Two-step Login via FIDO U2F

Category: Two-step Login
On this page:

    Two-step Login using FIDO U2F is available for Premium users, including members of Paid Organizations (Families, Teams, or Enterprise).

    Any FIDO U2F certified device can be used, including YubiKeys, SoloKeys, Google Titan, Nitrokeys, and more.


    FIDO U2F cannot be used on all Bitwarden applications. Enable another Two-step Login method in order to access your vault on unsupported applications.

    Supported applications:

    Setup FIDO U2F

    Complete the following steps to enable Two-step Login using FIDO U2F:


    Losing access to your FIDO U2F device can permanently lock you out of your Vault, unless you write down and keep your Two-step Login Recovery Code in a safe place or have an alternate Two-step Login method enabled and available.

    Get Your Recovery Code from the Two-step Login screen immediately after enabling any method.

    1. Log in to the Web Vault.
    2. Select Settings from the top navigation bar.
    3. Select Two-step Login from the left-side menu.
    4. Locate the FIDO U2F Security Key option and select the Manage button.

      Select the Manage button
      Select the Manage button

      You will be prompted to enter your Master Password to continue.

    5. Give your security key a friendly Name.
    6. Plug the security key into your computer’s USB port and select Read Key.

      If your security key has a button, touch it.

    7. Select Save. A green Enabled message will indicate that Two-step Login using FIDO U2F has been successfully enabled and your key will appear with a green checkbox ( ).
    8. Select the Close button and confirm that the FIDO U2F Security Key option is now enabled, as indicated by a green checkbox ( ).

    Repeat this process to add up to 5 FIDO U2F security keys to your account.


    When you setup Two-step Login, you should logout of all your Bitwarden apps to immediately activate Two-step Login for each app. You will eventually be logged out automatically.

    Use FIDO U2F

    The following assumes that FIDO U2F is your highest-priority enabled method. Complete the following steps to access your Vault using Two-step Login:

    1. Log in to your Bitwarden Vault (Web Vault or Browser Extension) and enter your Email Address and Master Password.

      You will be prompted to insert your security key into your computer’s USB port. If it has a button, touch it.

    You will not be required to complete your secondary Two-step Login setup to Unlock your Vault once logged in. For help configuring Log Out vs. Lock behavior, see Vault Timeout Options.