I have access to Bitwarden through the browser app and the iPhone app. However, when I tried to log in to vault.bitwarden.com, I am asked for the code from my authenticator app. I have Raivo set up on my iphone, and I have used it successfully before. However, when I opened the app on my phone this time, the app had lost all my information, and it asked me to set it up again from the beginning. As far as I can see, this means that there is no link between Bitwarden and Raivo any more, and all I can do is to remove 2FA using the Bitwarden Recovery Code. I have this stored safely, but when I enter it, I am told that I have entered incorrect information. I have triple checked that I have entered my email address, my master password and the recovery code correctly. I have typed them in manually, as well as copying and pasting from the information I have stored within Bitwarden. It still tells me that I have entered incorrect information. Is there anything more I can do?
That is not completely true. If you had the TOTP seed code, you could set up any TOTP-app again with that same seed code and you could login to Bitwarden again.
Okay, so that also means, you try to login to the right Bitwarden server (email and master password seem to work).
First thing I would look for, whether there may be ambiguous characters, e.g. a zero instead of an “o” or vice versa (or in other words: maybe you got some typos…). Another possibility would be, that you once used that recovery code, then got a new one, and didn’t store that new code.
You don’t have other kind of 2FA set up for Bitwarden, like email or FIDO2?
If that all doesn’t work, you’re pretty much out of options and if you have any Bitwarden app still opened, turn off the internet connection there, try to make an export of your vault (attachments and some other things would be to exported manually), and maybe you have to set up a new account and delete the old one after that.
PS: Maybe you have a backup of your Raivo-data? That would be another option, if available…
Also, try the recovery code with spaces, and without spaces. What I have heard from other people before is that although the code is presented to you as having spaces between the groups, it should be entered without spaces, although I haven’t heard people reporting the result of doing either.
Good theory! However, I just tested it, and the code does also work if spaces are included.
@Christopher_McLean Welcome to the forum!
Are you 100% sure that you have not ever used the 2FA recovery code in the past? It’s a one-time use code.
Also, do you remember how/where you obtained your “Bitwarden Recovery Code” to begin with? Is it possible that the code you saved might just have been the authentication key that was provided by Bitwarden when you first set up TOTP for Raivo?
Does the 32-character code that you saved in your vault include spaces between each group of 4 characters?
Thanks for all the replies.
I have no memory of having used the 2FA recovery code in the past, but it is always possible that I did. I am 70 years old, and I can be rather absent minded.
The recovery code that I have listed does have spaces between each group of 4 digits, and I have tried it with and without spaces. There is one “0” in the code, and I have tried it both as a zero and as a capital letter O.
I don’t think there is any chance that I have mistakenly listed a Raivo code, as I copied and pasted it from the Bitwarden website, including the information “To use your recovery code, navigate to Bitwarden Web vault”.
I sent a message to the Bitwarden help desk, and I was most unimpressed by their response. They simply told me to do all the things that I had listed in my email as having already done. It appeared to be a classic form reply to my general issue, and I don’t think that they even read the detail of my email.
I think I will have to delete my vault and then restore my data from a backup I have just done. Does anyone have any advice about the restore process? Is it simple and straightforward, or are there any pitfalls I need to watch out for?
-
Make sure that the export you make uses the
.jsonfile format, or you will lose a lot of information. For security purposes, it is recommended to choose the.json (Encrypted)format, but if you do so, it is critically important that you specify the “Password-Protected” export type (and not the “account -Restricted” type) when given the option. -
Do you have a Premium account? If so, you should copy and paste the expression
>attachments:*into the search bar of any non-mobile app (e.g., the Desktop app, the Web Vault, or a browser extension). This will pull up any vault items that have file attachments. File attachments are not included in vault exports, so you will have to download those files one-by-one, and make a note of which vault item each file had been attached to. -
If you use Bitwarden’s “Send” feature, then you should probably review the “Send” dashboard to ensure that there are no “Sends” there. If you still have “Sends” that are actively being used, then you will need to preserve those manually (e.g., download a copy of any file sends, or copy the contents of any text sends). “Sends” are not included in the vault exports.
-
If you have a Premium subscription, then it is possible to transfer your subscription from your old account to your new account. Once the new account is set up (and after you have downloaded all file attachments that may have been attached to vault items in your original account), contact support to request a transfer of your Premium subscription.
-
I would recommend setting up the new account using a new email address. Many email providers allow you to created alias addresses (which are delivered to your regular account mailbox), by adding a
+followed by some arbitrary text. For example, if your current Bitwarden email is[email protected], then you can use[email protected]as an alias email for your new account. In the end, after importing all of your data, transferring any active subscriptions, and deleting your original account, you have the option to change your new Bitwarden username back to the email address that you are currently using for your original account. -
When importing your exported data into your new account, specify
Bitwarden (json)as the file format. -
After you have confirmed that everything was imported correctly, and that you have downloaded all files and sends from your original account, and after you have transferred your Premium subscription (if applicable), then you should delete your old account.
-
You will have to manually re-attach any file attachments that were downloaded from the original account, and you’ll have to manually re-create any Sends that you had set up in your original account (in which case you will also need to distribute the new Send links to the recipients of each Send).
-
As noted above, if you wish to return to using your original Bitwarden email address for your new account, you can change the email address in the account settings of the Web Vault.
Thankyou for your detailed reply. I have never added any attachments to my vault, and I have no idea what a “send” is, so I don’t think I have to worry about them. I have looked at the Bitwarden instructions about importing data, and they have detailed information about importing from a range of other password managers, but I can’t see any specific instructions about importing from a Bitwarden backup. Have I missed something? I’m sorry to be asking such basic questions, but I’m really worried about making a mess of the process.
If you log in to the web vault ( vault.bitwarden.com / vault.bitwarden.eu ) and go to the import section, between other things you can also choose the file format. On the top of the list there should be something like “Bitwarden (json)” and even “Bitwarden (csv)”. - Just choose the file format you chose for export - as suggested before that should usually be “json” (and for the rest, stick to the general import guides).