Bitwarden Authenticator is a standalone app that is available for everyone, even non-Bitwarden customers.

In its current release, Bitwarden Authenticator generates time-based one-time passwords (TOTP) for users who want to add an extra layer of 2FA security to their logins.

There is a comprehensive roadmap planned with additional functionality.

Available for iOS and Android

  • SuperFola@programming.dev
    link
    fedilink
    English
    arrow-up
    3
    ·
    6 months ago

    Good luck getting your vault compromised.

    Unless you have a weak password or the vault isn’t encrypted (which it is, AES256 iirc and you might be able to change that on a self hosted version), I don’t see that happening.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      6 months ago

      Most password manager hacks don’t attack the encryption or password themselves (my password is very long), they find/create a side channel. For example:

      • keylogger attack to grab password manager password
      • social engineering to reset a password
      • attack the server to intercept passwords

      Every secure system can be defeated, but it’s a lot less likely that two secure systems will be defeated at the same time. So I keep my passwords and second factors separate. It’s unlikely that either will be compromised, and incredibly unlikely that both will be compromised at the same time.