Two-step login (or two-factor authentication) greatly increases the security of your account by requiring you to enter (in addition to your master password) a verification code generated from another app each time you log in. We recommend that all users activate and use two-step login with their bitwarden account.
bitwarden supports two-step login by using a third-party authenticator app such as Authy or Google Authenticator. Two-step login can only be configured from the web vault.
Enable Two-step Login
Two-step login can permanently lock you out of your account. It is very important that you write down and keep your two-step login recovery code in a safe place in the event that you lose access to your authenticator app (see below for details).
- Log in to the web vault at https://vault.bitwarden.com
- Click Settings on the sidebar
- Click Manage Two-step Log in under the Two-step Log In panel
- Type in your current password and click Continue
- Follow the steps that appear
- Download a two-step verification app (usually on your mobile device). We recommend Authy.
- Scan the QR code with the verification app.
- Enter the verification code from the app.
- Click Enable Two-step. Note:
- A green alert will appear at the top stating that two-step login has been enabled; and
- Very Important: An orange alert will appear at the bottom with a recovery code. DO NOT IGNORE THIS.
- Print or write down the recovery code and store it in a safe place. This code is REQUIRED to restore your account in the event that you lose access to your verification app (ex. your phone is lost). If you lose access to your verification app and do not have your recovery code, bitwarden support will not be able to assist you in recovering your account. The only option will be to delete your account and start over.
- Click Close and then Log Out
- Log in to confirm that two-step verification is enabled and working
- Log out of and back in to any other bitwarden applications that you are using. You will eventually be logged out automatically.