Placeholder for TOTP in Password Field

Feature Requests
1

Hey there,

I switched from KeePassXC and everything works great. Thank for the good work!
I miss one feature compared to TOTP.
I have entries with TOTP and some sites tend to aks for TOTP in the password field. In KeePassXC you can use {TOTP}password in password field and {TOTP} is replaced while copying the password field.
I searched a lot in Google and didn´t find anything.
Is there a way to use this (also with official Bitwarden Apps for iOS)?

Greetings!
groove21

2

Hi @groove21,

Interesting feature, hopefully the password policy of these sites do never require the exact string {TOTP} to be present in the password :wink:

  • This may not be implemented in the backend. You may easily work “offline” (i.e. without access to the Vaulwardenrs-/Bitwarden-Server when using a Bitwarden client. Your clients have to sync your password changes with the server once in a while. E.g. the CLI client requires that you do this explicitely by calling bw sync.
  • The backend just stores things.
  • The calculation of the TOTP is done by the client/frontend i.e. the iOS App or the Safari Extension on macOS. This is done by doing specific calculations using the timestamp and the seed. Only the seed is stored in vaultwarden.
  • So the client would need to parse the fetched password and replace this on-the-fly.

Best Regards
Mirko

3

@groove21 sounds like a niche feature.
But for this you probably need to go to bitwarden since they develop the clients. Vaultwarden is only a compatible backend api and does not know the password or totp hashes. This is only known by the clients which decrypt the encrypted vault in memory.