In between the password and URL fields, there is a field called “Authenticator Key (TOTP)”. I assume this is to make 2FA logins easier. How do I use this feature? What exactly would I put in the field? How do I go about using it? Or is it for something else?
Websites that allow you to enable 2FA provide you a QR code or a key. The QR code is only a graphical representation of the key.
This key is what you want to add to the TOTP field in bitwarden. You can either copy the key from the website if it’s provided in plain text or use Bitwarden’s mobile app to read the QR code.
When the TOTP key has been saved, you can see the generated code and copy it to your website. If you log in using the mobile app, the code is copied to your clipboard so you can paste it in the required field.
If you log in using the extension, you might have the TOTP code copied to clipboard too depending on what method you use to login (click on the login in the popup, use autofill on page load, use keyboard shortcut, …) and your browser.
This feature requires premium subscription.
1 Like
I just came to ask the same question. I don’t need to now, because an answer has already been given. Thank you. But …
There is no indication anywhere in the vault - creating or editing the login information - that says a premium subscription is required. Sorry, I should have said, there’s no indication that I can see that tells me a premium subscription is required.
For other things that I have gone to use, it has been clearly stated, as soon as I click into the field, that a premium subscription is required. I know then to ‘move along’. In this case, I have wasted close to … too long, searching for an answer, and then to be told that it isn’t available to me because I’m not a premium subscriber.
Premium is not required to store a TOTP authentication key in the login item, it is only required if you are going to generate a TOTP verification code using the integrated authenticator. If you attempt to do this from a free account, you will see the “Premium” designation:
1 Like
Thanks for replying so promptly!
Do you think that’s what the last answer said? Did I misunderstand what they were saying?
I have re-read that answer since reading yours, and I can’t see the same information in their answer as I do in yours.
Keep in mind that you’ve dug up and posted in a 7-year old thread. The comment posted by @Crocmagnon is more or less consistent with what I’ve just explained, although it contains some outdated information, and some ambiguous wording:
In the above sentence, “this feature” refers to the ability to generate TOTP codes, not to the ability to store the secret key.
The browser extension also has the ability to scan QR codes from an open webpage.
1 Like
Again, thanks for answering promptly.
Yes, I’m aware that I dug up a 7-year-old thread. However, I couldn’t find anything more recent which was even remotely relevant to my question.
I still don’t see it as referring to the ability to generate the code. But maybe, as you said, it is because of the ambiguity in the wording.
I’m happy to leave it there and not waste more of your time. Thank you for answering my questions and for being patient with me.
They wrote:
This is consistent with what I wrote above.
However, insofar as the word “this” could also be misinterpreted as referring to saving the authenticator key (which is described in the first paragraph of @Crocmagnon’s comment), their closing sentence is ambiguous (and the alternative interpretation is incorrect, regardless).
1 Like
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.