Critical: op item move caused loss of OTP field (irrecoverable 2FA data)

Hi,

I need clarification on what appears to be a serious data integrity issue with op item move.

I moved several items between vaults using:

op item move <ITEM_ID> –vault <TARGET_VAULT>

The command completed successfully. However, after the move, I discovered that the OTP (TOTP) field was missing from the items in the destination vault.

Details:

• The original items contained functioning TOTP fields.
• After the move, the OTP fields are no longer present.
• The original items are not in “Recently Deleted”.
• There was no warning, no error, and no indication that any field types would be excluded.
• There was no documentation warning that OTP fields might not be preserved.

This has resulted in effective data loss.

The TOTP secrets cannot be reconstructed. As a result, I now have to go through account recovery procedures with the affected services in order to regain 2FA access. That is time-consuming and in some cases involves manual identity verification.

From a user perspective, this is extremely concerning:

• A “move” operation implies a lossless transfer.
• OTP secrets are security-critical data.
• A password manager must guarantee preservation of all credential components, especially second factors.

If the move operation internally recreates items (rather than truly moving encrypted blobs), that behavior needs to guarantee full field fidelity — or explicitly block or warn when certain field types cannot be safely transferred.

Questions:

1. Is this expected behavior or a bug?
2. Are OTP fields officially supported in op item move?
3. Is there any possible recovery path for the lost TOTP secrets?
4. Are there plans to ensure field-type completeness during move operations?

At the moment, this behavior represents irreversible loss of authentication data without warning, which is a serious integrity issue for a password manager.

I would appreciate clarification and guidance.