Free Bitwarden takes OTP text code, but it's unclear it doesn't support it. #333

New Issue

Closed

opened 2025-11-07 08:35:42 -06:00 by GiteaMirror · 20 comments

GiteaMirror commented 2025-11-07 08:35:42 -06:00

Owner

Copy Link

Originally created by @filbranden on GitHub (Jan 23, 2019).

Originally assigned to: @mpbw2 on GitHub.

So I'm trying to set up OTP for GitHub itself. Currently I use Google Authenticator and it works fine, but I was considering switching to Bitwarden.

Setting this up in GitHub by going to Settings > Security > Authenticator App, then click on Set up using an app, when presented with the Recovery Codes clicking Copy and then Next, then scanning the barcode. I can tell Bitwarden scans it correctly, since the text string matches (other than case) the string presented in the "enter this text code" link on that same page.

But GitHub wants a 6-digit code back from the app, and Bitwarden doesn't seem to give me that... See screenshot below:

Does Bitwarden generate this 6-digit code somehow and I'm just missing it/can't find it? Or is it just not generating it? (In which case, is that an upcoming feature?)

Thanks for Bitwarden, it's an awesome product, really happy with it so far!

Cheers,
Filipe

Originally created by @filbranden on GitHub (Jan 23, 2019). Originally assigned to: @mpbw2 on GitHub. <!-- Please do not submit feature requests. The [Community Forums][1] has a section for submitting, voting for, and discussing product feature requests. [1]: https://community.bitwarden.com --> So I'm trying to set up OTP for GitHub itself. Currently I use Google Authenticator and it works fine, but I was considering switching to Bitwarden. Setting this up in GitHub by going to `Settings` > `Security` > `Authenticator App`, then click on `Set up using an app`, when presented with the Recovery Codes clicking `Copy` and then `Next`, then scanning the barcode. I can tell Bitwarden scans it correctly, since the text string matches (other than case) the string presented in the "enter this text code" link on that same page. But GitHub wants a 6-digit code back from the app, and Bitwarden doesn't seem to give me that... See screenshot below: <img width="518" alt="otp-github" src="https://user-images.githubusercontent.com/106037/51587489-bd83c280-1e95-11e9-8e44-a77fb400f3d3.png"> Does Bitwarden generate this 6-digit code somehow and I'm just missing it/can't find it? Or is it just not generating it? (In which case, is that an upcoming feature?) Thanks for Bitwarden, it's an awesome product, really happy with it so far! Cheers, Filipe

GiteaMirror closed this issue 2025-11-07 08:35:42 -06:00

GiteaMirror commented 2025-11-07 08:35:43 -06:00

Author

Owner

Copy Link

@Crocmagnon commented on GitHub (Jan 23, 2019):

You need to save the entry. The 6-digit code is only displayed on the "view" page of the item

@Crocmagnon commented on GitHub (Jan 23, 2019): You need to save the entry. The 6-digit code is only displayed on the "view" page of the item

GiteaMirror commented 2025-11-07 08:35:43 -06:00

Author

Owner

Copy Link

@filbranden commented on GitHub (Jan 23, 2019):

@Crocmagnon I just tried this again, I don't see any 6-digit codes on the view page of the item... This is on Android app version 1.21.0 (1631). The authenticator key (TOTP) is alphanumeric 16 characters long... What am I missing?

@filbranden commented on GitHub (Jan 23, 2019): @Crocmagnon I just tried this again, I don't see any 6-digit codes on the view page of the item... This is on Android app version 1.21.0 (1631). The authenticator key (TOTP) is alphanumeric 16 characters long... What am I missing?

GiteaMirror commented 2025-11-07 08:35:43 -06:00

Author

Owner

Copy Link

@kspearrin commented on GitHub (Jan 23, 2019):

@filbranden Do you have a premium membership? OTP codes would only be generated with a premium membership. https://blog.bitwarden.com/premium-features-file-attachments-2fa-options-totp-priority-support-d4c12e2d9018

@kspearrin commented on GitHub (Jan 23, 2019): @filbranden Do you have a premium membership? OTP codes would only be generated with a premium membership. https://blog.bitwarden.com/premium-features-file-attachments-2fa-options-totp-priority-support-d4c12e2d9018

GiteaMirror commented 2025-11-07 08:35:43 -06:00

Author

Owner

Copy Link

@filbranden commented on GitHub (Jan 23, 2019):

Yes indeed I have the free membership. I'll definitely consider getting premium, so far I'm loving Bitwarden!

