The Bitwarden Blog

How to log in with another device

B
dont l'auteur est:Bitwarden
affichée:
Link Copied!
  1. Blog
  2. How to log in with another device

Although most people log into their Bitwarden vault with a master password, there is a more convenient method of doing so called passwordless authentication. Bitwarden includes this feature in the form of Log in with device

With this feature, any time you log into Bitwarden on one device (such as a desktop or laptop), you can opt to use your mobile or desktop app to approve those authentication requests instead of typing your master password. The authentication requests last 15 minutes. If a request isn't approved or denied within that time frame, they expire.

Get started with passwordless authentication

Attempt to log into your Bitwarden account from another app and you'll see a new Log in with device button (Figure 1).

Figure 1: You now have another option for unlocking your Bitwarden vault.
Figure 1: You now have another option for unlocking your Bitwarden vault.

Tap that button and, back on the approving device, tap Confirm Login (Figure 2) on the popup to allow access to your Bitwarden vault on the requesting device.

Figure 2: Once you've confirmed the login, you'll be given access to your vault.
Figure 2: Once you've confirmed the login, you'll be given access to your vault.

Passwordless authentication via Log in with device is complete

That's all there is to enable the Log in with device feature on Bitwarden. You now can forgo ever having to type your password to access your Bitwarden vaults. This is what passwordless authentication is all about: convenience and security all in one.

Here's how Log in with device (aka passwordless authentication) works under the hood:

  1. The initiating client (such as your Bitwarden mobile app) POSTs a request. Each request includes the account email address, a unique auth-request public key (which is uniquely generated for each passwordless login request and only exists for as long as the request does), and an access code. These requests are posted to an Authentication Request table in the Bitwarden database.

  2. Any Bitwarden desktop or mobile app that is logged in and has a device-specific GUID stored in the Bitwarden database is provided the request.

  3. Once the request is approved, the approving client encrypts the account's master key and master password hash using the auth-request public key enclosed in the request.

  4. The approving device then PUTs the encrypted master key and encrypted master password hash to the Authentication Request record and marks the request fulfilled.

  5. The initiating client GETs the encrypted master key and encrypted master password hash.

  6. The initiating client then decrypts the master key and master password hash locally using the auth-request private key.

  7. The initiating device uses the access code and fulfilled authentication request to authenticate the user with the Bitwarden Identity service.

  8. The vault is unlocked and ready to use.

Get started with Bitwarden

Ready to try out secure passwordless authentication today? Register for an individual account or start a free enterprise trial to join the global community of businesses using Bitwarden to manage and share their passwords and credentials securely.

PasswordlessPassword ManagerSecurity Tips
Link Copied!
Retour au blog

Get started with Bitwarden today.

Créez votre compte gratuit

Améliorez vos connaissances en cybersécurité.

Abonnez-vous à la newsletter.


© 2024 Bitwarden, Inc. Conditions Confidentialité Paramètres des cookies Plan du site

Go to EnglishStay Here