It would be nice from a security point of view received an email notification and mobile app notifications:
- every time a new session is opened in bitwarden from a new device
- every time a session is opened from a country/region different to the usual one. The second phase would be to add this feature: Restrict account access to certain countries/IP ranges - #9 by l0rdraiden
- every time there are X consecutive login attempts failed from the usual country.
- every time there is a failed login attempt from a country that is not the usual one.
- every time the password is introduced succesfully but the session fails because the 2 step verifications fails or is not used. (Someone knows your password but wasn’t able to login due 2FA)
The email will contain all the information available about the attempt like the IP, time, browser, location, etc. In addition there should be a log in the web interface to see all the details of the sessions and login attempts
It would be an easy way to provide useful information in case there a breach in the account, or someone is having some interest on it. So you can react on time.
Might be a premium feature?
BTW we have this vote system… but is there a roadmap somewhere so we can understand what is the direction of bitwarden and if the suggestions here are included or not?