Hi all, Can someone please help me with the following:
My phone just crashed, which had my Bitwarden and authenticator app on it. My recovery code is in my Proton drive, which I don’t have access to at the moment, since my phone crashed and I don’t have access to my Bitwarden app.
I do know what my password is and I’ve configured my Yubikey as a second factor. Unfortunatly it seems like my subscription wasn’t renewed and now I’m unable to use this option! What can I do to regain access to my vault?!
Did you set up the Yubikey as 2FA for your Bitwarden account as “Yubico OTP” or “FIDO2 WebAuthn” (BTW the latter is momentarily called “passkey”-2FA)?
I ask because only “Yubico OTP” is part of the premium subscription - the “FIDO2 WebAuthn”-2FA is free since about a year now and therefore independent of a subscription.
Hi! I’m not sure, but I guess Yubico OTP. I don’t think I have the TOTP seed code anywhere else unfortunatly. I would really like to renew my subscription somehow, so that I can regain access to my account using the Yubikey!
@Luxy I have no personal experience in this, but I would try to contact support to ask if they can renew your subscription. I would guess, if they can do it at all, that you at least must have access to your email address for that ?!
If that doesn’t work, it seems to me you are very much out of luck. (PS: I guess you can see for yourself now that your 2FA-recovery code is stored in the wrong place - for the future: please write it down on an emergency sheet, beside other infos like the master password etc.)
Do you have an export (/backup) of your vault?
Did you already try other forms of 2FA? Maybe you have “email” also enabled and can use that? (it would show, when you try to login and choose “different 2FA-method” (or whatever it is exactly called)…
PS: You don’t have another device where you might have either access to your proton drive or a Bitwarden app still logged in (like a tablet, desktop PC, laptop, …)?
I’m in the proces of contacting support. Unfortunatly I don’t have a export/backup. I don’t seem to have any other 2FA option So frustrating, all of this because of a phone crash and no renewal of my subscription. But yes, I should’ve know better with saving my recovery codes etc.
And I don’t want to “frustrate” you more, but: I guess you are “lucky” you made it that far. - If your phone would have gotten stolen, you would be in exactly the same situation. The problem is not the phone crash (one must anticipate that those kind of things can happen), but that you have no real backup / recovery strategy… So for the future: at least emergency sheet stored in a safe place (with at least master password and 2FA-recovery code on it) and regular exports of your vault… And avoid “circular dependencies”, like with your recovery code now…
Status update: The Bitwarden support team helped me a lot! They’ve temporary re enabled my subscription, which allowed me to login using my Yubikey! Thank you so much Chinelo and David! I’ll definitely make a donation to the project once I’ve figured out how to do so. So happy with this!!
I’ve added some more MFA options, downloaded the recovery key (which I will print out tommorow) and added a recovery user. This was a big learning moment!
One last comment to Bitwarden’s 2FA options: “Yubico OTP” is a bit outdated these days… since you can use 2FA-“passkeys” (*) also with a Yubikey, this would be the better option.
(*): recently renamed to “passkeys” and formerly called “FIDO2 WebAuthn” in Bitwarden
@Luxy Just to reinforce the point made by @Nail1684 above, if you use the two-step login option “Passkey” to register your Yubikeys (instead of “Yubico OTP”), then your Yubikeys will keep working as 2FA even if your subscription ever lapses again.
Thanks for the update, and congrats on getting out of a sticky situation!