bitwarden/help
1
0
Fork 0
mirror of https://github.com/bitwarden/help synced 2025-12-15 15:53:53 +00:00
Code Issues Releases Wiki Activity
Files
b2ba40ffbc3846aadfcc54f9da58c9553dc1405f
help/_articles/two-step-login/setup-two-step-login.md
fred_the_tech_writer b2ba40ffbc duo for orgs documentation (#470)
2021-03-10 09:03:57 -05:00

3.3 KiB
Raw Blame History

layout, title, categories, featured, popular, order, tags
layout title categories featured popular order tags
article Two-step Login Methods
two-step-login
false true 02
two-step login
2fa
two factor authentication
account

Using Two-step Login (also called Two-factor Authentication, or 2FA) to protect your Bitwarden Vault prevents a malicious actor from accessing your Vault even if they discover your Master Password by requiring authentication from a secondary device when you log in. If you're unfamiliar with the basics of 2FA, check out our [Field Guide]({% link _articles/two-step-login/bitwarden-field-guide-two-step-login.md %}).

There are lots of different methods for Two-step Login, ranging from dedicated Authenticator Apps to Hardware Security Keys. Whatever you choose, Bitwarden highly recommends that you secure your Vault using Two-step Login. In fact, we think it's so important that we're happy to offer a few methods for free.

Two-step Login for Individuals

The following Two-step Login methods can be enabled on an individual-by-indivual basis from the Web Vault's{:target="_blank"} Settings menu.

Free Methods

Bitwarden offers several Two-step Login methods for free, including:

Method Setup Instructions
via an Authenticator app (for example, Authy{:target="_blank"} or Google Authenticator{:target="_blank"}) Click [here]({% link _articles/two-step-login/setup-two-step-login-authenticator.md %}).
via Email Click [here]({% link _articles/two-step-login/setup-two-step-login-email.md %}).

Premium Methods

For Premium users (including members of Paid Organizations), Bitwarden offers several advanced Two-step Login methods:

Method Setup Instructions
via Duo Security with Duo Push, SMS, phone call, and U2F security keys Click [here]({% link _articles/two-step-login/setup-two-step-login-duo.md %}).
via YubiKey (any 4/5 series device or YubiKey NEO/NFC) Click [here]({% link _articles/two-step-login/setup-two-step-login-yubikey.md %}).
via FIDO U2F (any FIDO U2F certified key) Click [here]({% link _articles/two-step-login/setup-two-step-login-u2f.md %}).

Two-step Login for Teams and Enterprise

While all of the above methods can be enabled on an individual-by-individual basis, Teams and Enterprise Organizations can enable the following methods Organization-wide from the Organization's Settings menu.

Method Setup Instructions
via Duo Security with Duo Push, SMS, phone call, and U2F security keys Click [here]({% link _articles/two-step-login/setup-two-step-login-duo.md %}).

Using Multiple Methods

You can choose to enable multiple Two-step Login methods. When you log in to a Vault with multiple enabled methods, Bitwarden will first prompt you for the highest-priority method according to the following order of preference:

  1. Duo (Organizations)
  2. FIDO U2F
  3. YubiKey
  4. Duo (Individual)
  5. Authenticator App
  6. Email

Any option will work, though. Authenticate with a lower-preference method by selecting the Use another two-step login method button:

{% image two-step/twostep-diffmethod.png Use another two-step login method %}