More than one TOTP per item

For example Kraken.com (Cryptotrading) uses a normal TOTP for login but I can also enable additional TOTP for withdraws/desposits and trade orders. It would be nice to be able to store them in one item.

This is also relevant when using LDAP/AD with 2FA:
I have one login item for my Active Directory account with a URL entry for every app that uses LDAP as auth backend.
Currently it’s only possible to store one TOTP in this password item, although every linked app provides its own 2FA token.

Since the AD credentials are currently used for about 10 apps (wordpress, jitsi, mediawiki, gitlab, netbox and so on), I would rather not create separate login items for every app - updating those would become pretty annoying. Also, the duplicate password finder would report those entries although they are actually the same account.
Creating login items with only TOTP and URL fields filled does not work conveniently - the generated token is not automatically copied to the clipboard since the login credentials were filled from another login item without a TOTP entry.

I think the best way to rework this would be to make it possible to provide multiple TOTP entries item-wide as well as URL-specific.
When a URL-specific TOTP and an item-wide TOTP are found, then the URL-specific should obviously be preferred if the URL is matching.

That way, @Blobby could define a general TOTP for the login item and the second one for the withdraws/desposits URL(s) and still have bitwarden autofill them correctly.
Same goes for my several LDAP backed apps.

2 Likes

I have the same use case as @davidwinterstein. Our company uses AD as much as possible, so I now have almost a dozen sites I can use with AD. But they all require a different TOTP 2FA token. I would love to be able to link a different TOTP to each URL filter attached to a login.

I guess no news in this one right?

Not at the moment, but this could be an interesting community contribution if someone felt so inclined :slight_smile:

2 Likes

Hmm… So… I’ll stay with Enpass - it can store more than one OTP in 1 login entry.