Is 2FA used as part of vault encryption

Does bitwarden use 2FA for vault encryption or only for authentication?

1 Like

“…Bitwarden salts and hashes your master password with your email address…”

Source: Encryption | Bitwarden Help & Support

1 Like

2FA is only used for authentication. I don’t know of any encryption that can use 2FA because the code changes all the time.


It is not the 2FA TOTP that would be used for encryption. It is the shared secret used the generate HMAC. Cryptography is hard. I don’t blame you for not getting this. Luckily there are much smarter people than me constantly advancing the technology. I just know enough to audit the code to make sure it’s secure. And that is why we Open Source. :peace_symbol::heart::rainbow:

1 Like

Your comment seems like it’s trying to insult me on a misunderstanding you have.

The TOTP secret is not used for encryption and it would be pointless to do so. The secret is stored on the server (often in plaintext) and using it for encryption would be just as bad as the server storing your naked master password.

2FA is not used for encryption, only authentication.