Locked Out

First time even, got locked out of Chrome Bitwarden Extension. Used the extension for about two years as well as the android Bitwarden app. I use 2fa, with Google Authenticator. My backup is to use the “Use this device to approve login requests made from other devices” feature from the Bitwarden Android app. Today, the Chrome Bitwarden Extension would not take the Google Authenticator code, nor the Bitwarden Android App couldn’t approve the Chrome Extension requests. Anyone have a clue? Thanks.

@Rick_Nornholm Hi!

My first guess would be, that your devices (the Android phone and/or the PC/Laptop) may be out of time-sync. TOTP is time-based… Try to manually sync to the current time on your Android phone and on your PC/Laptop.

The “login with device” is not a backup for 2FA as 2FA is still needed for “login with device”, so I’m not completely sure what you mean.

Further, I’m not exactly sure, if the failed login request could also be related to “unsynced time” between devices?!

Hi Rick, and welcome to the community!

1. Do you still have your master password? Is the master password stored in BW?
2. Can you describe the steps in more details about how you got to the point where “Bitwarden Android App couldn’t approve the Chrome Extension”, including the errors that you’ve got?

You are a genius! Syncing the time in the Google Authenticator did the trick. Thank you and I wish I could buy you a coffee. Thanks for the advice.

Dear Neuron5569, Thank you for reaching out. I got some advice earlier from Nail1684 that did the trick.

@Rick_Nornholm Glad, I could help you!

Some further and hopefully good advice again, since your thread title is “locked out”:

1. Please take this opportunity, to add your TOTP to at least one other device - or to write down and store in a safe location the TOTP seed code / secret key. If you don’t have access to the seed code anymore, then maybe first deactivate TOTP (in the web vault) and set it up anew, so that you can store the new seed code.

2. Write down / store your 2FA-Recover Code, if not already done. This is a last means, if you would lose the TOTP device(s) for login. See here for instructions: 2FA-Recover Codes | Bitwarden Help Center

I am not using TOTP since I don’t have a Premium account. I use the Free account. However, thanks to your advice about time sync, my Google Authenticator is now working. I have now also selected the “email option” so I have a second option for 2FA in case Google Authenticator isn’t working. Following your advice, I now have a 2FA recovery code stored in a safe, non-digital place. I still couldn’t get “log in with device” working. I’ve set my Andriod phone’s Bitwarden App to “approve login requests made from other devices” but nothing appears in the “Pending login requests” area. My phone does ping when I try to login to the Chrome Bitwarden Extension so I know something is happening. I’m not worried about getting that to work because I now have enough options that I should be OK.

Oh, I meant your “Google Authenticator for Bitwarden”. That is TOTP as well.