I changed the subject of this issue to reflect the actual problem. With the free membership, I'm able to scan a QR image and to store an OTP code, but it doesn't really work after that... I think it should maybe either block me from entering an OTP, or maybe giving me a visible warning that TOTP is only supported on a premium membership. That would definitely have been enough to prevent my confusion that had me open this issue.

Thanks again for an awesome product!

Cheers,
Filipe

@filbranden commented on GitHub (Jan 23, 2019): Yes indeed I have the free membership. I'll definitely consider getting premium, so far I'm loving Bitwarden! I changed the subject of this issue to reflect the actual problem. With the free membership, I'm able to scan a QR image and to store an OTP code, but it doesn't really work after that... I think it should maybe either block me from entering an OTP, or maybe giving me a visible warning that TOTP is only supported on a premium membership. That would definitely have been enough to prevent my confusion that had me open this issue. Thanks again for an awesome product! Cheers, Filipe

GiteaMirror commented 2025-11-07 08:35:44 -06:00

Author

Owner

Copy Link

@kspearrin commented on GitHub (Jan 23, 2019):

Yes, at the moment we can't advertise a premium membership since we don't support in-app purchases. The app stores won't let you mention any kind of paid subscriptions if you arn't using the in-app purchase APIs.

@kspearrin commented on GitHub (Jan 23, 2019): Yes, at the moment we can't advertise a premium membership since we don't support in-app purchases. The app stores won't let you mention any kind of paid subscriptions if you arn't using the in-app purchase APIs.

GiteaMirror commented 2025-11-07 08:35:44 -06:00

Author

Owner

Copy Link

@filbranden commented on GitHub (Jan 23, 2019):

Ah I see... So even a warning saying "TOTP does not work in a free membership" might be a breach of those terms. Huh! Oh well, thanks for the clarification, at least now I know how to get this solved. Feel free to close this issue or leave it open to track this issue (and maybe help others find it while searching for the same.) For me, either way is fine. Thanks again!

@filbranden commented on GitHub (Jan 23, 2019): Ah I see... So even a warning saying "TOTP does not work in a free membership" might be a breach of those terms. Huh! Oh well, thanks for the clarification, at least now I know how to get this solved. Feel free to close this issue or leave it open to track this issue (and maybe help others find it while searching for the same.) For me, either way is fine. Thanks again!

GiteaMirror commented 2025-11-07 08:35:44 -06:00

Author

Owner

Copy Link

@auctionsjeff commented on GitHub (Mar 21, 2019):

Same issue with attachments. It lets you pick a file, but it's not clear that the feature is intentionally disabled. I understand that the app stores don't want you to circumvent their huge cut of purchases by directing users to purchase outside the app, but at least something saying "feature not enabled" would help clue in the user. I spend 10 minutes trying to figure out the trick to get my attachment to upload.

@auctionsjeff commented on GitHub (Mar 21, 2019): Same issue with attachments. It lets you pick a file, but it's not clear that the feature is intentionally disabled. I understand that the app stores don't want you to circumvent their huge cut of purchases by directing users to purchase outside the app, but at least something saying "feature not enabled" would help clue in the user. I spend 10 minutes trying to figure out the trick to get my attachment to upload.

GiteaMirror commented 2025-11-07 08:35:44 -06:00

Author

Owner

Copy Link

@drdownload commented on GitHub (May 11, 2019):

Right now, its even stranger, Ive got a family plan and some totp challenge codes are displayed but most dont.

@drdownload commented on GitHub (May 11, 2019): Right now, its even stranger, Ive got a family plan and some totp challenge codes are displayed but most dont.

GiteaMirror commented 2025-11-07 08:35:44 -06:00

Author

Owner

Copy Link

@wjcarpenter commented on GitHub (Jun 23, 2019):

Ive got a family plan and some totp challenge codes are displayed but most dont.

Same here. I think the ones that display properly are the ones that I imported from authy.

BTW, there is also no warning about this in the Chrome extension. Does that have the same kind of restriction as the app stores?

@wjcarpenter commented on GitHub (Jun 23, 2019): > Ive got a family plan and some totp challenge codes are displayed but most dont. Same here. I think the ones that display properly are the ones that I imported from authy. BTW, there is also no warning about this in the Chrome extension. Does that have the same kind of restriction as the app stores?

GiteaMirror commented 2025-11-07 08:35:45 -06:00

Author

Owner

Copy Link

@conorpp commented on GitHub (Dec 2, 2019):

I was having problems with the TOTP codes not showing up after getting premium, but it worked after signing out and in of Bitwarden.

