can chime in here.

(BTW, if you want the auto-fill function on your PC and mobile etc., I think you would have to set up more info in the login items then, like username/email, password, website URL and the TOTP seed codes… the URLs are important, so that Bitwarden “knows”, which of your login credentials - including TOTP codes - correspond with the current website or app…)

PS: Ah, just saw @grb 's post. Do what he says regarding import/export. He’s much more competent than me in these questions.

2 Likes

Yes & yes.

 

Since you already migrated from Google Authenticator to the Bitwarden Standalone Authenticator app, you can use this method to export a .JSON file from the Bitwarden Authenticator:

You can then import the .JSON into your Bitwarden Password Manager, using the following instructions, and selecting “Bitwarden (json)” as the file format:

 

However, beware: If your Bitwarden Password Manager vault already has data for the login credentials (username and password), then importing the TOTP data from a .JSON file will not merge the data — you will get separate vault items for the TOTP data.

As a work-around, you could export your TOTP codes from the Bitwarden Authenticator in .CSV format, export your vault data from the Bitwarden Password Manager in .CSV format, then manually combine them (which would primarily involve sorting both files in a way that all rows line up, then copying the login_totp column data from the Authenticator export into the same column in the Password Manager export). You would then purge the contents of your Password Manager vault, and import the consolidated .CSV file.

Obviously there are risks involved if you are purging your Bitwarden Password Manager vault. Depending on what type of data you have in your vault, and whether you have backups, you may need additional guidance to prevent data loss.

2 Likes

Thank you for clearing up the confusion about the standalone authenticator app. I will now focus on the main password manager.

That’s what I did initially, and the first result on Google was this page which brought the initial confusion with the standalone authenticator app
Import and Export | Bitwarden Help Center.

I was thinking that the function for base domain matching would solve the problem of differing URLs in mobile versions of websites. Am I missing something?

Is there any estimate when this feature is available to decide if it’s worth waiting or if I should go with the other solution suggested by grb?

Oh wow this is smart, thank you for this. Sounds like the ideal solution, I just did the export.

This sounds like a lot of work, but I guess I already have to do it because right now my vault is a mess. I already have a lot of duplicates to remove because I imported passwords from Chrome, Opera and LastPass

It’s a fresh install from 3 days ago, I only did imports. Since I did not add data manually I don’t think I’m at risk of data loss? If so, I could rebuild it from the browsers & lastpass export files

1 Like

:sweat_smile:

If I understand you correctly, then no, you don’t miss anything, I think. - What the best matching is, might differ on the usage. Initially, I just wanted to make clear - since you mentioned autofill - that the TOTP seed codes alone aren’t enough for that. But you got that already!

I would add to URIs, that

  • you can add more than one URI to an item (some websites have more than one domain)
  • you can set up the default matching in every app separately (so the mobile app can have a different default than the browser extension)
  • and in a login item, you can set a URI matching for every URI separately (and that would then override the default URI matching setting)

BTW, if you didn’t find it already - that is the place to go if you want it in more details: Using URIs | Bitwarden Help Center

We are not members of the Bitwarden team here. So we are “agnostic”. - My gut feeling was, that it might be near… but since the browser extension needs a little more attention at the moment :sweat_smile: my gut feeling now tends to “yeaaahhh, maybe there is another delay…”. But as implicitly written before: I don’t know - and may be totally wrong.

1 Like

If you still have all of your export files, I would probably proceed as follows:

  1. Purge your vault.
  2. Use the appropriate import tool in the Bitwarden Password Manager to import one of your export files (e.g., use the Lastpass import tool to import your Lastpass data).
  3. In the Bitwarden Password Manager, export your vault in .CSV format; give the .CSV file a unique name.
  4. Purge your vault again.
  5. Now repeat Steps 2–4 for all of your other export files (Chrome, Opera, etc.). This should give you a collection of .CSV files that use a consistent format (the format used for Bitwarden .CSV files).
  6. Use a spreadsheet app (e.g., Excel) to combine all of the .CSV files from Step 5 (i.e., copy and paste the column data into a single file, which should have a single row of column headers at the top).
  7. Almost all spreadsheet apps provide functions for deduplicating data (e.g., instructions for Excel are available here). Use these functions to eliminate duplicate entries from your combined spreadsheet, then save the deduplicated .CSV.
  8. Now use the approach I had suggested above to line up your Bitwarden Authenticator export with the Password Manager export (the combined and deduplicated .CSV), and copy over the values from the login_totp column. Save the final .CSV.
  9. Import the final .CSV into your Bitwarden Password Manager vault.

