This is a text automatically translated from Italian. If you appreciate our work and if you like reading it in your language, consider a donation to allow us to continue doing it and improving it.
Content index
The new application for managing codes for thetwo-factor authentication of Bitwarden called precisely Bitwarden Authenticator. As explained by a post on their blog the arrival of this application was planned and above all requested by the community.
In fact, on Bitwarden, only in the paid version, it is already possible to enter the OTP codes of the various logins. The difference with this application, besides the obvious fact that Bitwarden Authenticator is completely free, is the fact that it is a separate app from the password manager. This is a very important thing and we appreciate the effort made by Bitwarden.
Bitwarden Authenticator has also arrived
Store the OTP codes inside the password manager it is in fact a practice that we generally advise against for security reasons: the OTP code it should be an additional security code stored somewhere other than the password manager precisely because if this manages to get into the wrong hands it is not completely crazy to think that it would be better to keep the OTP code separate.
We don't think it's fundamental either because hopefully, for example, that the password manager is also protected by 2FA but separating passwords and 2FA is a practice we generally recommend.
The Roadmap
The new application to manage Bitwarden two-factor authentication is nothing special in its first release. It is in fact a very simple application for managing codes locally with almost no settings other than blocking via biometrics and the possibility of exporting (in clear 🫥) the codes in .json or .csv format and nothing else. Exporting them in plaintext means that anyone who gets their hands on that file could therefore create the OTP codes don't do it and if you do, don't leave the file lying around.
It is therefore certainly much lower than the applications we recommend as Aegis or Ente Auth but the roadmap is quite interesting especially for those who have a Bitwarden account where it is said that the authentication codes can be synchronized with a Bitwarden account. We also think that the application could be interesting to those who generally trust the Bitwarden project and would like to use its Authenticator. The same thing we said before applies to us: try not to save passwords and 2FA in the same application as much as possible.
We can only welcome this new application Open source and free, even if there are already many applications for managing 2FA We can only be happy to see new ones!
As far as we're concerned Bitwarden Authenticator doesn't deserve a place on our list yet alternatives to Google Authenticator because it is too immature and simple but if it improves and adds some interesting features we will not hesitate to add it!
Download and try Bitwarden Authenticator
• • • • • •Join communities
If you have found errors in the article you can report them by clicking here, Thank you!