Nevertheless I chose my Yubikey instead.

  • PracticalParrot
    link
    fedilink
    English
    arrow-up
    36
    ·
    11 months ago

    I do this. I want to point out it is absolutely TERRIBLE for security. It’s turning 2 factor back into 1 factor authentication.

    • kniescherz@feddit.de
      link
      fedilink
      English
      arrow-up
      15
      ·
      11 months ago

      I would argue its more like a 1.5 factor. Not secure when your bitwarden gets compromised. But more security for stolen, leaked, phised passwords.

      I currently have 60 OTPs in Bitwarden, I probably would not have activated 2FA on so many sites without BW.

    • hswolf@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      yeah, while I understand that, it’s not every time I have both my phone and computer together at the same time

      using a standalone OTP on either one of them would make the opposite a pain in the ass to use

      I take a lot of precautions with my main vault password, even got a biometric reader so I don’t have to type the password that much

      • PracticalParrot
        link
        fedilink
        English
        arrow-up
        2
        ·
        11 months ago

        You’re absolutely right. It’s all about your threat model, how much convenience you’re willing to lose and what not.
        I absolutely should do more to minimize potential risk, but it’s really so convenient to just… Have it all in 1 place…

          • PracticalParrot
            link
            fedilink
            English
            arrow-up
            2
            ·
            11 months ago

            This is a smart solution. Only solution I have so far is self hosting bitwarden, using unique password to login, and having 2fa to login to bitwarden, where the key is in bitwarden, and on aegis on a phone at home.