So I have the Microsoft Authenticator App that I use for bitwarden two step login on my phone and that phone is broken and won’t turn on.
I tried to login from a new phone but it ask me the two step login code as you I know I can’t access my older phone and I also forgot to write down the recovery code.
How can I login to bitwarden from my new phone??
I still have access to bitwarden on my tablet but when I try to find the recovery code it sends me to the website and ask me the two step code lmao
That is why you should also have at least a 2nd completely different method of 2FA like a YubiKey or DUO.
However, from my understanding is the Microsoft Authenticator connected to your Microsoft account. So I would install the Microsoft Authenticator on my “new” phone and log in using the same Microsoft account I used on my old phone. And then I would expect to see all my 2FA-data I had on my old phone.
Finally: Once you will have solved this issue, go to https://vault.bitwarden.com, log in, click onto your profile picture → Account settings → Security → Two-step login → View Recovery code → Re-enter your Master Password and then write down the Recovery code and store it in a secure location which is NOT inside your Bitwarden account.
The settings changed but I found the recovery button and I still can’t see my bitwarden account listed. I tried Google Authenticator but it asked me to scan a QR code on my old phone.
I only have 2 options here, authenticator app and recovery code.
Actually, email-based two-step logins are available to free accounts. What you are seeing, @Giantoss, is the specific methods that are available on your account currently, meaning you have not setup email 2FA yet. Had you set it up, it would appear in that list as a login option, also.
I was merely pointing out that the 2FA-email feature was always available to you, but you are choosing not to use it. You said you were confused why Bitwarden doesn’t offer it to free users, but it does.
And yes, if you also chose to ignore Bitwarden’s warning when you setup two-step login to save the recovery codes, then you may be locked out of your account on an un-trusted device. You may also eventually get locked out of your tablet when its ‘trust’ expires and you are required to re-login on the tablet with 2FA.
So, what you should immediately do is go onto your tablet and export a backup of your BW account. If you are currently logged in on the tablet, then all you will require is your master password for the export. Once you have the export in hand (you need an unencrypted JSON format), create a new Bitwarden account and import the file with your vault info, and you can start again from scratch. Once you have confirmed that the new account has your info, then you will need to delete the old account.
Here is a link to a guide on how to best backup your data and your two-step login method:
No I was confused why the 2FA-email is not available by default as every website (google, yahoo, microsoft etc) have 2FA-email by default and I don’t have to turn it on on that websites.
I contacted bitwarden team and they gave me the same answer. thank you.
You almost always have to enable 2FA - not many companies force you to use it. Google have recently started defaulting to having it enabled, but I remember having to manually go through the process of switching it on. Same with the other 70 or so sites I use 2FA on.
This may be a case of YMMV — in my own experience, there are websites (some banks come to mind, Github as well) that do enable email 2FA by default, although I wouldn’t say it is a universal or even common practice.
Another reason for Bitwarden not to enable email 2FA by default is that this has the potential to weaken security for those who add more secure forms of 2FA and may not realize that they would have to also disable the email 2FA in order to realize the security benefits of, say, a Yubikey.
