Bitwarden Authenticator is a standalone app that is available for everyone, even non-Bitwarden customers.

In its current release, Bitwarden Authenticator generates time-based one-time passwords (TOTP) for users who want to add an extra layer of 2FA security to their logins.

There is a comprehensive roadmap planned with additional functionality.

Available for iOS and Android

  • Rolling Resistance
    link
    English
    137 months ago

    Just like in the password manager, they ignored HOTP. Oh well.

      • @[email protected]
        link
        fedilink
        English
        16
        edit-2
        7 months ago

        HOTP is an HMAC-based OTP, whereas TOTP is a time-based OTP. Basically, this is how each works:

        • HOTP - based on a key + a counter, which increments with each code generated
        • TOTP - based on a key + time, so you get a new key every N seconds

        TOTP is quite common and honestly is all I use, whereas HOTP may be more common in certain enterprises. Main criticisms:

        • HOTP - longer time window for a key to be valid for the entire time between logins (i.e. potentially easier to brute force)
        • TOTP - less user-friendly due to the time window; also, you just need a clock, you don’t need to know the counter value (if someone gets the key, they can generate keys whenever)