The process to log-in to Bitwarden in a browser, on accounts secured with Duo MFA, is unnecessary long and can be simplified. The process includes 8 steps:
- Click on the Bitwarden browser extension
- Confirm email, continue
- Enter master password, log in
- Click “popout extension”
- Click “Launch Duo”
- Approve push notification
- Close “Bitwarden successfully logged in” browser tab
- Close Bitwarden popout window
I believe that the following steps are all within Bitwarden control and can be consolidated/removed:
- Step 2 - Can be consolidated into the master password prompt screen (step 3) or default to the last used email.
- Steps 4 and 5 can both be removed since Bitwarden knows that I use Duo for MFA. There is no value in users clicking these two buttons. At the very least, these two steps can be consolidated into one step.
- Steps 7 and 8 - Automatically close both the browser tab and the popout window since it’s Bitwarden that opens them. There is no value for the users in these tab and popout window.
Thanks!