I tried searching for a similar issue but couldn’t find one. My wife and I both use bitwarden. We have a default collection that we share between us. Anyway, she got a new phone and I stupidly didn’t remember to backup her authenticator app prior to switching to her new phone. Now, we don’t have access to the old phone so she is locked out of bitwarden currently. However, she was logged into a browser so we were able to export the vault without an issue and retain all of her passwords.
Here are my questions. Is the best route to just delete her account and create a new one? Can we create the new one with the same email once it is deleted? Can support just temporarily remove 2FA so we can set it up again? If we do end up deleting, will I have to add her back to the shared collection or will it automatically happen if it is the same email address?
Just trying to figure out the best route forward. Luckily, we have all the passwords but she just can’t login to bitwarden on her phone yet.
You’ll want to delete the account following the instructions here. We can’t disable 2FA for security reasons of course.
After deleting the account, you can create another with the same email, and then you’ll need to re-invite her to the Organization and assign access to the appropriate collections. Then you’ll be all set!
Hi @Lloyd_Folden! If you’ve lost 2FA access, I don’t believe there’s a way to recover the vault unless it’s tied to an Enterprise account with the appropriate configurations. If you’ve made vault backups recently, you may wish to delete your account and import from a backup. @bw-admin may have more information though!
Hey @Lloyd_Folden do you have the recovery code or vault backup?
Is this for an individual or business account? If you’re part of an Enterprise account and your admin has control of 2FA via identity provider, that is also an option.
I accidently deleted 2FA from phone (well, I deleted one of 2 BITWARDEN entries and it deleted both, don´t know why) and did not save my recovery code when created account. But I am still logged in with my phone. What can I do in this case. I already exported the vault and prepared to delete my account and create another one, but is there an easier way? Thank you
Do you have a device/browser that satisfies the following conditions?
You have used that browser to log in to the Web Vault (vault.bitwarden.com or vault.bitwarden.eu) within the past 30 days.
When logging in to the Web Vault within the past 30 days, you checked the “Remember Me” option to waive the 2FA requirement for future logins on that browser.
Since enabling “Remember Me”, you have not cleared the browser cache.
Since enabling “Remember Me”, you have not used Bitwarden’s “Deauthorize Sessions” function, or made account security changes (e.g., changing your master password, KDF settings, etc.).
If all of the above are true, then you may be able to log back in to the Web Vault (and get your 2FA recovery code or disable the 2FA manually). However, if you have no way of getting back into your Web Vault without 2FA, then it seems you will have to start over with a new account.
P.S. Make sure that your vault export is an unencrypted .json file. If you have a Premium subscription, you will need to separately download any file attachments that you have uploaded to your vault, as file attachments are not included in vault exports.
