I’d like to be able to set up my Bitwarden Authenticator app(s) to require a PIN to get into the app, instead of biometrics. The PIN should allow at least 8 digits.
This is for defence in depth, a key principle in security. If for some reason an attacker is able to spoof my phone’s biometrics, I don’t want them getting into my Bitwarden Authenticator app too. Have a PIN or password will block them.
How to handle multiple incorrect PIN guesses (e.g., 5 wrong guesses): The only way to do this that I can see it to introduce a password to serve as a fallback. If I make 6 wrong guesses, the PIN will be disabled and I’ll have to enter the password. This is how the Bitwarden mobile apps work.
BTW, I would think that this password would be useful as a fallback for the biometrics unlock too.