I am relatively new at using BW. For the last week +, I have been trying to use 2fa (trying out Aegis Authenticator) by using an authenticator app. I have lots of trouble understanding exactly how to use it. I have googled and watched youtube videos, etc. I “think” I have finally got a little understanding of it (very little). So, today, I decided to change my master password. I had all sorts of trouble getting into my vault once it was changed. Fortunately, I had finally been able to get the “recovery code”. I had tried several times this week, but was not successful until today. I needed it about 30 minutes later as the 2fa app locked me out because I did not know the BW generated password for it. But, after dozens of trials, I finally got in and all is good now.
I do have a couple of questions:
1: Since I had to disable my 2fa app to get into BW, I think I have to get a new recovery code? The old one no longer works, is that correct?
2: I think part of my password problems had to do with the length, possibly, of the password or the field that you type it into. My master password is around 50 characters long. Sometimes, the password would end and then go back to the very beginning of the field and type in characters. Then sometimes the field would take the whole 50 or so characters without wrapping back on itself.
Is that something I was doing with my typing skills or could it be a bug?
For your second point, are you typing on a laptop? If so you may be accidentally touching the mouse pad and triggering a click. If not which version of Bitwarden are you using?
David, thx. I thought so, but, had so much trouble getting the first one.
Ghost, yes, I was typing on a laptop. It is brand new and I am not used to it, yet. For the past however many years, I have only used my cell. The laptop actually replaces my wife’s ipad that we have which I never used. I think I will not try to position my hands on the keyboard as I think you are right. I will continue with my one handed pecking. Hopefully, that will alleviate my problem.
If you go to vault.bitwarden.com and login then, under Settings and Two-step login, there is a View recovery code button. Press this and put in your password, you can then see and/or print it.
You can then check whether it is the same or not. My guess is that it is not but, never having to use one, I am only guessing.
The only reason to use 2FA (especially U2F) is IF the machine in question gets hacked.
The compromise of the password and username won’t get the hacker IN the vault on their machine.
Gandalf, it almost didn’t work out. What made it difficult was/is not being able to see the characters in some of the fields. So, you don’t know if you miss typed a character or not. Where you have the choice to see the characters, makes it a lot easier to find your mistake