Hey all, just tried this - but isn’t it extremely insecure to use login with device if the app that is approving the login is on the same computer as my browser that I’m logging in with?
So I’ve set up my Windows Bitwarden installed application as the “approving device”. Then I open the Bitwarden website in chrome and log in, and use “login with device”. On the very same device, the Windows app is open and approves the login.
This means that if someone steals my computer, they have access.
The concern that had been raised two years ago is a non-issue. If your laptop is stolen (or accessed without permission) while the Bitwarden Desktop app is logged in and unlocked (both of which are pre-requisites for being able to approve “login with device” on another client), then it would be trivially easy for the thief to steal all of your vault data directly from the Desktop app, without bothering to use “login with device” for authorizing a web app or browser extension session.