07-22-2021 08:31 PM
I have Duo properly configured and integrated with a couple of different apps. I also use Bitwarden. Bitwarden has the option of scanning barcodes that are generated by OTP apps so that Bitwarden can provide the OTP codes.
Is it possible to integrate Duo with Bitwarden in this way? I’m not talking about adding Duo as 2FA to protect the Bitwarden app itself.
I’m basically asking if Duo can generate a barcode so that I can scan it with the Bitwarden mobile app so the Bitwarden app can provide the Duo OTP codes. This will enable me to use the Bitwarden app as a replacement for the Duo mobile app with the exception of push notifications. This is extremely handy when using the Bitwarden desktop app to login to a Duo protected web form when you don’t have your phone close by. You just copy the OTP code from Bitwarden and paste it into the web form when promoted for the OTP code.
07-22-2021 09:10 PM
Hi @jeffshead ,
Bitwarden’s Authenticator functionality relies upon TOTP (time-based) authenticator apps. Duo Mobile uses HOTP (event-based) passcodes when authenticating into Duo-protected integrations. QR codes cannot be generated since Duo Mobile (upon activation) is what synchronizes the event-based passcode.
If you have 3rd party applications protected via Duo, such as Instagram for example, they will be using TOTP. However, a QR code cannot be generated via Duo Mobile and, in this case, you may be better off having Bitwarden scan the QR code directly from Instagram.
Hope this helps!
07-22-2021 10:16 PM
In addition to push, I thought that Duo was providing TOTP for Duo-protected applications in much the same way as other applications that have built-in TOTP functionality.
I’m still not quite understanding why Duo couldn’t interact with Bitwarden in the same manner that Instagram interacts with Bitwarden with regard to TOTP. Is what I’m wanting to accomplish an impossibility or is it just not currently a feature for various reasons?
07-27-2021 12:18 PM
Please see Are passcodes generated by the Duo Mobile app HOTP or TOTP?
HOTP was the method chosen for Duo Mobile Passcodes. While TOTP is supported via hardware tokens, TOTP token drift and resynchronization are not supported (Knowledge Base | Duo Security).
Please feel free to submit a Feature Request via your Account Executive, Customer Success Manager (if applicable), or our Support Team.
Thank you!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide