Unlock Bitwarden with 2FA, e.g. Yubikey (instead of, not in addition to password)

Hi there,

This is inaccurate I think?
Passwordless covers MANY use cases from local apps, SSO, Linux/UNIX and what.not.
Whereas webauthn (the actual standard) only does web apps.
And FIDO2 is a certain lobby/alliance led application of that standard with the equivalent of a cisco backdoor by way of a certificate server that can turn any admin into an insider threat, whether they seat at the vendor or the client.

Right, is this making sense?

Why does it take so long to implement this feature?

@Maurits we’re balancing quite a few requests from the community and business customers (there are 1800+ requests here alone) - so it does take a little time. To see more of what we’re working on, our roadmap and release notes will give some insight.

1 Like

adding my support for any additional Yubikey features.

1 Like

+1 on this, I bought a premium subscription expecting this feature and apparently it is being DEMANDED but ignored ???

Well, I will ask for a refund and go to LASTPASS who has this feature. SO SAD…I like bitwarden, lastpass are greedy incompetent that cost 4 times the price of your software and are worse…:frowning:

3 Likes

@tgreer I’m a dev and understand the pain of development, but I would like to point out that this issue and the preceding #353 have a combined vote count of 350, making it the 6th highest voted issue.

What would be needed to convince you to put this on the official roadmap?

1 Like

Hi @actuallymentor this is on our radar, but of course, we have to balance lots of different requests and needs.

Our public roadmap is really a method to show the “headline” features and themes for where we are going, not a full detailed listing of things we will or won’t do. We’re a member of the FIDO Alliance and absolutely support the security and convenience benefits of hardware keys today and going forward.

1 Like

I am adding my support for better support of Yubikey. I am having difficulties logging in from Firefox and IOS. Clearly reading this thread is causing lots of people a lot of friction and its not so much hard work to get it on the roadmap.

We are almost in 2022 and using a yubikey is nothing esoteric.

2 Likes

+1
I have browsed over the comments on this forum and support the addition of this (or something similar) of a feature.

I am rolling out Bitwarden as a security process upgrade across my family, and want to make it easy to adopt. The master password must be long to be secure, and ideally it should be exposed as little as possible. My ideal solution would be master password + security key to login a new device, then pin + security key to unlock whenever necessary.

1 Like

+1
I have browsed over the comments on this forum and support the addition of this (or something similar) of a feature.

I am rolling out Bitwarden as a security process upgrade across my family, and want to make it easy to adopt. The master password must be long to be secure, and ideally it should be exposed as little as possible. My ideal solution would be master password + security key to login a new device, then pin + security key to unlock whenever necessary.

Exactly my opinion… same situation here. Make sure to vote this topic up at the very first post on the top left of this topic.

I am currently considering to get usb fingerprint sensors and configure them with windows hello als alternative. As far as I know it should then be possible to set the vault to be logged out automatically after a certain period and then you can turn on to have a biometrics login instead of master password and additionally the security key on login. I think this is a very secure alternative. The only problem I see is: What if family members bypass the settings on their computer… if they change it and disable the “log out” feature the security key will be not necessary…

Anyway: Buying usb finger print sensors is definitly a good and convenient deal because you can also use them for log in to windows etc. Unfortunately Microsoft does not natively support a setting, which makes the windows login forced to fingerprint plus security key without any sms & mail and pin recovery (to buypass the security key). Because this would be also very secure in combination with a full encrypted drive. Nobody would be able to get access to your notebook - even if you might still be logged into bitwarden in some session.

To achieve safety “also for family members, who have no clue about IT and are easy victims” is really really not easy. I think it starts with not giving them accounts with admin rights on windows. And security key is the next step.

I fully support this request!
I consider (optional) passwordless (FIDO2/Smartcard + PIN) login & decrypt both more secure and convenient.
Obvious attack vector now is: If somebody logs / scouts my masterkey (no matter how long & complex it might be), he could decrypt offline vault copys on my computer/phone.

No idea if FIDO2 (+PIN) would be feasible to login AND encrypt/decrypt. But Smartcard (+PIN) should and it is available on Security Keys (YubiKey, NitroKey, …) and Windows (Windows Hello).

Bitwarden offers the option to request the master password when opening defined entries. I’d like to request the feature to request the security key (Yubikey, FIDO2, …) instead of the master password when opening the defined entries.
Thank you very much in advance for considering my request.

1 Like

I created an account to vote this up.

I mean, you could even have it default to requiring both Yubikey and password at every unlock, as long as it’s a togglable option. My thinking is that if someone wants to get into my account that badly there’s nothing keeping them from pointing a gun at my head and demaning my passphrase anyway. Does that seem reasonable?

Also, wish more forums would have this “2 months later” or “10 days later” between posts. Exceptionally good idea. (Edit: is this just a default Discourse feature?)

Welcome to the crew of patient users, or at least I hope you’re patient. I also really hope that the devs see how much of a wanted feature this is:

But they are understandably busy, though I obviously differ on how I’d prioritise given the user action in here over the past 2 years.

I joined the forums exclusively to support this. I thought this was already a feature when I signed up for Premium, tbh, and it was the entire reason I did so. Having an option to verify (PÎN + key) unlocks seems like a basic convenience feature, especially for devices without biometric options like desktop computers.

+1 for this feature, I would love the simplicity of the Windows Hello unlock to also be available on my desktop through a Yubikey

A post was split to a new topic: Unlock with PIN

Also joined exclusively to vote for this topic.

When talking about keyloggers, I don’t think people realise how easy it is to compromise a password. All it takes is someone at the next table in a cafe recording you typing with their phone, and your master password is toast.

I feel so uncomfortable unlocking my Bitwarden (after a timeout, not on initial login) with my master password or PIN every time. It feels like terrible security, when I have a device with me that requires physical touch and cannot be remotely exploited, whether across the web or from the next table.

For those who say they don’t want someone being able to access their Bitwarden by simply pressing their Yubikey … Why are you leaving your laptop unlocked?! If your laptop is unlocked and logged in when you’ve stepped away, you’ve got much bigger opsec problems than your Bitwarden extension.

@tgreer please start taking this request more seriously, it is a huge flaw in the current Bitwarden security model.

@actuallymentor my god, you have the patience of a saint, I salute you.

1 Like

Welcome to the crew @andromeda and @_Alan :wave:

@tgreer, what would it take for you to implement this? I’ll gladly get X signatures on a petition or something.

I’d like to re-point out that:

:one: we are asking for a cosmetic “unlock with yubikey” that protects against “my kid is using the laptop” and not “Wladimir is using jack the ripper on my vault”

:two: we are fine with this feature being hidden under 3 sub levels of “advanced settings” and “DANGER” popups

:three: if you are a perfectionist you can always implement Yubikey’s PIV (smartcard) functionality, but that is far beyond what we are asking here

Every attack surface counts, and as you can tell many here know what the words “Opsec” and “Attack surface” mean, we’re not inexpert users just wanting sham security so we can feel good about ourselves.

2 Likes

I’ll happily throw in a US$10,000 bounty for this. It’s easily worth more than that for me to have my master password (or pin) compromised due to having to continually type it in on every unlock event.

To be clear on what I’m referring to, this would be to allow a Yubikey to perform the same functionality as the existing “Unlock with PIN” and “Unlock with biometrics” options.

2 Likes