I’m using a yubikey as 2FA to my Bitwarden account, and am a bit puzzled by the ”Remember me” option when logging in with the yubikey; remember for how long?
I believe LastPass (perhaps, might have been some other site with 2FA) specified it to ”remember me for 2 weeks”, which felt like a good balance between entering 2FA all the time and being remembered forever (effectively disabling 2FA).
Coming to think about it, it was probably a different site than LastPass, bur can’t check now – no longer a Premium customer with LastPass, all gone Bitwardenite now
In lastpass, devices need to be reauthorized after 30 days unless you turn off the check. I don’t think Bitwarden ask to reauthorized device after 30 days. You are not disabling 2FA though. You would still need to enable it for new devices. On the downside is when you switch to a new product, the features are not exactly the same. Some may be inferior, some may be better. IN this case, I think its inferior in terms of customizing your 2FA behavior.
On the plus side, Bitwarden supports U2F in windows. Last Pass only supports Yubico OTP, which means it’s only roughly on the same level as TOTP and can be phished. U2F is virtually unhackable and you can use a cheaper Yubikey security key. Unfortunately, not every Bitwarden client supports U2F.
Welcome to Bitwarden!
The ‘Remember me’ function lasts for up to 30 days as outlined here: Bitwarden Security and Compliance Program | Bitwarden Help & Support under ‘Additional User Data Protection when enabling Two-step login’.
Please do not hesitate to reply if you have any further questions,
It’s nice to know that the ‘Remember me’ function lasts for 30 days.
But how can I get rid of it now and change it back to NOT remembering me. Or do I have to wait for a month?
Hi Jan. You can Deauthorize Sessions to reset your 2FA on all your devices by logging in to the web vault and go to Settings → My Account. The button is at the very bottom of the page.
Note that this resets ALL your remembered devices so that you will have to use 2FA on your next login for all of them. And be sure that when you login again that you clear the “Remember Me” option first, of course.