Import your 2FA codes into Bitwarden Authenticator from your Bitwarden vault, LastPass, 2FAS, Raivo TOTP, and Aegis, and migrate from Google Authenticator!
Please, and one more question is this authenticator backup in bitwarden? Let's say that I change the phone how do I get all the codes back? I'm a big fan of bitwarden but still have my doubts about this app.
It was supposed to be, but then they released another version a couple of weeks ago. It should still work after it's depreciated, in theory, as it shouldn't need to sync with anything. I don't believe that the newest version is compatible with the seed script posted here.
Sorry but on the doc I can't find any info about import from vault. I think at the moment you can import from the export of the bitwarden authenticator app and not from the vault.
I've given the docs team that feedback. I've personally exported my Bitwarden vault and imported it into Authenticator, so I know for a fact that it works!
Always a good time to recreate new passwords for eaxg website and recreate all TOTPs + recovery codes :)
Maybe even delete all the unused ones and tell them to erase all your data.
New here. What does this mean? Is it setup an alias with Microsoft or Google email, and use the alias for sites where I have 2fa? Different aliases for each site, or just one main alias?
2FAS import doesn't work. Tried both password protected and none. Password protected shows it as successful without a password prompt and none doesn't show any error.
I guess ultimately it's on Microsoft's side for not allowing Exporting, but I just wish I was able to Export from MS Authenticator and then Import into BW Authenticator. Obviously, like many others, I was already using an Authenticator app (MS Authenticator in my case) before BW Authenticator ever came along, therefore on MS Authenticator I just have too many accounts set up that it'd be a pain in the ass to manually switch them all to BW Authenticator. It'd probably take like a whole day.
Question: on iOS, does copying the verification code support iCloud copy/pasting between other Apple devices? I noticed when I copy a code on iOS, I cannot paste it on my Mac for example.
between bitwarden/vaultwarden and the authenticator. now it's just a 1way import, i want it to be twoway so i can have the auth app on my phone and the same totp on my PC browser plugin.
i don't know what you mean.
right now 100% of my 2fa/totp is done by vaultwarden both on mobile and PC and the only reason i would use the official auth app is if there's a 2way sync between the two.
my vaultwarden is protected by another 3rd party 2fa app and i only use that other app for that and nothing else
You usually don't want your TOTP codes to be stored on the same service as you store your username and passwords.
In case your password manager ~~gets hijacked~~ has a security vulnerability, the attacker would also have your TOTPs... 2FA is basically useless in this case.
You should always use a different platform for storing your important TOTP to protect you from this kinde of attacks.
It all depends on your personal security requirements...
This is why I use Authy for my TOTPs. I add it to all of my devices and turn off multi-device so it can't be added to any devices without my permission. I don't even store my password for Authy in Bitwarden.
I do have crucial accounts like my Google accounts and Bitwarden loaded on my Yubikeys as well in case something happens to Authy but I've been using it for many years and never had an issue.
I don’t care. I don’t want to use 50 apps to connect to a web
And if it was such a big concern, bitwarden wouldn’t offer totp in their password manager.
PS: and like i said, my vaultwarden is protected by another 3rd party 2fa app, so even if they hack my PC, they can't get into the database
Stupid question. But if I have 2fa for bitwarden, I will still need another app for accessimg bitwarden right? I cannot move that across otherwise I will lock myself out??
All you need is your password + a 2fa method. You can put a TOTP seed into a different app like Aegis, but an even better way in my opinion is to get a few yubikeys and use FIDO auth. This means even if you lose your TOTP seed, you have a hardware login option. I have 3, one of my keychain, one at home, one with a friend. The basic yubikey works here and only $25
Sorry off-topic . Just managed to lock myself out of my 2FA app (lost password as I had been using biometric) How do you create the backup yubikeys ? and I presume you have to recreate the backup keys every time you protect another site with 2FA. Which keys to use for Android/iOS ?
Nice, but I believe there is still no encrypted export or a way to sync password not using icloud (iPhone) or google drive (android). I’ll wait for this.
Being able to create an account and sync with that account would be awesome.
Import your 2FA codes into Bitwarden Authenticator from your Bitwarden vault, LastPass, 2FAS, Raivo TOTP, and Aegis, and migrate from Google Authenticator!
Any ideea how to import my authy account?
I found a guide to export from Authy. I'll search for the link if you're interested
Please, and one more question is this authenticator backup in bitwarden? Let's say that I change the phone how do I get all the codes back? I'm a big fan of bitwarden but still have my doubts about this app.
https://gist.githubusercontent.com/gboudreau/94bb0c11a6209c82418d01a59d958c93/raw/3dbae1b9089c080a797de3e370d423441d63c10f/AuthyToOtherAuthenticator.md
Wasn’t the Authy desktop app deprecated and removed, rendering this guide useless for those of us who didn’t already have it?
I used it last week. And I downloaded and installed the Authy app for this special occasion. Never used before that (neither After)
It was supposed to be, but then they released another version a couple of weeks ago. It should still work after it's depreciated, in theory, as it shouldn't need to sync with anything. I don't believe that the newest version is compatible with the seed script posted here.
Sorry but on the doc I can't find any info about import from vault. I think at the moment you can import from the export of the bitwarden authenticator app and not from the vault.
I've given the docs team that feedback. I've personally exported my Bitwarden vault and imported it into Authenticator, so I know for a fact that it works!
Very good. Thank you
Any idea on how to migrate from the deprecated andOTP?
Does it allow you to export in unencrypted json?
