Bitwarden Duo



On this page:

Bitwarden Duo

I now have two accounts: 'DUO ADMIN' and 'DUO-PROTECTED' showing in the app. It's strange that 'Duo Mobile' was shown as greyed out, as I had logged into Duo Admin using a Duo Push notification. Anyway, I've just tried logging into Bitwarden again and it's requesting Duo Push, so all is good. Bitwarden, Inc., parent company of 8bit Solutions LLC, brings you Bitwarden. Bitwarden is the easiest and safest way to store all of your logins and passwords while conveniently keeping them synced between all of your devices. Password theft is a serious problem. The websites and apps that you use are under attack every day. Bitwarden is a free and open-source password management service that stores sensitive information such as website credentials in an encrypted vault. The Bitwarden platform offers a variety of client applications including a web interface, desktop applications, browser extensions, mobile apps, and a CLI.

Overview

Two-Step Login (Duo) provides an additional layer of security when you log in at IU. Also known as two-factor authentication, this helps protect sensitive data and guard against increasingly sophisticated email and online scams (for example, phishing attacks) that can leave you vulnerable to identity theft. IU has partnered with Duo to provide this service.

Logins for all IU students, faculty, staff, retirees, affiliates, and those with Academic (ACNP) status require Two-Step Login (Duo), including group or departmental accounts (but not IU Guest accounts).

Two-Step Login does not protect your passphrase from being hacked, phished, or otherwise compromised. Think of it as a safety net that protects your accounts on IU services if your passphrase is compromised.

Even though Two-Step Login can help protect your account, you should still choose a strong passphrase and take steps to protect it. If there is reason to believe your passphrase has been compromised, UITS will scramble it as a precaution.

Use Two-Step Login (Duo)

Like similar services offered by Google and Facebook, with Two-Step Login, you log in by:

Bitwarden DuoDuo
  1. Entering your username and passphrase.
  2. Confirming your login with an enrolled device.

Bitwarden Duo Setup

To see how this works, view a video about Two-Step Login in action.

UITS recommends using the Duo Mobile app on your smartphone or tablet, but if you don't have such a device, regular cell phones, landlines, Google Voice phone numbers, MacBooks with Touch ID, and USB security keys are also supported. Single-button hardware tokens are also available.

For step-by-step instructions for all options, see Get started with Two-Step Login (Duo) at IU.

Enroll multiple devices and telephone numbers to ensure alternative methods of two-step login, in case you are separated from your main device. For more, see If your Two-Step Login (Duo) device is not with you, or is lost or stolen.

Bitwarden Duo

To lessen the number of times you need to complete a login with Duo, select Remember me for 7 days when completing a login; this will keep you from having to Two-Step for logins for seven days in the browser from which you initiated your login:

Bitwarden 2fa Options

If you have autopush enabled, you first must click Cancel to cancel the autopush before you can select Remember me for 7 days:

Bitwarden Two Step

After canceling the autopush and selecting Remember me for 7 days, resend the push to complete your login.