@conorpp commented on GitHub (Dec 2, 2019): I was having problems with the TOTP codes not showing up after getting premium, but it worked after signing out and in of Bitwarden.

GiteaMirror commented 2025-11-07 08:35:45 -06:00

Author

Owner

Copy Link

@IlCallo commented on GitHub (Apr 26, 2020):

I second this ^^^
I installed the app and created the account via phone, then I searched a way to make 2FA code generation work.
I logged in via web valut to import data from previous pass manager and upgraded to premium, but mobile app didn't show anything.
After seeing this comment I disconnected and re-connected and now I see the 2FA codes.
Seems a sync problem about the type of the account (premium or free)

@IlCallo commented on GitHub (Apr 26, 2020): I second this ^^^ I installed the app and created the account via phone, then I searched a way to make 2FA code generation work. I logged in via web valut to import data from previous pass manager and upgraded to premium, but mobile app didn't show anything. After seeing this comment I disconnected and re-connected and now I see the 2FA codes. Seems a sync problem about the type of the account (premium or free)

GiteaMirror commented 2025-11-07 08:35:45 -06:00

Author

Owner

Copy Link

@RichardBronosky commented on GitHub (Mar 11, 2021):

This is a really bad User Experience. Something needs to be communicated. There is no excuse for the desktop app and browser extension to not communicate "TOTP generation not supported by your account". I think the "in-app purchase" justification is a cop-out. It's time to fix this and stop wasting thousands of hours of human-time trying to find this information.

Great product. Great service. Very reasonable pricing. No complaints there. But, if you accept excuses, you ensure continuation. Every parent knows this.

@RichardBronosky commented on GitHub (Mar 11, 2021): This is a really bad User Experience. Something needs to be communicated. There is no excuse for the desktop app and browser extension to not communicate "TOTP generation not supported by your account". I think the "in-app purchase" justification is a cop-out. It's time to fix this and stop wasting thousands of hours of human-time trying to find this information. Great product. Great service. Very reasonable pricing. No complaints there. But, if you accept excuses, you ensure continuation. Every parent knows this.

GiteaMirror commented 2025-11-07 08:35:45 -06:00

Author

Owner

Copy Link

@sweharris commented on GitHub (Mar 13, 2021):

To reinforce what RichardBronosky said... I just spent an hour trying to work out why my Chrome extension wasn't generating codes and eventually googling found this thread.

Very bad UX!

@sweharris commented on GitHub (Mar 13, 2021): To reinforce what RichardBronosky said... I just spent an hour trying to work out why my Chrome extension wasn't generating codes and eventually googling found this thread. Very bad UX!

GiteaMirror commented 2025-11-07 08:35:46 -06:00

Author

Owner

Copy Link

@Git-on-my-level commented on GitHub (Mar 18, 2021):

I also spent quite a while trying to figure out what was wrong
On the plus side I learned more about key URI formats here
On the downside this frustration could have been avoided if there was any indication at all that there is no user error
I love Bitwarden so far and plan to support with a premium membership but if I hadn't found this thread I might have assumed that the product is broken and tried something else

@Git-on-my-level commented on GitHub (Mar 18, 2021): I also spent quite a while trying to figure out what was wrong On the plus side I learned more about key URI formats [here](https://github.com/google/google-authenticator/wiki/Key-Uri-Format) On the downside this frustration could have been avoided if there was any indication at all that there is no user error I love Bitwarden so far and plan to support with a premium membership but if I hadn't found this thread I might have assumed that the product is broken and tried something else

GiteaMirror commented 2025-11-07 08:35:46 -06:00

Author

Owner

Copy Link

@nasteffe commented on GitHub (May 6, 2021):

So Bitwarden generates TOTP codes only with a premium membership. Good to know.

@nasteffe commented on GitHub (May 6, 2021): So Bitwarden generates TOTP codes **only** with a premium membership. Good to know.

GiteaMirror commented 2025-11-07 08:35:46 -06:00

Author

Owner

Copy Link

@leadersheir commented on GitHub (Jun 12, 2021):

I can't complain much cuz I didn't spend too long trying to make it work. Finding this thread saved me a bunch of frustration and time. Thanks 🙌

@leadersheir commented on GitHub (Jun 12, 2021): I can't complain much cuz I didn't spend too long trying to make it work. Finding this thread saved me a bunch of frustration and time. Thanks :raised_hands:

GiteaMirror commented 2025-11-07 08:35:46 -06:00

Author

Owner

Copy Link

@adriankeenan commented on GitHub (Oct 15, 2021):

It took me ~ half an hour to figure this out by finding this thread :( A real shame as the rest of the UX has been great!

