SMS (“texting”) is the only two-factor that uses the mobile “voice” network. Although SMS is much better than a password alone, it also is the least trustworthy of all the MFA solutions.
If the website(s) in question support TOTP, passkeys or even push-notification to their own app, they are all better choices.
My “home phone” VOIP provider (callcentric) does support SMS to my home phone, which I can then forward or read on their website. If you are stuck with SMS, maybe something like this will help.
And just to keep this on topic, Bitwarden does support TOTP in their premium ($10/yr) plan and they support passkeys for most sites (those that don’t require a hardware component).
Most of the financial institutions and medical portals we deal with have the option to send the verification code via either SMS or phone call. Only one uses TOTP, but they seem inflexible about the 20-second validity period which usually proves just a bit too short for the user to respond. In all cases for the security reason you noted, I have selected a voice call rather than SMS.
But my wife and I are facing a lengthy period in which we will not have cell-network connectivity. Reasonably reliable satcom connectivity via local WiFi connection is our only option. That will be acceptable, except for 2FA. Some institutions will accept recognizing our user devices, and to date that seems to be the only option. But it seems to not always work.
You suggest an approach I haven’t tried, but will now: checking with “land line” provider to see whether they provide a way to link between SMS and email. I’ve looked into SMS forwarding apps but of course they require an SMS receiver – and we’ll have our cell phones with us. So no joy there. What we (seemingly) need is a dedicated new phone number for a vendor that will transform any SMS input into an email and forward it to us. CRM tools for business will do that, but we’re not in that game. I haven’t checked for an option like the CallCentric one you mentioned but will DEFINITELY do that, and thank you for your comment!
Meanwhile things are looking a lot brighter on the Bitwarden-on-mobile-devices front. The Android tablet and cellphone are working well with Bitwarden. The iPhone and iPad are painful to use with Bitwarden, but yesterday evening it seemed clear there is a software issue that’s still present after OS upgrade to iOS 18.1.1 and iPadOS 18.1.1. Despite setting Bitwarden for a 15 minute usable period before locking, it appears that Bitwarden is being locked after 15-30 seconds because the issue causing massive annoyance is having to enter master password before username entry and again before password entry. I suspect that somehow the device’s OS is forcing this issue, but haven’t tried to quantify it yet. If you know of a work-around I’d love to hear it.
I just read the post from Nail1684 (#4 in this string) about problems of compatibility with iOS and then read the comments on the bug report from @marcolaux
(marcolaux (marco) · GitHub)
That made it seem possible that if I use a browser other than Safari, some or all of my problems might be behind me. However very preliminary results are not promising. Installed Firefox on my wife’s iPad but unfortunately the puzzling “early timeout?” issue requiring multiple password entries still is a problem.
I use Bitwarden on both my iPhone 13 and iPad Mini v5. I am running iOS 18.1.1. Bitwarden is working properly for me.
I agree that this screen is confusing because, as you say, it says “Autofill Activated” but then only gives you the option to “Cancel”. This provides something less than 100% confidence that enabling autofill will work. But, it is working for me despite this screen.
When I use autofill with my iPhone, a window temporarily pops up asking for my PIN but then disappears quickly when my face is recognized. So, I’m wondering if you have these Bitwarden settings (under Account security) toggled on: