- New "Unlock w/ PIN" article + downstream re-ordering (#383)

- A typo
- Clarification on yubico validation URLs
- Post-release updates to "About Bitwarden Plans"
- Improvements to Lost Two Step Device vs. Recovery Code articles

_articles/account/biometrics.md

@@ -5,7 +5,7 @@ categories: [account-management]
 featured: false
 popular: false
 tags: [unlock, face id, touch id, hello, windows, mac, ios, android]
-order: 10
+order: 11
 ---
 
 Bitwarden can be configured to accept biometrics as a method to unlock your Vault. Biometrics can **only be used to unlock** your Vault, you will still be required to log in to your Vault with your Master Password and any enabled [Two-step Login method]({% link _articles/two-step-login/setup-two-step-login.md %}).

_articles/account/delete-your-account.md

@@ -29,7 +29,7 @@ This action is permanent and cannot be undone.
 
 ### Without Logging In
 
-In the event that you have lost your Master Password, omplete the following steps to delete your account:
+In the event that you have lost your Master Password, complete the following steps to delete your account:
 
 1. Navigate to [vault.bitwarden.com/#/recover-delete](https://vault.bitwarden.com/#/recover-delete).
 2. Enter the **Email Address** associated with your account.

_articles/account/unlock-with-pin.md

@@ -0,0 +1,57 @@
+---
+layout: article
+title: Unlock with PIN
+categories: [account-management]
+featured: false
+popular: false
+tags: [unlock, pin]
+order: 10
+---
+
+Bitwarden can be configured to accept a Personal Identification Number (PIN) as a method to unlock your Vault. PINs can **only be used to unlock** your Vault, you will still be required to log in to your Vault with your Master Password and any enabled [Two-step Login Method]({% link _articles/two-step-login/setup-two-step-login.md %}).
+
+## Enable Unlock with PIN
+
+Unlock with PIN can be enabled for Bitwarden Browser Extensions, Mobile Apps, and Desktop Apps:
+
+### Enable for Browser Extensions
+
+Complete the following steps to enable Unlock with PIN in your Browser Extension:
+
+1. Open the {% icon fa-cogs %} **Settings** tab.
+2. In the Security section, check the **Unlock with PIN** checkbox.
+3. Enter the desired PIN code in the input box. PIN codes can be any combination of characters (a-z, 0-9, $, #, etc.).
+
+   {% callout success %}**Optional:** The pre-checked option **Lock with master password on browser restart** will require you to enter your Master Password instead of a PIN when your browser restarts. If you want to be able to unlock with a PIN when your browser restarts, uncheck this option.{% endcallout %}
+
+Regardless of whether you use the **Lock with master password on browser restart** option, your PIN settings will remain until you **log out** of Bitwarden.
+
+Once enabled, you'll be prompted to **Verify PIN** to unlock the Browser Extension.
+
+### Enable for Desktop Apps
+
+Complete the following steps to enable Unlock with PIN in your Browser Extension:
+
+1. Open your **Settings** (on Windows, **File** → **Settings**) (on macOS, **Bitwarden** → **Preferences**).
+2. In the Security section, check the **Unlock with PIN** checkbox.
+3. Enter the desired PIN code in the input box. PIN codes can be any combination of characters (a-z, 0-9, $, #, etc.).
+
+   {% callout success %}**Optional:** The pre-checked option **Lock with master password on restart** will require you to enter your Master Password instead of a PIN when your app restarts. If you want to be able to unlock with a PIN when your app restarts, uncheck this option.{% endcallout %}
+
+Regardless of whether you use the **Lock with master password on restart** option, your PIN settings will remain until you **log out** of Bitwarden.
+
+Once enabled, you'll be prompted to **Verify PIN** to unlock the Desktop App.
+
+### Enable for Mobile Apps
+
+Complete the following steps to enable Unlock with PIN in your Browser Extension:
+
+1. Open the {% icon fa-cogs %} **Settings** tab.
+2. In the Security section, tap the **Unlock with PIN code** option.
+3. Enter the desired PIN code in the input box and tap **Submit**. PIN codes can be any combination of characters (a-z, 0-9, $, #, etc.).
+
+   {% callout success %}A dialog box will appear asking `Do you want to require unlocking with your master password when the application is restarted?` Tap **Yes** to require you to enter your Master Password instead of a PIN after your apps restarts. Tap **No** to be able to unlock with a PIN after your app restarts.{% endcallout %}
+
+Regardless of whether you use the **Lock with master password on app restart** option, your PIN settings will remain until you **log out** of Bitwarden.
+
+Once enabled, you'll be prompted to **Verify PIN** to unlock the Mobile App.

_articles/account/vault-timeout.md

@@ -5,7 +5,7 @@ categories: [account-management]
 featured: false
 popular: false
 tags: [account, vault, timeout, 2FA, two-step]
-order: 13
+order: 14
 ---
 
 Vault Timeout behavior will determine how your Vault will behave after a customizable period of inactivity. Timeout is configured individually from and for each Bitwarden client application that you use (Mobile, Web, Desktop, Browser Extension, etc.).

_articles/faqs/product-faqs.md

@@ -6,7 +6,7 @@ featured: true
 popular: true
 hidden: false
 tags: []
-order: 15
+order: 16
 redirect_from:
   - /article/change-your-email/
 ---

_articles/faqs/twostep-faqs.md

@@ -6,7 +6,7 @@ featured: true
 popular: false
 hidden: false
 tags: []
-order: 09
+order: 10
 ---
 
 This article contains Frequently Asked Questions (FAQs) regarding **Two-step Login**.

_articles/features/attachments.md

@@ -5,7 +5,7 @@ categories: [account-management]
 featured: false
 popular: false
 tags: [attachments, storage, files]
-order: 12
+order: 13
 ---
 
 Files can be attached to Vault items from any Bitwarden client application. An individual file attachment must be 100MB or smaller. By default, users have access to 1GB of encrypted storage for file attachments. Additional storage can be purchased in 1GB increments.

_articles/features/authenticator-keys.md

@@ -5,7 +5,7 @@ categories: [account-management]
 featured: true
 popular: false
 tags: [autofill, auto-fill, totp, 2fa, two-step login, two factor authentication, authenticator]
-order: 11
+order: 12
 ---
 
 The Bitwarden Authenticator is an alternative solution to dedicated authentication apps like Authy, which you can use to verify your identity for websites and apps that use Two-step Login. The Bitwarden Authenticator generates 6-digit [Time-based One-time Passwords](https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm) (TOTPs) using SHA-1 and rotates them every 30 seconds.

_articles/features/reports.md

@@ -5,7 +5,7 @@ categories: [account-management]
 featured: false
 popular: false
 tags: [account, report, breach, reused, unsecured, weak]
-order: 14
+order: 15
 ---
 
 Vault Health Reports can be used to evaluate the security of your Bitwarden Personal or Organization Vault.

_articles/hosting/environment-variables.md

@@ -46,4 +46,4 @@ The following variables do not already exist in `global.override.env`, and can b
 |globalSettings__mail__smtp__sslOverride=|Specify `true` to use SSL (not TLS) on port 25.|
 |globalSettings__mail__smtp__startTls=|Specify `true` to force STARTTLS (Opportunistic TLS).|
 |globalSettings__organizationInviteExpirationHours=|Specify the number of hours after which an Organization Invite will expire (`120` by default).|
-|globalSettings__yubico__validationUrls__0=|Primary URL for self-hosted Yubico Validation Server.<br><br>Add additional Validation Server URLs by creating incremented environment variables, for example `globalSettings__yubico__validationUrls__1=`, `globalSettings__yubico__validationUrls__2=`.|
+|globalSettings__yubico__validationUrls__0=|Primary URL for self-hosted Yubico Validation Server. For example, `globalSettings__yubico__validationUrls__0=https://your.url.com/wsapi/2.0/verify`.<br><br>Add additional Validation Server URLs by creating incremented environment variables, for example `globalSettings__yubico__validationUrls__1=`, `globalSettings__yubico__validationUrls__2=`.|

_articles/plans-and-pricing/about-bitwarden-plans.md

@@ -46,10 +46,12 @@ In the following table, "premium features" (included for **Premium Individual**
 |Storage sync across devices|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |Secure Password Generator|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |Cloud or Self-hosting|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
+|*Encrypted Export|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |*Two-step login|via authenticator apps or email|via authenticator apps, email, Yubikey, U2F, and Duo|via authenticator apps, email, Yubikey, U2F, and Duo|
 |*Encrypted file storage|-|1 GB|1 GB per user + 1 GB shared|
 |*Bitwarden Authenticator (TOTP)|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |*Vault Health Reports|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
+|*Emergency Access|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |*Priority Support|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |Data sharing|-|-|Unlimited|
 |Cost to you|Free|$10 /year, billed annually|$40 /year, billed annually|
@@ -88,9 +90,11 @@ In the following table, "premium features" (included for **Teams Organizations**
 |Base no. of users|2|1|1|
 |Max no. of users|2|Unlimited|Unlimited|
 |Max no. of Collections|2|Unlimited|Unlimited|
+|*Encrypted Export|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |*Two-step login|via authenticator apps or email|via authenticator apps, email, Yubikey, U2F, and Duo|via authenticator apps, email, Yubikey, U2F, and Duo|
 |*Encrypted file storage|-|1 GB per user + 1 GB shared|1 GB per user + 1 GB shared|
 |*Bitwarden Authenticator (TOTP)|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
+*Personal Emergency Access|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |*Vault Health Reports|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |*Priority Support|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |Event Logs|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
@@ -99,6 +103,7 @@ In the following table, "premium features" (included for **Teams Organizations**
 |Directory Connector|-|<i class="fa fa-check" aria-hidden="true"></i>|<i class="fa fa-check" aria-hidden="true"></i>|
 |Login with SSO|-|-|<i class="fa fa-check" aria-hidden="true"></i>|
 |Enterprise Policies|-|-|<i class="fa fa-check" aria-hidden="true"></i>|
+|Custom Management Role|-|-|<i class="fa fa-check" aria-hidden="true"></i>|
 |Self-host option|-|-|<i class="fa fa-check" aria-hidden="true"></i>|
 |Cost to you|Free|$3 Per User Per Month, billed annually<br>or<br>$4 Per User Per Month, billed monthly|$5 Per User Per Month, billed annually<br>or<br>$6 Per User Per Month, billed monthly|
 

_articles/two-step-login/lost-two-step-device.md

@@ -1,60 +1,31 @@
 ---
 layout: article
-title: Lost Two-step Login Device
+title: Lost Two-step Device
 categories: [two-step-login]
 featured: false
 popular: false
 tags: [two-step login, 2fa, two factor authentication, account]
-order: 08
+order: 09
 ---
 
-If you lose access to the device or method that you use for Two-step Login, you can recover your account using a Two-step Login **Recovery Code**.
+If you lose access to the device or method that you use for Two-step Login, you can recover your account using a Two-step Login **Recovery Code**. If you have your Recovery Code, see [Two-step Recovery Code]({% link _articles/two-step-login/two-step-recovery-code.md %}) to learn how to use it to recover your account.
 
-{% callout warning %}
-**Without your Recovery Code, losing access to your device or method will permanently lock you out of your Vault.**
+## I Don't Have a Recovery Code
 
-Get your Recovery Code from the Two-step Login screen before enabling any method.
-{% endcallout %}
+If you've lost your Two-step Login Device and don't have a Recovery Code, there is unfortunately no way for the team to recover the account or the data therein. You will need to delete your account and start a new one.
 
-## Get Your Recovery Code
-
-The Recovery Code is a 32 character alpha-numeric code. To retrieve your Recovery Code:
-
-1. Log in to your [Web Vault](https://vault.bitwarden.com/){:target="\_blank"}.
-2. Select **Settings** from the top navigation bar.
-3. Select **Two-step Login** from the left-side menu.
-4. Select the **View Recovery Code** button at the top of the screen.
-
-   You will be prompted to enter your Master Password in order to retrieve your Recovery Code.
-5. Print your Recovery Code and put it somewhere safe.
-
-## Use your Recovery Code
-
-Using your Recovery will deactivate all Two-step Login methods from your account. You will be required to enter all of the following to use your Recovery Code:
-
-- Email Address
-- Master Password
-- Recovery Code
-
-Once you use your Recovery Code, you will be required to manually re-activate any Two-step Login methods. Using your Recovery code will also **reset your Recovery Code**. We recommend re-printing your code and to replace the previous one before re-activating any Two-step Login methods.
-
-Follow this link to use your Recovery Code: [https://vault.bitwarden.com/#/recover-2fa](https://vault.bitwarden.com/#/recover-2fa){:target="\_blank"}.
-
-### If you don't have your Recovery Code
-
-If you don't have your Recovery Code, there is no way to fully recover the account. To access Bitwarden with that email address, you will need to delete the account and re-register.
-
-Before deleting your account, check to see whether you have an active **Locked** session (for example, in a Browser Extension or Mobile app). Sessions that are Locked will not require your Two-step Login method. If you do have an active session, export your vault data before deleting the account.
-
-{% callout warning %}
-Deleting your account will delete all stored Logins, Identities, Cards, and Secure Notes.
+{% callout success %}
+If you're using any Bitwarden client applications (Mobile Apps, Browser Extensions, etc.) you should check whether any of these sessions are still logged in prior to deleting your account. If a client application is still logged in, [Export Vault Data]({% link _articles/account/export-your-data.md %}) to a file for import into a new account.
 {% endcallout %}
 
 Complete the following steps to delete your account:
 
-1. Navigate to [https://vault.bitwarden.com/#/recover-delete](https://vault.bitwarden.com/#/recover-delete){:target="\_blank"}.
-2. Enter your account's Email Address.
-3. Open your inbox and click the verification link that was sent to you.
-4. Confirm the deletion of your account.
+{% callout warning%}
+This action is permanent and cannot be undone.
+{% endcallout %}
 
-You can now register a new account using the same email address. If you had an active subscription at the time of deletion, [Contact Us](https://bitwarden.com/contact/) and we will re-instate it to your newly created account.
+1. Navigate to [vault.bitwarden.com/#/recover-delete](https://vault.bitwarden.com/#/recover-delete).
+2. Enter the **Email Address** associated with your account.
+3. In your email inbox, open the email and verify that you want to delete this Bitwarden account.
+
+Once deleted, you're free to create a new Bitwarden account with that email address. If you delete a Bitwarden account that has a Premium subscription associated with it, [Contact Us](https://bitwarden.com/contact/){:target="\_blank"} and we'll reapply your existing subscription to the new account.

_articles/two-step-login/setup-two-step-login-authenticator.md

@@ -17,7 +17,7 @@ Complete the following steps to enable Two-step Login using an authenticator app
 {% callout warning %}
 **Losing access to your authenticator app can permanently lock you out of your Vault,** unless you write down and keep your Two-step Login Recovery Code in a safe place.
 
-[Get your Recovery Code]({% link _articles/two-step-login/lost-two-step-device.md %}) from the **Two-step Login** screen before enabling any method.
+[Get your Recovery Code]({% link _articles/two-step-login/two-step-recovery-code.md %}) from the **Two-step Login** screen before enabling any method.
 {% endcallout %}
 
 1. Log in to your [Web Vault](https://vault.bitwarden.com/){:target="\_blank"}.

_articles/two-step-login/setup-two-step-login-duo.md

@@ -31,7 +31,7 @@ Complete the following steps to enable Two-step Login using Duo:
 {% callout warning %}
 **Losing access to your Duo-enabled device can permanently lock you out of your Vault,** unless you write down and keep your Two-step Login Recovery Code in a safe place.
 
-[Get your Recovery Code]({% link _articles/two-step-login/lost-two-step-device.md %}) from the **Two-step Login** screen before enabling any method.
+[Get your Recovery Code]({% link _articles/two-step-login/two-step-recovery-code.md %}) from the **Two-step Login** screen before enabling any method.
 {% endcallout %}
 
 1. Log in to your [Web Vault](https://vault.bitwarden.com){:target="\_blank"}.

_articles/two-step-login/setup-two-step-login-email.md

@@ -17,7 +17,7 @@ Complete the following steps to enable Two-step Login using email:
 {% callout warning %}
 **Losing access to your Two-step Login linked email can permanently lock you out of your Vault,** unless you write down and keep your Two-step Login Recovery Code in a safe place.
 
