On 03 April 2021, Facebook encountered a data leak which saw the details of more than 500 million users available for purchase.
One way to protect yourself is to use unique passwords for each of your online accounts. This means that if one account was compromised, cyber criminals would not be able to reuse the compromised password to access your other accounts.
However, it is difficult remember so many passwords, and writing them down on paper isn't a great idea if your passwords are long and complicated.
How I Kept Track of My Passwords
I started off with keeping track of my passwords by writing them down in a notebook. This method isn't great since I have to search through all of my passwords to find the correct one, and type out the login information manually.
I later tried to use an excel file to record all of my passwords, which made to easy fo me to copy and paste my login information whenever I wanted to login to some website.
So I started looking for password managers and settled on using Bitwarden to manage my passwords.
What is Bitwarden?
Bitwarden is a free and open-source password manager. A Bitwarden account is also known as a vault, and you can store and share various items inside it, such as:
- Logins. Just like other password managers, you can store your username/email, password, and the URL.
- Identities. You can store personal information such as names, addresses, emails, phone numbers and licence/passport numbers.
- Credit card information. Your card number and expiry can be stored.
- Secure notes. Think of secure notes as a notepad where you can store small bits of information securely.
Other Free Features
Besides storing the above items, other features are available on the Free plan, such as:
With Bitwarden's in-built password generator, users are able to generate unique passwords of different lengths. Other options are available, meaning that you can choose to generate alphanumeric passwords or passwords with special characters.
You can also select a minimum number of digits or special characters, and you can even ask it to avoid using ambiguous characters such as
Cross Platform Support
Under Bitwarden's Download page, you can download various desktop clients for Windows, MacOS, and Linux distributions.
Users who prefer to integrate Bitwarden with their browser can also choose to install browser extensions. Supported browsers include Chrome, Safari, Firefox, Brave, Microsoft Edge, and others.
Mobile apps are also available for download on the App Store and Google Play.
For the programmatically inclines, Bitwarden also has a Command Line Interface for you to write and execute scripts on your Bitwarden vault.
If you don't want to install anything, or you are using someone else's computer, you can also directly access your vault by logging in to the Web Vault.
Currently, I have the browser extension and mobile app installed.
Syncing with Unlimited Devices
You can access your Bitwarden vault without a device limit.
Two Factor Authentication
Two factor authentication methods available to users on the Free tier include using authenticator apps such as Google Authenticator and Authy, or using email.
A Premium plan costs USD 10 / year and includes the following additional features:
- Bitwarden Authenticator (TOTP), which allows you to replace apps such as Authy,
- 2FA using YubiKeys, U2F, or Duo,
- Emergency Access,
- Encrypted file attachments (1GB),
- One-to-one file sharing.
I've tried other alternatives, but I feel that Bitwarden is currently the best password manager to use. I originally used 1Password because of its user experience and how it looked, but I switched over to Bitwarden once I realised that I can auto-fill my username and password using keyboard shortcuts. However, I only use Bitwarden to store login information and secure notes. I do not use to store credit cards or contacts, nor do I use it to share anything with other people.
After being on the Free plan for a few months, I upgraded to the Premium plan. This means that I can use Bitwarden Authenticator instead of Authy to manage my TOTPs and I can also login to Bitwarden while using my YubiKey as my 2FA.
This means that I can login to all of my accounts while keeping the data on Bitwarden, instead of spreading it out across multiple apps. For those who wish to "retain ownership of their data", Bitwarden offers a self-host option so that you can run your own instance of Bitwarden by yourself.
- Plently of useful features such as an in-built password/passphrase generator.
- Premium plan is very affordable for the additional features that it offers.
- Compatible with most platforms.
- Open source software and publishes results of their security audits.
- Good documentation.
- If you are using their cloud service and there's a sudden degradation in service, you'll have to wait for them to restore full functionality.
- Premium and Family plans are annual plans; there is currently no option to pay monthly for either of these two plans.
While it may not be as aesthetic as 1Password, the features and price of Bitwarden is very attractive for most users. If you need to keep track of many passwords, Bitwarden is a simple password manager that gets the job done.