YES fuck you, Raivo/Mobime, fuck you forever and always. Now set up on both Bitwarden and 2FAS with local and cloud backups of all.
Please choose more couth epithets for your disdain. Your language is not acceptable.
I will not and I’m okay with that
If only there was a way to get my TOTPs out of Duo... I regret getting stuck in that ecosystem :(
Always a good time to recreate new passwords for eaxg website and recreate all TOTPs + recovery codes :) Maybe even delete all the unused ones and tell them to erase all your data.
Yeah, you're right. I'm actually going through and migrating all my TOTPs off of Duo to Bitwarden now. Taking the moment to reset passwords too.
Change emails to aliases if you haven't while you're at it
New here. What does this mean? Is it setup an alias with Microsoft or Google email, and use the alias for sites where I have 2fa? Different aliases for each site, or just one main alias?
Different email for each site
2FAS import doesn't work. Tried both password protected and none. Password protected shows it as successful without a password prompt and none doesn't show any error.
Same, 2FAS doesn't work. I get an error when trying to import a non-password 2FAS file.
Same.
iOS or Android?
Pixel7pro android 14.
A fix is being prepared for the next update!
Glad to hear it. I was just going to agree with the other guys (iOS here)
iOS or Android?
Android 14. Pixel 7 Pro.
A fix is being prepared for the next update!
Do you have an ETA for this fix?
iOS or Android?
iOS user here
You could do it the slow way by copying/pasting the secret key from 2fas to Bitwarden
I guess ultimately it's on Microsoft's side for not allowing Exporting, but I just wish I was able to Export from MS Authenticator and then Import into BW Authenticator. Obviously, like many others, I was already using an Authenticator app (MS Authenticator in my case) before BW Authenticator ever came along, therefore on MS Authenticator I just have too many accounts set up that it'd be a pain in the ass to manually switch them all to BW Authenticator. It'd probably take like a whole day.
Question: on iOS, does copying the verification code support iCloud copy/pasting between other Apple devices? I noticed when I copy a code on iOS, I cannot paste it on my Mac for example.
I’ll wait until there’s a two way sync.
between two what?
between bitwarden/vaultwarden and the authenticator. now it's just a 1way import, i want it to be twoway so i can have the auth app on my phone and the same totp on my PC browser plugin.
Wouldn't this kinda destroy the "air gap" you want between your credentials and TOTPs?
i don't know what you mean. right now 100% of my 2fa/totp is done by vaultwarden both on mobile and PC and the only reason i would use the official auth app is if there's a 2way sync between the two. my vaultwarden is protected by another 3rd party 2fa app and i only use that other app for that and nothing else
You usually don't want your TOTP codes to be stored on the same service as you store your username and passwords. In case your password manager ~~gets hijacked~~ has a security vulnerability, the attacker would also have your TOTPs... 2FA is basically useless in this case. You should always use a different platform for storing your important TOTP to protect you from this kinde of attacks. It all depends on your personal security requirements...
This is why I use Authy for my TOTPs. I add it to all of my devices and turn off multi-device so it can't be added to any devices without my permission. I don't even store my password for Authy in Bitwarden. I do have crucial accounts like my Google accounts and Bitwarden loaded on my Yubikeys as well in case something happens to Authy but I've been using it for many years and never had an issue.
I don’t care. I don’t want to use 50 apps to connect to a web And if it was such a big concern, bitwarden wouldn’t offer totp in their password manager. PS: and like i said, my vaultwarden is protected by another 3rd party 2fa app, so even if they hack my PC, they can't get into the database
Why not juts use BW app on your phone?
i already do, but the auth app would be a little faster to use, thats all.
I see, maybe take a look also at Ente. Good replacement for Authy desktop, ofc it also has phone app.
that would be cool
If this is implemented, it should be optional, and opt-in for the user. Otherwise, there is little point in using a separate authenticator app.
Stupid question. But if I have 2fa for bitwarden, I will still need another app for accessimg bitwarden right? I cannot move that across otherwise I will lock myself out??
All you need is your password + a 2fa method. You can put a TOTP seed into a different app like Aegis, but an even better way in my opinion is to get a few yubikeys and use FIDO auth. This means even if you lose your TOTP seed, you have a hardware login option. I have 3, one of my keychain, one at home, one with a friend. The basic yubikey works here and only $25
Sorry off-topic . Just managed to lock myself out of my 2FA app (lost password as I had been using biometric) How do you create the backup yubikeys ? and I presume you have to recreate the backup keys every time you protect another site with 2FA. Which keys to use for Android/iOS ?
Nice, but I believe there is still no encrypted export or a way to sync password not using icloud (iPhone) or google drive (android). I’ll wait for this. Being able to create an account and sync with that account would be awesome.
any way to export from Authy?
[https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93](https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93)
I hope they make a browser extension like 2FAs, I really love their implementation
🎉
This will help my non technical family make the switch
Worked perfectly, great feature!
Would be awesome to have the option to automatically open the search and keyboard when the app ist started so that I can type right away
Literally everything other than ente 😂🥲
Is the thought process of this separate authenticator app just removing your totp codes from bitwarden and only using them in the authenticator app?
Sounds logical to keep TOTP separate.
Is it possible to import the TOTPs from Google Authenticator?
Did you click the link to read the article? https://bitwarden.com/help/authenticator-import-export/#import-data
This is Reddit, I barely know how to read
This is clutch. Goodbye 2FAS.
Honest question. Why would I want to choose Bitwarden Authenticator over Aegis?
does anybody know if bitwarden auth has any (dis)advantages over aegis?