• 9point6@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    4 months ago

    I’ve looked into this before and unfortunately it doesn’t support the SMS requirement I have in my deal-breaker scenario—do you know if this has changed and can point me to the docs regarding it?

    • Enoril@jlai.lu
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      4 months ago

      Do you really need that ?

      Self hosting means you have outside your phone your real vault and the phone is just connecting to it to refresh its local data.

      I’ve setup my vaulwarden in my local network kit’s the local bitwarden server i use), my phone, tablet or simple webbrowser can connect to it when i’m home via the classic bitwarden (with self hosting parameters).

      If i travel, i have just to start my openVpn session and connect to my home but it’s only needed if I want to update something (the encrypted cache it’s enough for consulation). If I have nothing to change, no need to have a vpn. I just use the cached data.

      If my phone is stolen the data are safe (cache is encrypted, source is not on the phone). I revoke the vpn access by precaution and move one. No sms scenario needed here.

      You only need to have a backup phone or computer to setup your new access on the new phone.

      Edit: of course my vpn connection is protected by a passphrase so nobody can connect to my home network without me around. And the bitwarden app is also protected of course.

      • 9point6@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        4 months ago

        Do you have a second factor for your VPN? Or is it literally just a passphrase and you’re in? I also need a shared key to access mine, which puts new back at square one (I will not compromise on this)

        I do really need what I’ve described because it’s literally a situation I’ve been in.

    • ikidd@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      4 months ago

      Oops, missed that part. Not that I know of, though SMS is a terrible way to do 2FA. It annoys me so many businesses and banks use it.

      • 9point6@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        4 months ago

        I agree it’s much worse than using a modern OTP app, but I need a way to access my OTP database when the only form of digital identity I have access to is my phone number.

        Authy currently supports this scenario for me (with a load of checks, it doesn’t happen instantly), so I would require a like for like replacement

        • EyesInTheBoat@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          4 months ago

          Bitwarden has a 2FA recovery code possible so you could use a unlabeled hard copy of the code. It cycles after every use so it would get you one recovery and doesn’t use SMS so it’s immune to SMS shenanigans.

          • 9point6@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            4 months ago

            That’s potentially a solution then, as I guess in order to buy a new phone I would need to have not lost my wallet too at least, so I guess I could keep those items together for equivalent recovery possibility

            Okay that may be a goer, I’ll look a bit more into it, thanks!