Hardware tokens with Bitwarden Regular account

Bitwarden is a password management service that stores sensitive information such as website credentials in an encrypted vault. The Bitwarden platform offers a variety of client applications including a web interface, desktop applications, browser extensions, mobile apps, and a CLI.

Bitwarden web interface has an option of enabling multi-factor authentication, but regular hardware tokens are available as a premium option only.

As Token2 programmable tokens are drop-in replacements of mobile TOTP apps, you can use them with  Bitwarden without the need of upgrading to Premium by following the instructions below.

Requirements: 

• A Bitwarden account (free or premium)
• A Token2 programmable token (the guide below shows miniOTP-2 as an example)
• An Android device with NFC - this is needed for the enrollment only, subsequent logins will only require the hardware token

Login to your Bitwarden profile and navigate to "Two-step login". 

Click on the "Manage" button next to the "Authenticator App" section. The system may ask you to enter your master password again.

Upon entering the master password, a window with a TOTP QR code will be displayed.

Open the Token2 Burner app on your mobile device and click the button to scan a QR code, or manually enter the authentication key (base32 format is to be used). To scan the code, point the camera of your device at the QR code shown on the window illustrated above. 

 Click on "Burn seed" button. The app should show "burn seed process succeeded" message if the process is successfully completed. 

Push the button on the miniOTP device, and enter the code shown on the display to OTP field on Bitwarden enrollment windows (3.Enter the resulting 6 digit verification code from the app) and click "Enable". 

The following message will be displayed if successfully enrolled.