-[Get your Recovery Code]({% link _articles/two-step-login/lost-two-step-device.md %}) from the **Two-step Login** screen before enabling any method.
+[Get your Recovery Code]({% link _articles/two-step-login/two-step-recovery-code.md %}) from the **Two-step Login** screen before enabling any method.
 {% endcallout %}
 
 1. Log in to your [Web Vault](https://vault.bitwarden.com){:target="\_blank"}.

_articles/two-step-login/setup-two-step-login-u2f.md

@@ -28,7 +28,7 @@ Complete the following steps to enable Two-step Login using FIDO U2F:
 {% callout warning %}
 **Losing access to your FIDO U2F device can permanently lock you out of your Vault,** unless you write down and keep your Two-step Login Recovery Code in a safe place.
 
-[Get Your Recovery Code]({% link _articles/two-step-login/lost-two-step-device.md %}) from the **Two-step Login** screen before enabling any method.
+[Get Your Recovery Code]({% link _articles/two-step-login/two-step-recovery-code.md %}) from the **Two-step Login** screen before enabling any method.
 {% endcallout %}
 
 1. Log in to the [Web Vault](https://vault.bitwarden.com){:target="\_blank"}.

_articles/two-step-login/setup-two-step-login-yubikey.md

@@ -19,7 +19,7 @@ Complete the following steps to enable Two-step Login using Yubikey:
 {% callout warning %}
 **Losing access to your Yubikey can permanently lock you out of your Vault,** unless you write down and keep your Two-step Login Recovery Code in a safe place.
 
-[Get your Recovery Code]({% link _articles/two-step-login/lost-two-step-device.md %}) from the **Two-step Login** screen before enabling any method.
+[Get your Recovery Code]({% link _articles/two-step-login/two-step-recovery-code.md %}) from the **Two-step Login** screen before enabling any method.
 {% endcallout %}
 
 1. Log in to the [Web Vault](https://vault.bitwarden.com){:target="\_blank"}.

_articles/two-step-login/two-step-recovery-code.md

@@ -0,0 +1,39 @@
+---
+layout: article
+title: Two-step Recovery Code
+categories: [two-step-login]
+featured: false
+popular: false
+tags: [two-step login, 2fa, two factor authentication, account]
+order: 08
+---
+
+Your Two-step Login Recovery Code is a 32 character alpha-numeric code that, when used, will deactivate all Two-step Login methods from your account. Recovery Codes are designed for scenarios where you have lost your Two-step Login Device.
+
+{% callout success %}
+Without your Recovery Code, losing access to your device or method will permanently lock you out of your Vault. Bitwarden highly recommends downloading your Recovery Code from the Two-step Login screen **before enabling any method**.
+{% endcallout %}
+
+## Get Your Recovery Code
+
+Complete the following steps to retrieve your Recovery Code:
+
+1. Log in to your [Web Vault](https://vault.bitwarden.com/){:target="\_blank"}.
+2. Select **Settings** from the top navigation bar.
+3. Select **Two-step Login** from the left-side menu.
+4. Select the **View Recovery Code** button at the top of the screen.
+
+   You will be prompted to enter your Master Password in order to retrieve your Recovery Code.
+5. Print your Recovery Code and put it somewhere safe.
+
+## Use your Recovery Code
+
+Using your Recovery will deactivate all Two-step Login methods from your account. You will be required to enter all of the following to use your Recovery Code:
+
+- Email Address
+- Master Password
+- Recovery Code
+
+To use your Two-step Login Recovery Code, navigate to [https://vault.bitwarden.com/#/recover-2fa](https://vault.bitwarden.com/#/recover-2fa){:target="\_blank"} or, for self-hosted installations navigate to [https://your.vault.domain.com/#/recover-2fa](#).
+
+Once you use your Recovery Code, you will be required to manually re-activate any Two-step Login methods. Using your Recovery code will also **reset your Recovery Code**. We recommend re-printing your code and to replace the previous one before re-activating any Two-step Login methods.