- cross-posted to:
- privacyguides@lemmy.one
- technology@lemmy.world
- cross-posted to:
- privacyguides@lemmy.one
- technology@lemmy.world
Bitwarden Authenticator is a standalone app that is available for everyone, even non-Bitwarden customers.
In its current release, Bitwarden Authenticator generates time-based one-time passwords (TOTP) for users who want to add an extra layer of 2FA security to their logins.
There is a comprehensive roadmap planned with additional functionality.
Available for iOS and Android
Weird. If I copy the TOTP code from bitwarden into their 2fa app I get different codes. Not even after a rotation ( one isn’t ahead of the other ). That doesn’t seem right :/
Wait - so far its only the Microsoft MFA code that does it.
Microsoft MFA has the option of being set up (by admins) with either standard TOTP or with their proprietary algorithm.
If the admins for the realm you’re trying to use have chosen the proprietary one you need to use the Microsoft Authenticator app. Regular TOTP generators will accept the code but the code they make won’t work.
Can the regular Bitwarden generator make good codes? If so, it means they figured out (or were told by Microsoft) how the proprietary algorithm works. But since this standalone app is open source they couldn’t add that algorithm to it.
My main issue is that if I add the bitwarden TOTP secret string manually multiple times its generating different codes between the entries. Which seems like something that shouldn’t happen.
It is a different format to the other ones I’ve got though.
Fuck Microsoft authenticator though. Had to restore it to a new phones once and if you don’t do it on initial startup you can’t restore it at all. Good thing I had a secondary app that still had them. Absolute garbage.
TOTP is a defined standard, specifically RFC 6238.
But I still have 3 different apps on my phone so that I can get on to various customer VPNS. 🤷♂️
Because they use proprietary algorithms not TOTP.