Bitwarden just launched a new authenticator app. Here’s what it means to users. | Bitwarden Blog
bitwarden.com
Storing 2FA codes is just the beginning. Bitwarden aims to add defense in depth to authentication.

Bitwarden Authenticator is a standalone app that is available for everyone, even non-Bitwarden customers.

In its current release, Bitwarden Authenticator generates time-based one-time passwords (TOTP) for users who want to add an extra layer of 2FA security to their logins.

There is a comprehensive roadmap planned with additional functionality.

Available for iOS and Android

  • SuperFolaEnglish
    318 days ago

    Good luck getting your vault compromised.

    Unless you have a weak password or the vault isn’t encrypted (which it is, AES256 iirc and you might be able to change that on a self hosted version), I don’t see that happening.

    • @[email protected]English
      218 days ago

      Most password manager hacks don’t attack the encryption or password themselves (my password is very long), they find/create a side channel. For example:

      • keylogger attack to grab password manager password
      • social engineering to reset a password
      • attack the server to intercept passwords

      Every secure system can be defeated, but it’s a lot less likely that two secure systems will be defeated at the same time. So I keep my passwords and second factors separate. It’s unlikely that either will be compromised, and incredibly unlikely that both will be compromised at the same time.