How to enable two-factor authentication for Bitwarden

May 29, 2020 by No Comments

If you use Bitwarden as your password manager of choice, you owe it to yourself to enable two-factor authentication.

bitwardenhero.jpg

Image: Jack Wallen

If you’ve opted to make use of the open source Bitwarden password manager, you’ve made a wise choice. Everyone should be using a password manager these days and to not do so is inviting problems.

But even the password manager is only as secure as is your master password. Use a weak master password and someone could gain access to that database, thereby gaining access to all of the accounts you have saved.

You don’t want that. 

To prevent such an occurrence, you should use a strong password for your Bitwarden database. But even then, you have to contend with the fact that your Bitwarden database is synced with a cloud account and is accessible via the web. To better protect your account, you can always lock it down with the addition of two-factor authentication (2FA).

SEE: Security Awareness and Training policy (TechRepublic Premium)

I want to show you how to enable two-Factor authentication with Bitwarden. Know that the standard account will get you access to 2FA with either login codes sent to Gmail or using a third-party app like Authy. If you want to use hardware-based 2FA (Yubikey, FIDO U2F, and Duo), you’ll have to pony up for a Premium account, which is $10.00/year.

That $10.00/year also gets you:

  • 1 GB encrypted storage for file attachments

  • Password hygiene, account health, and data breach reports to keep your vault safe

  • TOTP verification code (2FA) generator for logins in your vault

  • Priority customer support

If you want serious security, you’ll opt for hardware-based, which means paying the premium price. 

Either way, you can enable 2FA for the web-based Bitwarden. Unfortunately, this does not apply to the Bitwarden client, which will only require your master password to gain access.

How to enable 2FA for Bitwarden

To make this work, log in to your Bitwarden online vault. Once there, click Settings in the top navigation (Figure A).

Figure A

bitwarden2faa.jpg

The Settings option in the top navigation.

In the resulting window, click Two-Step Login from the left navigation (Figure B).

Figure B

bitwarden2fab.jpg

The Bitwarden left navigation of the web interface.

In the next screen, click the Manage button associated with the type of 2FA you want to use (Figure C).

Figure C

bitwarden2fac.jpg

Select the type of 2FA you want to use.

You will then be prompted to enter your master password. Upon successful authentication, you will then be presented with a QR code (Figure D).

Figure D

bitwarden2fad.jpg

Setting up app-based 2FA for Bitwarden.

Open your 2FA application, create a new account, and scan the code. How you do this will depend on the 2FA tool you use, but the process is fairly simple–regardless of which app you use. 

And that’s all there is to enabling 2FA for the Bitwarden password manager—at least for the web-front. I have to confess, however, it would be nice if they’d enable this for the client as well. It would be great to know that database is protected by two layers of security. Outside of that one caveat, this should be considered a must do for every Bitwarden user.

Also see

Leave a Comment

Your email address will not be published. Required fields are marked *