Bitwarden

Bitwarden has just launched a new multi-factor authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices.

The app uses time-based one-time passwords (TOTPs) for accounts registered by scanning a QR code to provide users with an extra layer of security during authentication.

"By leveraging widely adopted standards such as TOTP, Bitwarden can work seamlessly everywhere, including legacy applications," reads the launch announcement.

"Enterprises can remain nimble, without having to re-architect current systems while adopting strong passwordless options such as passkeys, FIDO2 hardware keys, magic links, biometrics, and beyond."

Bitwarden Authenticator app interface on Android
Bitwarden Authenticator app interface on Android
Source: Bitwarden

Although TOTP authentication was already available in the Bitwarden Password Manager, it was a premium feature only available to paying users.

In contrast, the Bitwarden Authenticator app is available for free to all users, even those without a Bitwarden account, and can be used as a standalone app.

Bitwarden's CTO Kyle Spearrin said the launch of the new app "provides immediate value to the Bitwarden user base who has been asking for a standalone app for several years" and promised new features and enhancements in future releases.

"Phase 1" limitations

Bitwarden Authenticator is considered a stable release at this point but it lacks advanced features commonly found in other products in this space.

Currently, it generates TOTPs for online services that support MFA apps, including the Bitwarden Password Manager, while backups are handled by the OS's backup services.

The app settings also give users the capability to add biometrics as an additional security step, while exporting is also available.

The published roadmap for future releases includes an import function, push-based 2FA, account recovery, Bitwarden account (and vault) syncing, and workforce (enterprise-grade) authentication options.

Roadmap
Development roadmap
Source: Bitwarden

Although the lack of some of the mentioned features may make adopting or migrating TOTP authentication to the new tool challenging for some users, it shouldn't be a big hurdle for most.

The Bitwarden Authenticator app is available on Google Play for Android phones and on the Apple App Store for iPhones and iOS devices in general.

Being an open-source project, the code for the two apps is available on public GitHub repositories. Those interested in looking at the code can find it here for the iOS version and here for the Android app.

Related Articles:

CISA: Most critical open source projects not using memory safe code

Tor Browser 13.5 brings Android enhancements, better bridge management

FTC files complaint against Adobe for deceptive cancellation practices

Scathing report on Medibank cyberattack highlights unenforced MFA

Microsoft: New Outlook security changes coming to personal accounts