Unlock Bitwarden with 2FA, e.g. Yubikey (instead of, not in addition to password)

I recently switched to Bitwarden from LastPass, but I did a pitstop with Synology C2 password. I actually liked Synology C2 Password as it just worked. It allowed you to unlock your vault on your PC through my YubiKey and required the YubiKey pin setup when I first used the YubiKey. It was quick and simple for me to set my vault to lock when it went to sleep or I closed my chrome browser. They presented two options to unlock; enter master password or click on Use Key to Decrypt. I also had the same thing with Lastpass with my YubiKey being my quick unlock, but no pin was required as it was in C2. Now that I spent a day with BitWarden I am ok with using my PC Hello PIN/Face, but I would much prefer to use my YubiKey.

I chose BitWarden mostly because C2 is new and did not provide a lot of detail around where and how they store the vault and frankly any details on their security other than the standard encryption statements. I actually really wanted them to self-host on Synology NAS, but they did not have that option. I hope to figure out and use BitWarden Unified on my Synology NAS, so my migration will be easier starting with BitWarden Cloud service. I do find it odd in BitWarden that you have to have desktop version to turnon biometric unlock on my PC and other functionality in my chrome extension. I am not knowledgable enough to figure out if this is more secure or less, but it seems like that communications required between my extension and a PC application is one more point of failure for being hacked. Perhaps it is the opposite for reasons unknown to me.

Dear Bitwarden Team: Is there any effort or progress in this topic? Still seeing almost 250 upvotes but nothing happens…

1 Like