Bitwarden has just launched a new multi-factor authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices.
The app uses time-based one-time passwords (TOTPs) for accounts registered by scanning a QR code to provide users with an extra layer of security during authentication.
"By leveraging widely adopted standards such as TOTP, Bitwarden can work seamlessly everywhere, including legacy applications," reads the launch announcement.
"Enterprises can remain nimble, without having to re-architect current systems while adopting strong passwordless options such as passkeys, FIDO2 hardware keys, magic links, biometrics, and beyond."
Although TOTP authentication was already available in the Bitwarden Password Manager, it was a premium feature only available to paying users.
In contrast, the Bitwarden Authenticator app is available for free to all users, even those without a Bitwarden account, and can be used as a standalone app.
Bitwarden's CTO Kyle Spearrin said the launch of the new app "provides immediate value to the Bitwarden user base who has been asking for a standalone app for several years" and promised new features and enhancements in future releases.
"Phase 1" limitations
Bitwarden Authenticator is considered a stable release at this point but it lacks advanced features commonly found in other products in this space.
Currently, it generates TOTPs for online services that support MFA apps, including the Bitwarden Password Manager, while backups are handled by the OS's backup services.
The app settings also give users the capability to add biometrics as an additional security step, while exporting is also available.
The published roadmap for future releases includes an import function, push-based 2FA, account recovery, Bitwarden account (and vault) syncing, and workforce (enterprise-grade) authentication options.
Although the lack of some of the mentioned features may make adopting or migrating TOTP authentication to the new tool challenging for some users, it shouldn't be a big hurdle for most.
The Bitwarden Authenticator app is available on Google Play for Android phones and on the Apple App Store for iPhones and iOS devices in general.
Being an open-source project, the code for the two apps is available on public GitHub repositories. Those interested in looking at the code can find it here for the iOS version and here for the Android app.
Comments
0Willy - 1 month ago
So new there are no detailed configuration instructions or YouTube video.
joshwenke - 1 month ago
<p>Instead of this app, or other mainstream Auth apps, I highly recommend Ente Auth. Cross platform, end-to-end encrypted, open source, and web version available.</p>
0Willy - 1 month ago
"Instead of this app, or other mainstream Auth apps, I highly recommend Ente Auth. Cross platform, end-to-end encrypted, open source, and web version available. https://auth.ente.io/"
Give them your details to find out about the product. Either you work for them or have no idea how data security people think... or both.
Hmm888 - 1 month ago
And why should people use the MFA over Microsoft or Google's?
mayormaynotbeano - 1 month ago
"Is Bitwarden Authenticator open source?
Yes! Bitwarden Authenticator is open source and available at the following GitHub repositories for Android and iOS."
Probably because it is open source.