Bitwarden Authenticator is a standalone app that is available for everyone, even non-Bitwarden customers.

In its current release, Bitwarden Authenticator generates time-based one-time passwords (TOTP) for users who want to add an extra layer of 2FA security to their logins.

There is a comprehensive roadmap planned with additional functionality.

Available for iOS and Android

  • Snot Flickerman
    link
    fedilink
    English
    507 months ago

    No, they’re both ostensibly open source and standalone. I’m an avid Bitwarden Free user, but Aegis has been my go-to for a long time.

    If it’s a standalone completely offline app, like Aegis, I’m at a loss to what they could offer that is any different than what Aegis already offers.

    • Simon Müller
      link
      fedilink
      English
      187 months ago

      If you look at the roadmap they have in the blogpost, they are apparently planning tighter integration with the existing bitwarden suite

      • Snot Flickerman
        link
        fedilink
        English
        167 months ago

        …but wouldn’t that undermine the fact that it’s standalone and offline?

      • @[email protected]
        link
        fedilink
        English
        17 months ago

        How so? They already have TOTP built-in to the app if you pay for premium, so this is just a free competitor to their own offering.

        I’m guessing they’re trying to make it a “gateway” to getting people on Bitwarden. Start with the TOTP app, then use the password manager, then pay for premium. Or something like that.

    • @fluckx
      link
      English
      57 months ago

      2FA push is on the roadmap. Does aegis have that? Or am I just too dense to realise it does?

      • Snot Flickerman
        link
        fedilink
        English
        17 months ago

        I mean, Aegis is 2FA? That’s literally all it is? It generates One Time Pad codes for various sites and apps that support authentication apps.

        So, I’m not sure what you mean?

        • @[email protected]
          link
          fedilink
          English
          97 months ago

          I’m not positive but I’m assuming they’re referring to a kind of MFA where the authenticating service pushes to the client you possess rather than relying on a temporal cryptographic key. I’ve got a few services which work that way

          • @fluckx
            link
            English
            47 months ago

            That’s indeed what I meant. Similar to how OKTA, battle.net, or the Microsoft authenticator works( in corporate environments).

            You receive a push notification which asks if you’re trying to log in and approve it, followed by a fingerprint or a pin code to confirm, rather than having to type in the code generated by your app