When using an MFA for an email account you can face an issue when the same mail account may be used by multiple team members and each of them needs to have the MFA configured.
for example, we have a mailbox firstname.lastname@example.org and I’d like to set up an MFA protection on it with Google Authenticator (see the Authy: step by step Multi-Factor Authentication configuration for Github and AWS).
But this box is used by other people so I need to have a way to share TOTOP with all of them.
To do this – they all can configure their own Authentificatior application with the same code during an initial MFA configuration in the Google Account. But still, if any of them will leave the company – we will have to re-generate the code and update it on all devices… Not too good, hah?
Another solution to share a TOTP could be using Bitwarden and its TOTP-codes field.
Let’s do it.
Bitwarden MFA configuration
First, set up an MFA in Gmail as usual – add a phone number, confirm with an SMS code, and go to the Google Authentificator configuration:
Devie no matter here, just press Next:
Click on the Can’t scan it:
And instead of a QR code – you’ll get it in a simple string:
Add it to the Bitwarden into the Authenticator Key (TOTP) field:
Save, get the code, go back and confirm it in the Google:
And now your team can use Bitwarden as any similar MFA-tools – just copy the code from there: