Introduction
Password Managers is still a necessity in 2020, and will be for a long time. I’ve been using Bitwarden with YubiKeys for a while now, so it was about time to share some experience, and how easy it’s to get started.
Bitwarden Web Vault. The best way to manage all your 2FA accounts is to use the Authy app. It enables you to have a single mobile app for all your 2FA accounts and you can sync them across multiple devices, even accessing them on the desktop. Install Authy on your device by searching for it in your device’s app store. Not even the team at Bitwarden can read your data, even if we wanted to. Your data is sealed with AES-256 bit encryption, salted hashing, and PBKDF2 SHA-256. Bitwarden is 100% open source software. The source code for Bitwarden is hosted on GitHub and everyone is free to review, audit, and contribute to the Bitwarden codebase.
Bitwarden https://bitwarden.com/ is an Open Source Password Manager that is hosted on GitHub https://github.com/bitwarden. This means that you have full control over source code, and you also could contribute to the project. With Bitwarden you can simply self-host it, or run their Organization Plans that is hosted on Azure https://bitwarden.com/help/article/cloud-server-security/. Bitwarden offers different Organization Plans. To see what fits your demand go to https://bitwarden.com/#organizations. The Enteprises Plan supports Azure AD integration. I will cover this in another blog post.
Configure Bitwarden with your Favorite FIDO key
Bitwarden Totp Vs Authy
Bitwarden supports a whole range of Providers. When enabling 2FA you will also be prompted to download recover Code. Download these first, before proceeding to the 2FA setup! And Keep the Recovery codes safe, in case things went south!
To configure your FIDO key with YubiKey.
Go to:
1) Settings
2) Two-step Login
3) Manage
Just add your YubiKey with the Touch/Tap were it will populate the OTP or U2F, I recommend at least two YubiKeys, in case you lose your primary key. With the second backup key you can access your account if you ever lost your key! Yes, that will eventually happen 🙂 You could also configure Bitwarden with another supported OTP/U2F key if you have another brand in your possession. If you do not have one, Authenticator Apps like Authy, Google, Duo is supported as well.
The list of supported Yubico keys that will works with Bitwarden https://www.yubico.com/works-with-yubikey/catalog/bitwarden-premium/
If you need to support an NFC compatible key, use the NFC support. I have NFC supported key, so I can access the Bitwarden on go with my Phone.
Bitwarden Authenticator
Test Login
After you have saved the settings, it’s time to test the login from your browser of preference. The login site https://vault.bitwarden.com
Let’s also test a login with iOS with an NFC compatible YubiKey
Bitwarden Authenticator App
Summary
It’s without doubt that configuring 2FA with Bitwarden is straightforward with some simple steps. Just remember! Do not only configure one single YubiKey, that is not good practice.
Bitwarden 2 Factor
Bitwarden is feature-packed and should tick all your boxed if you have strong requirements for a password manager. With the wide range of supported OTP/U2F, I think this password manger will make you delighted for a long time. And yes, it’s Open Source that is a big bonus!
Authy Vs Bitwarden
Documentation