Bitwarden sign in fails if 2FA is enabled

[anonymous1184]

For the miriad of sites in the password manager, I only use a few with more than one account.

Is there any plans for selecting the desired credentials? I belive every internet user has the need to use at very least a service with more than one set of credentials (e.g. work/personal email).

[PalmerAL]

You should see a list that allows you to pick which credentials you want to use, like this: https://user-images.githubusercontent.com/10314059/73512567-b8622900-43af-11ea-9880-5f72efdc7b33.png. Are you not seeing that? Or do you mean something else?

[anonymous1184]

I was not seeing that.

There's no way of setting up 2FA on the initial configuration of Bitwarden in Min. The issue arised after disabling 2FA, setting up Min and subsecuently enabling 2FA. It was solved by manually re-logging while Min was closed (re-syncing by restarting Min didn't work):

bw logout
bw login email password --method 3 --code <OTP>

(Refer to online documentation for --method values, since CLI help doesn't cover them.)

On a side note, its worthy to remember that match detection rules applies, because even after being able to choose credentials one of them didn't appear (this was totally a layer 8 issue).

[PalmerAL]

Thanks for investigating more; I guess it would make sense to add some options to the sign in form for that (or if not, the sign in should show an error rather than silently failing).

[ghost]

I was not seeing that.

There's no way of setting up 2FA on the initial configuration of Bitwarden in Min. The issue arised after disabling 2FA, setting up Min and subsecuently enabling 2FA. It was solved by manually re-logging while Min was closed (re-syncing by restarting Min didn't work):

bw logout
bw login email password --method 3 --code <OTP>

(Refer to online documentation for --method values, since CLI help doesn't cover them.)

On a side note, its worthy to remember that match detection rules applies, because even after being able to choose credentials one of them didn't appear (this was totally a layer 8 issue).

Hi anon,
Can you clarify, does following your steps allow you to use 2FA (namely email authentication) with Bitwarden in Min after making these changes?

I cannot rely on non-2FA for a password manager because of a fear of a keylogger logging my master password and then there's no recourse for a third party to easily access ALL my logins

(one work-around is to download the Bitwarden Windows program on your computer, but then it doesn't integrate with the browser of course and you have to manually alt-tab and copy/paste the username and passwords manually for each site which can be a nuisance)

[anonymous1184]

No workaround yet. I was tasked to create a full Windows integration of Bitwarden that doesn't rely in any 3rd party AND support for TOTP (email is less secure). Right now what I do have is a KeyPass-like autotype (you need to edit entries for match detection but as you noted it can be a handful). It shouldn't take me more a week to have it up and running and as I envision it will work in-browser regardless of extensions or administrative permissions. I'll keep you posted if interested.