If proprietary app is better and more robust I am willing to try it and assess it myself.

    • peregus@lemmy.world
      link
      fedilink
      arrow-up
      25
      arrow-down
      1
      ·
      1 year ago

      I don’t think that it’s safe to leave both authentication factors in a single app.

      • dana@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        It depends on your risk profile, but yes, it’s less secure. For some people the convenience is worth the risk, for others maybe not. If you opt to store 2fa keys in Bitwarden you’d definitely want to enable 2fa for your Bitwarden account though, which brings us back to the same issue again.

        • peregus@lemmy.world
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          If you opt to store 2fa keys in Bitwarden you’d definitely want to enable 2fa for your Bitwarden account though, which brings us back to the same issue again.

          With the risk of getting locked out if all your devices get logged out of Bitwarden! 🙈

          • dana@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            To clarify, you’d want to enable 2fa for Bitwarden and store the token for that in a different authenticator app - that way you can still log in to Bitwarden without already needing to be logged in

        • blkpws@lemmy.ml
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          1 year ago

          Two factors is like a second step, the 2FA is normally this token (TOTP) that is generated every X minutes, so if someone steals your password, they still need another number that they will not get unless they hacked your device, and if they hacked your device, they probably have access to many of your data or access to that secret token to log in. Doesn’t mean they should be separated, but you could, still the safest way to keep all secure isn’t splitting passwords and tokens but using a hardware key. That’s my view.