Lost Android / Authenticator / Recovery Code, Have Browser Access

Any solutions when you lose your Android phone with your Google Authenticator preventing Bitwarden new phone / website login but can still access your Bitwarden account via browser extension?

Yes! Backup your Bitwarden vault now. Go to the browser extension โ†’ Settings โ†’ Export Vault โ†’ File Format = .JSON [Note: Do NOT export an encrypted JSON because if you lose access to your account, you can never decrypt the export file!].

Save the .JSON export in a safe place, preferably on an encrypted drive or in an encrypted container, such as a VeraCrypt/TrueCrypt container or if you are on a Mac, you can use an encrypted disk image. Alternatively, save to a USB flash drive and store it in a safe.

Also, if you had any file attachments saved in your vault, you need to download those manually (they cannot be exported in the .JSON file).

Now that your data is safe, try to find your two-step recovery codes that were generated when you setup 2FA. If you canโ€™t find those, chances are you wonโ€™t be able to get into your vault again. If thatโ€™s the case, you can delete your account and start over by importing the backup you exported.

Some helpful links:

2 Likes

Thanks David, backing up to JSON format was the first thing I did, so thank you for confirming that. Quick question; does Bitwarden allow you to delete the account and then use the same email address to create another account?

1 Like

Glad to hear you were able to save a backup before losing access. And yes, if you delete your account, you can setup a new one with the same email address. The only catch is that if you have a Premium subscription, it is tied to the account, not your email. So, if you do start over you will have to contact Bitwarden support to transfer your subscription to the new account. Hope it all goes painlessly!

1 Like

Some great advice from David above. I would just add, when you get set up again, make sure to save your recovery codes and, ideally, set up 2FA on more than one platform, e.g. Google Authenticator and Authy. I would strongly recommend having all your 2FA codes configured in more than one app, just in case you ever lose access like this again. I know Authy backup your codes so you can retrieve them on a new device - Google never used to, but I believe they do have a backup option nowadays.

2 Likes