diff --git a/_articles/features/fingerprint-phrase.md b/_articles/features/fingerprint-phrase.md new file mode 100644 index 00000000..238cf10f --- /dev/null +++ b/_articles/features/fingerprint-phrase.md @@ -0,0 +1,28 @@ +--- +layout: article +title: What is my account's fingerprint phrase? +categories: [features] +featured: false +popular: false +tags: [fingerprint] +--- + +Every Bitwarden user account has a public "fingerprint phrase" associated with it. Your account's fingerprint phrase never changes and is composed of five random english words that appear in a specific order. + +**Example fingerprint phrase** + +``` +alligator-transfer-laziness-macaroni-blue +``` + +The fingerprint phrase is an important security feature that assists in uniquely and securely identify a Bitwarden user account when important encryption-related operations are performed (such as sharing). For example, when adding a new user to an organization you should ask the user to verify their fingerprint phrase via email, over the phone, in person, etc. By verifying the fingerprint phrase with the user outside of Bitwarden you ensure that end-to-end encryption is securely initiated and that the Bitwarden server you are communicating with (and your connection) has not been maliciously tampered with. If you trust the server you are communicating with (and the connection that you are using), you can choose to ignore fingerprint phrase verification. + +## Where do I find my fingerprint phrase? + +You can find your account's fingerprint phrase using Bitwarden applications in the following locations: + +- Web vault: Settings → My Account +- Desktop apps: Account → Fingerprint Phrase +- Browser extensions: Settings → Account → Fingerprint Phrase +- Mobile: Coming soon... +- CLI: `bw get fingerprint me` diff --git a/_articles/miscellaneous/cli.md b/_articles/miscellaneous/cli.md index a08c5e72..8eaa9edf 100644 --- a/_articles/miscellaneous/cli.md +++ b/_articles/miscellaneous/cli.md @@ -179,7 +179,7 @@ Special syntax is available for filters that allows you to specify `null` and `n The `get` command allows you to retrieve a single object from your vault. - bw get (item|username|password|uri|totp|exposed|attachment|folder|collection|organization|template) + bw get (item|username|password|uri|totp|exposed|attachment|folder|collection|organization|template|fingerprint) You can retrieve an object by its globally using `id` property (usually a GUID), or you can provide a search term. The search term must be specific enough to only return a single result or the CLI will return an error.