Get Started
Log In
HomeProductsDownloadPricingHelpBlogContactTalk to SalesGet StartedLog In

Two-step Login via Duo

Two-step login using Duo is unique among available two-step login methods in that it can be enabled by an individual (like the other methods) or enabled for an entire Organization by Teams and Enterprise Organizations.

Enabling Duo for an Organization will prompt all enrolled members to register a device for Duo two-step login the next time they log in.

Configuring Duo in the Duo Admin Panel and registering a device will follow the same procedure in either case, but the setup procedure in Bitwarden varies depending on whether you're setting up Duo for yourself or for an Organization.

Configure Duo

You'll need a Duo account in order to obtain some information required by Bitwarden to complete setup. Sign up for free, or log in to your existing Duo Admin Panel. To configure Duo:

  1. In the left menu, navigate to Applications.

  2. Select the Protect an Application button.

  3. Find or search for Bitwarden in the Applications list, and select the Protect button. You will be redirected to a Bitwarden application page:

    Bitwarden Application page
    Bitwarden Application page

Take note of the Integration Key, Secret Key, and API Hostname. You will need to reference these values when you Setup Duo within Bitwarden.

Setup Duo

Setting up Duo in Bitwarden is different depending on whether you're enabling it for yourself or for an Organization. Select one of the following tabs accordingly for instructions:

Register a Device

Once Duo is setup, navigate to the web vault in a new tab. If Duo is your highest-priority two-step login method, you will be prompted by a Duo setup screen:

Duo Setup Screen
Duo Setup Screen

Follow the on-screen prompts to configure a secondary device to use Duo (for example, type of device to register and send SMS or send push notification). If you haven't already downloaded the Duo Mobile App, we recommend that you do so:

Use Duo

The following assumes that Duo is your highest-priority enabled method. To access your vault using Duo:

  1. Login to your Bitwarden vault on any app and enter your email address and master password.

    A Duo screen will appear to begin your two-step login verification.

  2. Depending on how you've configured Duo, complete the authentication request by:

    • Approving the Duo Push request from your registered device.

    • Finding the 6 digit verification code in your Duo Mobile app or SMS messages, and enter the code on the vault login screen.


      Check the Remember Me box to remember your device for 30 days. Remembering your device will mean you won't be required to complete your two-step login step.

You will not be required to complete your secondary two-step login step to Unlock your vault once logged in. For help configuring Log Out vs. Lock behavior, see Vault Timeout Options.



  • Resource Center
  • Community Forums
  • Security Compliance
  • Success Stories
  • User Reviews
  • Newsfeed
  • Subscribe to Updates

©2022 Bitwarden, Inc.

Terms Privacy Sitemap