Nevertheless I chose my Yubikey instead.

    • kniescherz@feddit.de
      link
      fedilink
      English
      arrow-up
      15
      ·
      1 year ago

      I would argue its more like a 1.5 factor. Not secure when your bitwarden gets compromised. But more security for stolen, leaked, phised passwords.

      I currently have 60 OTPs in Bitwarden, I probably would not have activated 2FA on so many sites without BW.

    • hswolf@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      yeah, while I understand that, it’s not every time I have both my phone and computer together at the same time

      using a standalone OTP on either one of them would make the opposite a pain in the ass to use

      I take a lot of precautions with my main vault password, even got a biometric reader so I don’t have to type the password that much

      • PracticalParrot@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        You’re absolutely right. It’s all about your threat model, how much convenience you’re willing to lose and what not.
        I absolutely should do more to minimize potential risk, but it’s really so convenient to just… Have it all in 1 place…

        • Norah - She/They
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Something that I do to make sure I’m more protected is that I don’t put the two-factor for my main email accounts into Bitwarden.

          • PracticalParrot@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            This is a smart solution. Only solution I have so far is self hosting bitwarden, using unique password to login, and having 2fa to login to bitwarden, where the key is in bitwarden, and on aegis on a phone at home.