Bitwarden Learning

Two-step login, also called 2-factor authentication or 2FA, is the most important thing you can do to protect your data other than using a strong master password.

A note for business plans: If 2FA is already enabled through Login with SSO or Duo, you can skip these instructions.

1. Go to your Web app > Account Settings
   

   

2. Go to the menu bar on the left hand side and select Security, then in the top menu bar select Two-step login.
   

   

3. Before enabling two-step login, click on view recovery code and ensure you write down or print it and store it in a safe place. This will ensure you are able to access your account if you lose access to your normal two-step login provider (ex. you lose your device).
   

   

After you have safely stored your recovery code, use the Manage button on the right hand side to enable the Two-step login providers of your choice. We offer a variety of options that can be enabled from email verification codes to third party options such as the Authy authenticator app and YubiKeys. See the Help article Two-step Login Methods for more details on which options are available for your account.

 If you set up a verification code (TOTP) for your Bitwarden account, ensure that you are not storing it within your Bitwarden vault. Storing your TOTP code only within your vault without setting up an alternate two-step login method or safely storing your recovery code may cause you to permanently lose access to your vault (ex. if you are ever logged out)

• Two-step login is a hot topic! Check out recent articles in the newsfeed

• Field Guide to Two-Step Login

• Two-step Login FAQs