@adriankeenan commented on GitHub (Oct 15, 2021): It took me ~ half an hour to figure this out by finding this thread :( A real shame as the rest of the UX has been great!

GiteaMirror commented 2025-11-07 08:35:47 -06:00

Author

Owner

Copy Link

@0xdnL commented on GitHub (Nov 15, 2021):

Would've saved me some hassle to know, that TOTP's are a premium feature 😐

@0xdnL commented on GitHub (Nov 15, 2021): Would've saved me some hassle to know, that TOTP's are a premium feature 😐

GiteaMirror commented 2025-11-07 08:35:47 -06:00

Author

Owner

Copy Link

@mrobinson-campion commented on GitHub (Jan 20, 2022):

I too was confused but thankfully this post cleared up why my free membership will accept the TOTP key but then fails to generate the 6-digit code.

@mrobinson-campion commented on GitHub (Jan 20, 2022): I too was confused but thankfully this post cleared up why my free membership will accept the TOTP key but then fails to generate the 6-digit code.

GiteaMirror commented 2025-11-07 08:35:47 -06:00

Author

Owner

Copy Link

@vvolkgang commented on GitHub (Jun 20, 2024):

Issue migrated to https://github.com/bitwarden/mobile/issues/450

@vvolkgang commented on GitHub (Jun 20, 2024): Issue migrated to https://github.com/bitwarden/mobile/issues/450

