Segregation of Passwords && TOTP

I searched, but couldn’t find anything. Apologies if this has been suggested before.

Feature name

Separate TOTP master login

Feature function

- What will this feature do differently?

Currently, user pass and TOTP login data are all stored in one place (if you use the 2FA built into BitWarden). This is bad practice and essentially locks all a users logins behind a single password and reduces 2FA protection.

I propose that there is a secondary master login (whatever you want to call it) which is required to be different to that of your masterpass, and is required to access TOTP stored codes/generated codes.

- What benefits will this feature bring?

Better security for users. Anyone currently storing all three elements of their login data in BitWarden is relying on a single password to protect all of their accounts.

More convenience. No one would need to use two services (one for passwords, one for TOTP codes) to remain properly secure any more.

Those who object to having TOTP generation and passwords stored in the same software/on the same device [1] would not be satisfied with this. They would still say, “but what if your vault is somehow broken open?”

[1] the precise objection varies by person.

You’re not wrong in some senses. That holds true if the TOTP data is stored using the same encryption as your main vault and on the same physical server. I should have expressly stated to be clear:

The TOTP master login would encrypt its own data as a key (just like the normal master login does) and ideally would be hosted in a separate physical location.

In the event that the data remains physically stored in the same location, this solution still provides massive improvement to security over the current implementation for existing users who are not as hard line on physical segregation.