MFA in multi-user environments

Hi all,

this isn’t really a Bitwarden question, but might be related to some.

In our organisation, we have quite a few accounts that are shared by multiple users. I know the better option would be to have sub-accounts - but for some reasons this is not an option (e.g. we are not willing to share more PII than needed with a given organisation).

Now, there is a growing trend to set MFA on admin or main accounts. This for obvious reasons (it certainly increases security by a factor 1.000.000). When working in the office, we had a phone lying there that handles all the MFA (google authenticator, sms, …). Now, with all the remote work - does anyone know a solution to still have MFA but have it to multiple users?

TOTP (that is what apps like Google Authenticator or Authy or of course Bitwarden use) can be used on multiple devices / apps at the same time. To do this you will have to save either the initial-QR-code or the “Authenticator Key” (a text that looks like xxxx xxxx xxxx xxxx): and provide this to everyone who needs to have it.
About SMS, something like this might be helpful:

Please note, that I have not tried it myself.
A personal recommendation: Where-ever possible, get rid of 2FA/MFA via SMS.

One of the reasons this is bad is that it breaks your audit trail. If you have to investigate, how do you know who delete that file, or modified that log, or transferred those funds, etc.?

I agree with you there… but one can only change a culture one step at the time. The fact that some accounts are also just so darn expensive, also doesn’t help.


This isn’t the exact answer question, but I believe it’s close. Here’s a comprehensive list of SSO providers and… their (listed) prices! Listed because they get on the naughty list for making you dig.

And guess who’s among the cheapest?