The main complication would be if any of your exports contain items other than login items or secure notes (e.g., if the Lastpass export also contained credit cards, etc.). If this is applicable to you, please advise, and I will try to revise the strategy for you.

1 Like

BIG thanks to both of you for the help! For anyone coming across this topic - the instructions provided by @grb are perfect, it’s the right way to do it.

I followed your instructions and after a few hours of work, I now have a combined CSV with over 2000 logins and duplicates removed. I didn’t expect the final number to be so big so maybe I missed some duplicates or maybe I just need to do a cleanup lol.

The only unexpected issue I had was that some URLs in my LastPass export didn’t match with the URLs from the Chrome export. The solution is to search and replace to remove “www.”, “http://” and ‘https://’ to make the names unique.

Now I am at the final step of merging the CSV export from Bitwarden Authenticator. But how do I standardize the CSV structure? There are 2 additional columns with some numbers

My guess is those columns don’t matter and maybe are just for specifying 30 seconds expiry and 6 characters TOTP (all rows have same numbers), but I just want to confirm

Also, are you aware of any way to migrate passwords from Samsung Password Manager on my old S21? I just bought a Pixel Pro 9 and it didn’t migrate them. If I understand correctly Samsung doesn’t provide any way to export unencrypted csv

And last question, does BitWarden save passwords from Android apps? For example, I order pizzas through a local pizzeria app that uses a white-labeled Mealsy app (not sure if it’s considered an app password or if the app uses a built-in browser). On my S21 it remembered my password and saved it as “mealsy.ca” but with the Pixel + BitWarden it doesn’t ask or remember anything.

1 Like

Is the Excel screenshot from the Bitwarden Authenticator .CSV export?

Can you open the same .CSV file in a text editor (e.g., Notepad), copy the first 2-3 rows, and paste them here (after replacing sensitive information with some dummy characters (like xxxxx)?

To ensure there is nothing important lost in the copy/paste, do place the cursor on a new line in the forum’s comment editor, then click the </> button in the top menu, and subsequently post the .CSV file contents where it says “type or paste code here”.

Yes, it’s from Bitwarden Authenticator CSV export

folder,favorite,type,name,login_uri,login_totp
,,1,xxxxxxxxx.org,,otpauth://totp/xxxxxxxx&algorithm=SHA1&digits=6&period=30&xxxxxxx,xxxxxxxxxxx.org,30,6
,,1,Facebook,,otpauth://totp/Facebookxxxxxxxxxx&algorithm=SHA1&digits=6&period=30&issuer=Facebook,Facebook,30,6

When I’m done adding the TOTP URI to BitWarden, how will I manage the codes on PC? I still can’t find where to see a list all of the TOTP codes on PC without having to search through my 2000 logins, just like a normal authenticator.

And how will I add new codes from QR codes when using PC? The more I think about it the more I realize it may be better to wait for a mobile app that scans the QR code and sync with PC

How do you guys manage your 2FA codes across devices? Maybe it can give me some ideas

Here you can see how you obtain app specific URIs: Obtaining URIs for mobile apps

And you may should have a look into this Autofill Logins on Android | Bitwarden Help Center and this Troubleshooting Android Autofill | Bitwarden Help Center for autofill on Android.

Of course, to “get asked”, you have to activate Bitwarden as an autofill service in the mobile devices settings - and in the Bitwarden app under Settings → Autofill → Additional options → “Ask to add login”

Samsung-specific things I cannot address, as I have no personal experience with the current Pixel devices and Samsung Pass…

The integrated authenticator of the browser extension also has a QR code scanner (for the current screen/webpage). See here: Integrated Authenticator | Bitwarden Help Center

What do you mean by “manage” now exactly (besides adding and using them)? - Okay, agreed, an overview of “all TOTP items” like in the mobile app, would also be useful for the browser extension - at least for having an overview about them.

Some people - as a workaround - add in the item title something like “(TOTP)”. That way, the search function is able to show them all. (but I guess, you already have too many items, to add that now manually in every item?! :sweat_smile: )