Consider me among the legion of long time LastPass users looking at alternative password managers. One of the things I really like (the idea) about BitWarden is password management & TOTP 2FA in the same app (vs LastPass having 2 apps & no way to export TOTPs).
So I am attempting to add a new authenticator app in Amazon. It gives me the barcode which I scan with my phone using the Bitwarden app. The problem I’m having is that it neither shows me the 6-digit code nor–even after syncing multiple times in the app & browser extension–does it give me the option to copy the code from the browser extension (or even the OS-specific app!) No matter what I do, the little clock icon for “Copy Verification Code” remains grayed out.
Am I running into a limitation of the free account? I don’t mind paying–and almost certainly will do so that I can use my Yubikey–but I’m just a few hours into using BItWarden & still trying to figure out how it stacks up. Thank you for any helpful advice.
TOTP is a premium only feature
Top Premium Features
- Bitwarden Authenticator (TOTP)
And since you’re asking about this, “1 GB encrypted file storage” is for file attachments. It’s not a “drive”.
Though it does seem like a minor bug that it lets you scan a TOTP if you don’t have premium. It should probably just hide the option completely.
Thank you for the clarification.
I could’ve sworn when I was looking at the chart comparing pricing & features, that TOTP was available at the free tier…looking at it now clearly says otherwise! However, I do agree with the comment that exposing any of the TOTP functionality at the free level is going to lead to confusion.
With this information though, I don’t think it’s going to affect my decision to move up to BitWarden’s paid Premium tier. The BitWarden UI is a wonderfully pleasant step up in accessibility from the overly complex & tedious LastPass interface. Having the TOTP rolled into the same mobile app–or not even having to continually reach for my phone with it also built in to the web extension!–to enter TOTP codes puts BitWarden over the top for me.
I got this confused myself when I first setup. You can protect your BW account with TOTP with the free tier, but the TOTP auth feature is premium.
Even though BW is a reliable product, I would highly recommend that you still use another TOTP auth app along side of BW for TOTP. My reasoning is that passwords can be reset, but TOTP cannot in many cases.
Some people will technically rightly point out that storing your 2FA secrets in your password manager, it is extremely uncommon for someone to get their computer hacked relative to getting phished or passwords leaked.
It is a concern to be sure, but having strong unique passwords is plenty on its own.
fyi, if you use BW to fill the user/pass via auto-fill or hot-key (cnt-shft-L), bitwarden will automatically copy your TOTP code to your clip board. Also applies to Android, possibly Apple?
Yes it’s pretty nice when it’s all setup.
Go to a site that you have configured with password/TOTP
ctl/shift/L to fill login/password
ctl/V to paste TOTP.