Mystery 2FA issue

Hi,
I had to factory reset my new pixelbook today.
Now I can’t log into my Web vault. It is asking for 2FA.
I have 4 authenticators, and none have Bitwarden 2FA set up
Further, I am in my vault on my phone, and 2FA does not appear to be set up
I don’t recall setting it up
I can’t find an alternative rescue method saved in my drive.
So I am baffled.
Can anyone help, please?

First thing I would do in that situation is backup my data. So on your phone start Bitwarden, go to Settings and then look for Export vault.

1 Like

thanks. i will do that im transitioning from lastpass, so i have most of my stuff there, but i will take the latest bitwarden data to my drive while this is an issue.
good suggestion!

Now about the your issue. Never have seen, read or heard about this. So to me this is also a premiere.

Is perhaps 2FA via eMail offered? While this option is a very bad 2FA method it might be the easiest solution right now.

Did you put your Bitwarden credentials into Bitwarden? If yes, look it up and check if you also saved a Recovery key.

No, Peter, I tend not to save master passwords in either password bank. Just as a paranoid precaution, not that it makes that much sense now I think about it. However, I do have a biometric and a pin login on my phone.
So it is not like I am locked out; however, as far as the web vault goes, it asks for 2FA, which I don’t believe was ever set. Surely that would appear in my app settings, where I can clearly see biometrics and PIN are enabled. Are they two separate vaults? Or is the web just another way into the vault? It’s looking like a John Lennon solution, i.e., “Starting Over.”

No matter how many devices you use for one account it is a single vault. If you are sure that you have got all data this idea about starting over might be the easiest and fastest solution. However, if time is not an issue then perhaps leave it like this for the (extended) weekend. (Over here it is Easter and both today and upcoming Monday are holidays.) Other people might have an idea to solve this issue.

Otherwise you might want to follow the steps mentioned here:
https://bitwarden.com/help/article/lost-two-step-device/#dont-have-a-recovery-code

Its catch 22 with this one, in order to set up 2FA or email recovery on my phone, I need to login to the Web Vault, to do that I need a 2FA code, this is why Im confused.
Im very busy with a lot of transitional prjects, so I may have set up 2FA but its not like one can do so, and abandon it halfway, youre either going to have a 2FA widget for a site if its set up, or one is not set up! I just cant understand it at all.
I also have bitwarden as a browser extension, it asks for 2FA as well! Have I been hacked?

Out of caution, Im going to start over, but this is very strange. Nothing adds up other than bad actors, my pixelbook crashing, and now this…

If this would be the follow up of an attack a question would remain: From where could a hacker have got access to your Master Password?

I’m just musing. It’s bizarre. Setting up 2FA is not something that tends to go this wrong.
But the system must be right, and I must have screwed up big time somewhere somehow, and THEN forgotten I ever set up 2FA as well! I’ve only been running Bitwarden for about 6 weeks. I haven’t checked in Lastpass, but I’m running that down, so it is unlikely to be in there.

Perhaps you didn’t follow rule # 1 when setting up or changing passwords or 2FA:
Take your time and focus. If in that moment you don’t have the time and/or under stress don’t do it. Leave it as it is and instead do it later.

1 Like