Two-step Login Methods
Using Two-step Login (also called Two-factor Authentication, or 2FA) to access your Bitwarden Vault protects all your logins by preventing a malicious actor from accessing Vault items, even if they discover your Master Password. Since your Password Manager stores all your logins, we highly recommend that you secure it with Two-step Login.
Enabling Two-step Login will require you to complete a secondary step each time you Log In, in addition to entering your Master Password. You will not be required to complete the secondary step to Unlock your Vault. For help configuring Log Out vs. Lock behavior, see Vault Timeout Options.
In the Web Vault, enable Two-step Login methods from the Settings menu.
Bitwarden offers several Two-step Login methods for free, including:
|via an Authenticator app (for example, Authy or Google Authenticator)||Click here.|
|via Email||Click here.|
For Premium users (including members of Paid Organizations), Bitwarden offers several advanced Two-step Login methods:
|via Duo Security with Duo Push, SMS, phone call, and U2F security keys||Click here.|
|via YubiKey (any 4/5 series device or YubiKey NEO/NFC)||Click here.|
|via FIDO U2F (any FIDO U2F certified key)||Click here.|
Using Multiple Methods
You can choose to enable multiple Two-step Login methods. Logging in to Bitwarden will prompt for your highest-priority enabled Two-step Login method, according to the following order of preference:
- FIDO U2F
- Authenticator App
You can swap to a lower-preference method by selecting the Use another two-step login method button: