bitwarden/help
1
0
Fork 0
mirror of https://github.com/bitwarden/help synced 2026-01-08 11:33:45 +00:00
Code Issues Releases Wiki Activity
Files
fec120800ac6c7ea3007a2a8ec6834536df7bd33
help/_articles/two-step-login/setup-two-step-login.md
DanHillesheim fec120800a update links to work with netlify
2021-09-08 16:23:29 -06:00

3.4 KiB
Raw Blame History

layout, title, categories, featured, popular, order, tags
layout title categories featured popular order tags
article Two-step Login Methods
two-step-login
false true 02
two-step login
2fa
two factor authentication
account

Using Two-step Login (also called Two-factor Authentication, or 2FA) to protect your Bitwarden Vault prevents a malicious actor from accessing your Vault even if they discover your Master Password by requiring authentication from a secondary device when you log in. If you're unfamiliar with the basics of 2FA, check out our Field Guide.

There are lots of different methods for Two-step Login, ranging from dedicated Authenticator Apps to Hardware Security Keys. Whatever you choose, Bitwarden highly recommends that you secure your Vault using Two-step Login. In fact, we think it's so important that we're happy to offer a few methods for free.

Two-step Login for Individuals

The following Two-step Login methods can be enabled on an individual-by-individual basis from the Web Vault's{:target="_blank"} Settings menu.

Free Methods

Bitwarden offers several Two-step Login methods for free, including:

Method Setup Instructions
via an Authenticator app (for example, Authy{:target="_blank"} or Google Authenticator{:target="_blank"}) Click here.
via Email Click [here]({% link _articles/two-step-login/setup-two-step-login-email.md %}).

Premium Methods

For Premium users (including members of Paid Organizations), Bitwarden offers several advanced Two-step Login methods:

Method Setup Instructions
via Duo Security with Duo Push, SMS, phone call, and security keys Click here.
via YubiKey (any 4/5 series device or YubiKey NEO/NFC) Click [here]({% link _articles/two-step-login/setup-two-step-login-yubikey.md %}).
via FIDO2 WebAuthn (any FIDO2 WebAuthn Certified authenticator) Click [here]({% link _articles/two-step-login/setup-two-step-login-fido.md %}).

Two-step Login for Teams and Enterprise

While all of the above methods can be enabled on an individual-by-individual basis, Teams and Enterprise Organizations can enable the following methods Organization-wide from the Organization's Settings menu.

Method Setup Instructions
via Duo Security with Duo Push, SMS, phone call, and security keys Click here.

Using Multiple Methods

You can choose to enable multiple Two-step Login methods. When you log in to a Vault with multiple enabled methods, Bitwarden will first prompt you for the highest-priority method according to the following order of preference:

  1. Duo (Organizations)
  2. FIDO2 WebAuthn
  3. YubiKey
  4. Duo (Individual)
  5. Authenticator App
  6. Email

Any option will work, though. Authenticate with a lower-preference method by selecting the Use another two-step login method button:

{% image two-step/twostep-diffmethod.png Use another two-step login method %}