Two-step Login via Email
Two-step login using email is available for free to all Bitwarden users.
Two-step login via email is not recommended if you are using login with SSO, as using multiple methods will cause errors. Consider setting up two-step login via a free authenticator instead.
To enable two-step login using email:
Losing access to your two-step login device can permanently lock you out of your vault unless you write down and keep your two-step login recovery code in a safe place or have an alternate two-step login method enabled and available.
Get your recovery code from the Two-step login screen immediately after enabling any method.
Log in to your web vault.
Select the profile icon and choose Account Settings from the dropdown:
Select the Security page and the Two-step Login tab:
Locate the Email option and select the Manage button:
You will be prompted to enter your master password to continue.
Enter the email that you wish you receive verification codes and click the Send Email button.
If you have multiple email addresses, the address you use for two-step login doesn't have to use the same address you used to sign up for Bitwarden.
Check your inbox for the six-digit verification code. Enter the code in the dialog box in your web vault and select the Enable button.
Enabledmessage will indicate that two-step login via email has been enabled.
Select the Close button and confirm that the Email option is enabled, as indicated by a green checkbox ( ).
We recommend keeping your active web vault tab open before proceeding to test two-step login in case something was misconfigured. Once you have confirmed it's working, logout of all your Bitwarden apps to require two-step login for each. You will eventually be logged out automatically.
The following assumes that Email is your highest-priority enabled method. To access your vault using email 2FA:
Log in to your Bitwarden vault on any any app and enter your email address and master password.
You will be prompted to enter the six-digit verification code that was emailed to your configured email.
Check your inbox for the six-digit verification code. Enter this code on the vault login screen.
Check the Remember Me box to remember your device for 30 days. Remembering your device will mean you won't be required to complete your two-step login step.
Select Continue to finish logging in.
You will not be required to complete your secondary two-step Login step to Unlock your vault once logged in. For help configuring log out vs. Lock behavior, see vault timeout options.