Bitwarden Authenticator
Bitwarden Authenticator is a standalone app that generates time-based one-time passwords (TOTPs) for logins that support authenticator app 2FA. It generates 5-10 digit codes, by default using SHA-1 and rotating them every 30 seconds.
Bitwarden Authenticator is available for everyone, with or without a Bitwarden Password Manager account. If you have a Bitwarden Password Manager account, you can synchronize codes with your Bitwarden vault. When synced, your codes will be labelled either Local Codes or labelled by your account email address:
Bitwarden Authenticator is available on iOS and Android devices. To get started, download the app from your device's app store:
iOS: App Store (iOS 16+)
Android: Google Play (Android 12+)
tip
On iOS 16+, you can make Bitwarden Authenticator or Password Manager integrated authentication your default verification code app when scanning codes directly from the camera app. To set this up:
Open the iOS Settings app on your device.
Tap General.
Tap AutoFill & Passwords.
Tap Password Options.
In the Verification Codes section, select an app from the Set Up Codes In dropdown menu.
If set up to sync with Password Manager, Authenticator will automatically add and keep up-to-date any verification codes stored in Password Manager. Using the Authenticator app, you can also Scan a QR code or Add a code manually, and in either case choose whether to save it locally or in Password Manager:
In the Bitwarden Authenticator app:
Tap the icon.
Point your camera at the QR code. Scanning will happen automatically.
Choose whether to Save here (meaning, only in Authenticator) or Save to Bitwarden (meaning, save as a login item in Password Manager).
tip
If you create a local code and later want to add it to your vault, copy the code to Password Manager.
Long-press a Local Code on the Verification codes screen, or edit a synced item from Bitwarden Password Manager, to make changes to it. For local codes you can:
Edit the Name or Key attached to it.
Designate an item as a Favorite, which will move it to the top of the Verification codes screen for easy access.
Add a Username to the item. Use this field when you have multiple accounts for the same website and require a separate verification code per account.
Change the Algorithm used to generate the code. By default, Bitwarden Authenticator uses SHA-1.
Change the Refresh period for the code. By default, Bitwarden Authenticator uses 30 seconds.
Change the Number of digits for the code. By default, Bitwarden Authenticator uses 6 digits.
tip
Algorithm, Refresh period, and Number of digits are determined by the site you're using the verification code with. Do not change these settings for an item unless that website requires it or allows you to customize verification code behavior.
To use a verification code once the secret for that account is stored in Bitwarden Authenticator, open Bitwarden Authenticator and tap the entry to copy its verification code to your clipboard. Then, paste the verification code in the input for the website or app you're logging in to.
When you get a new mobile device, you need to transfer your TOTPs for them to appear in Bitwarden Authenticator. Use the method that matches your set-up:
For local codes, export your Bitwarden Authenticator data on your old device. On your new device, import the file to Authenticator.
For any codes that synced with Password Manager on the old device, set up sync on your new device. This will pull all verification codes that are attached to saved login items. Alternatively, export a .json file for the TOTPs located in your vault and then import the file to Authenticator on your new device.
Bitwarden offers two authenticators: the standalone Bitwarden Authenticator app and Password Manager's integrated authenticator. Both store and generate verification codes, so you can use them together, separately, or switch between them based on your security preferences. If you use both, you can choose how connected they are. Key differences include:
Characteristic | Bitwarden Authenticator | Bitwarden Password Manager's integrated authenticator |
|---|---|---|
Who can use it | Everyone, no Bitwarden account is required. | Free accounts can store keys. Premium users and members of paid organizations can store keys and generate TOTP codes. |
Primary use | Anyone who prefers storing 2FA codes separately from their password manager and free Bitwarden accounts that want to generate TOTP codes | Convenient all-in-one password and 2FA management |
Platforms | Mobile only, iOS and Android | All Bitwarden clients, including mobile, browser extension, desktop app, and web app |
Default storage | Your local device *If your Password Manager allows authenticator syncing and/or you proactively copy a local code to your vault, the codes are also stored in your Bitwarden vault. | Your Bitwarden vault |
Sync between apps | Can manually copy local codes to Password Manager, which permits syncing Can automatically sync codes in Password Manager with Authenticator | Can automatically sync codes in Password Manager with Authenticator |