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

pm-33356/policy-changed-push-sync

premium-upgrade/PM-33508-billing-api-service

PM-30130-remove-archive-feature-flag

sdlc/sdk-update

tooling/improve-review-workflow

PM-32663/update-vault-migration-screens

llm/add-resolving-sdk-updates-skill

QA-1523/sanity-test-saucelabs

release/2026.3-rc48

PM-24380/flight-recorder-redact-hostname

PM-26577-app-links-support

PM-26896-autofill-fix

release/2026.2-rc47

PM-32714/fallback-to-web-vault-host

pr-6572

PM-28834/setting-app-layout-horizonos

vvolkgang/process-release-notes-v2

release/2026.2-rc46

release/2026.1-rc45

PM-30644/added-logs-for-debug

PM-30644/quicktile-nav-not-showing-migration

minor-gradle-updates

release/2026.1-rc42

release/2026.1-rc44

release/2026.1-rc43

PM-28834/set-landscape-on-horizonos-devices

context-rules

devclarity/update-code-review-command

PM-20026/force-ltr-passwords-and-codes

release/2025.12-rc41

cmcg/testCoverage

claude-skill/creating-feature-flags

PM-29014/talkback-support-for-passwords

release/2025.12-rc40

BRE-1305/publish_test

accept-user-certs

autofill-permissions

release/2025.11-rc39

PM-22479/check-all-certificates-validate-asset-links

release/2025.10-rc38

agalles/android-latest

optimize-test-workflows

tier2-test-sharding

retro-agent

PM-27001/skip-account-selection-only-one-exists-cxp

release/2025.10-rc37

agalles/test-1118

release/2025.10-rc36

PM-20593-token-refresh

QA-1126b/adding-native-sanity-test

release/2025.9-rc35

pm-25933/sdk-update-password

release/2025.9-rc34

release/2025.8-rc33

agalles/20250821-release

debug-release-issues

pm-24249-allow-automated-prs-for-sdk-updates

release/2025.8-rc32

release/WORKFLOW-TEST-2025.8-rc28

agalles/20250807release

release/2025.07-rc25

release/hotfix-v2025.7.0-bwa

pm-23311/export-vault-policy-bypass

release/2025.07-rc24

authenticator-pm-sync-flags-issue

ps/implement-sdk-repository-example

release/hotfix-v2025.6.0-bwpm

release/2025.06-rc21

agalles/automate-android-fastlane-patch

release/2025.05-rc20

release/2025.04-rc19

languages/basque

release/2025.03-rc19

update-readme

qrcode/feature

innovation/archive/pm-19153-archive-items

qrcode/2-ui-fields

qrcode/1-page

hold-on-biometric-prompt-alternative

release-notes-process

release/2025.02-rc16

bwa-monorepo

PM-8223/new-device-verification-ux-improvements

pm-18451/exempt-from-policies

test-bwa

cs-workaround-linked-0-copy

release/2025.01-rc15

release/2025.01-rc14

release/2024.12-rc13

pm-16670/sync-leave-notice

821

PM-16695/backport-lean-more-new-device-verification

km/15084-testing

release/hotfix-v2024.11.7

release/2024.11-rc1

pm-11304/collection-add-item-button

PM-14241/disabling-logs-app-crash

poc/offline-editing

new-version-calc

pm-11649/expired-link-services

pm-6702/add-feature-flag

pm-6702/email-verification-feature

pm-9933/marketing-copy-update

pm-6702/registration-flows

update-templates

pm-6701/email-verification-selfhost-registration

v2026.2.1-bwpm

v2026.2.1-bwa

v2026.2.0-bwpm

v2026.2.0-bwa

v2026.1.1-bwa

v2026.1.1-bwpm

temp-test

v2026.1.0-bwpm

v2026.1.0-bwa

v2025.12.1-bwa

v2025.12.1-bwpm

v2025.12.0-bwa

v2025.12.0-bwpm

v2025.11.1-bwpm

v2025.11.1-bwa

v2025.11.0-bwpm

v2025.11.0-bwa

v2025.10.1-bwa

v2025.10.1-bwpm

v2025.10.0-bwa

v2025.10.0-bwpm

v2025.9.1-bwa

v2025.9.1-bwpm

v2025.9.0-bwa

v2025.9.0-bwpm

v2025.8.1-bwa

v2025.8.1-bwpm

v2025.8.0-bwa

v2025.8.0-bwpm

v2025.7.2-bwa

v2025.7.2-bwpm

v2025.7.1-bwa

v2025.7.1-bwpm

v2025.7.0-bwa

v2025.7.0-bwpm

v2025.6.1-bwpm

v2025.6.0-bwa

v2025.6.0-bwpm

v2025.1.0-bwa

v2025.5.0-bwa

v2025.5.0-bwpm

v2025.5.999

2025.4.0

v2025.4.0

untagged-4731eaadac73f3dfbbb8

v2025.3.0

v2025.2.0

untagged-815a165c5d70ffe75bc7

v2025.1.2

v2025.1.1

v2025.1.0

v2024.12.0

untagged-5a76b6392a4c8998c63a

v2024.11.7

v2024.11.6

v2024.11.5

v2024.11.4

v2024.11.3

v2024.11.2

v2024.11.1

v2024.11.0

v2024.10.2

v2024.10.1

v2024.10.0

v2024.9.0

v2024.8.1

v2024.8.0

v2024.7.3

v2024.7.2

v2024.7.1

v2024.7.0

v2024.6.1

v2024.6.0

v2024.5.1

v2024.4.1

v2024.4.2

v2024.4.0

v2024.3.3

v2024.3.1

v2024.3.0

v2024.2.1

v2024.2.0

v2024.1.1

v2024.1.0

v2023.12.0

v2023.10.0

v2023.9.2

maui-single-project-android

v2023.9.1

v2023.9.0

v2023.8.0

v2023.7.0

v2023.5.0

v2023.4.0

v2023.3.2

v2023.3.1

v2023.3.0

v2023.2.0

v2023.1.0

v2022.11.0

v2022.10.0

v2022.9.1

v2022.9.0

v2022.8.0

v2022.6.2

v2022.6.1

v2022.6.0

v2022.05.0

v2.18.0

v2.17.0

v2.16.4

v2.16.3

v2.16.2

v2.16.1

v2.15.0

v2.14.2

v2.14.1

v2.14.0

v2.13.0

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.0

v2.9.1

v2.9.0

v2.8.2

v2.8.1

v2.8.0

v2.7.2

v2.7.0

v2.6.1

v2.6.0

v2.5.6

v.2.5.5

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.1

v2.3.0

v2.2.8

v2.2.7

v2.2.6

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.0

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.22.1

v1.22.0

v1.21.0

v1.20.0

v1.19.0

v1.18.1

v1.18.0

v1.17.0

v1.16.0

v1.15.2

v1.15.1

v1.15.0

v1.14.4

v1.14.1

v1.14.0

v1.13.0

v1.12.2

v1.12.1

v1.12.0

v1.11.1

v1.11.0

v1.10.0

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.5

v1.6.1

v1.6.0

v1.5.1

v1.5.0

v1.4.4

v1.4.3

v1.4.0

v1.3.0

v1.2.1

v1.2.0

v1.1.0

v1.0.0

v0.0.6

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels

app:authenticator

app:password-manager

bug

bug-passkey

customer-support

duplicate

enhancement

good first issue

help wanted

needs-reply

needs-response

pull-request

Mirrored from GitHub Pull Request

question

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/android#333