• Zachariah@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    ·
    26 天前

    Starting in February, Bitwarden will bolster user account security for those users who are not utilizing two-step login (2FA) for their Bitwarden account. When logging in from an unrecognized device, users will be asked for an emailed verification code to confirm the login attempt and better protect their Bitwarden vaults…

  • sabreW4K3@lazysoci.al
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    2
    ·
    26 天前

    Please make sure we can turn this off. I use my bitwarden a lot and the last thing I want is to have to switch to a third app just to retrieve my password. I want simplification not complication.

    • gazter@aussie.zone
      link
      fedilink
      English
      arrow-up
      7
      ·
      25 天前

      I’m with you- if I’m accessing my vault from an unknown device, it’s usually because I don’t have my phone. So now I need to log in to my email on an unknown device, as well as my vault…

    • smeg@feddit.uk
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      3
      ·
      26 天前

      Simplification is when I tell my grandma to just use the password manager built into chrome. BitWarden provides security, and if you’re already accessing it with 2FA as you should then this change shouldn’t even affect you!

  • CaptObvious@literature.cafe
    link
    fedilink
    English
    arrow-up
    2
    ·
    25 天前

    If this is something implemented in-client, we should be able simply to block updates. Failing that… well, a spreadsheet and notepad worked well enough before.

        • Dreamless4561@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          2
          ·
          6 天前

          What it says on the FAQ: If users do not want new device verification, do not want to set up an alternate two-step login method, and do not want any security on their account, there will be an option to turn off new device verification in the Danger Zone settings when the feature goes live. However, we must emphasize that this is strongly not recommended, as it leaves your account vulnerable to various attacks.