1. Goal 4
  2. Step A

Set Up a Password Manager

One password to manage them all

By Chris Cantey

Updated

Choosing a password manager

I currently recommend Bitwarden. If you're landing directly on this page, head back to the start of this section to learn why.

Create a strong and unique password

Bitwarden calls your password storage account your “vault” and they refer to your key that protects that vault as your “master password.” So first we're going to make one more strong and unique password to serve as your “master password” or your key.

As before, I recommend using the Bitwarden Password Generator site to make it. For this one, I strongly recommend a passphrase. This is the one strong and unique password that you should try to commit to memory.

You may need some time to memorize this passphrase, so you could write this one down if you'd like, but I only recommend doing so temporarily. If you would like to write this down temporarily, I recommend starting with a fresh index card or piece of paper that you can keep separate and safe until you destroy it.

If this is your first time hearing about strong and unique passwords from us, take a look at my full rundown here.

Create your Bitwarden account

Once you've created your new, very strong, unique, random passphrase, head on over to the Bitwarden registration page to create your vault.

On the registration form, you'll just need to enter your email address, your name, and this brand new “master password” you just created. I wouldn't recommend using a password hint. And your password is random anyway, right?

Now, Bitwarden will ask you to log in using your new account info. Go ahead and do so.

Once you're in, Bitwarden will ask you to verify your email address to enable all the features. You should see a “Verify Email” box in the top right once you are logged in. Do that as well.

If you'd like to see a more visual guide to this process, check out Bitwarden's own Help Center.

Now would be an excellent time to bookmark this page in your web browser. Having a bookmark to such a sensitive collection of info could help you identify possible phishing attempts or attempts to steal your key and access your vault.

Enable MFA in your Bitwarden account

Remember Authy, the multi-factor authentication app we set up at this beginning of this journey? We're going to put it to use again here. Enabling MFA on your Bitwarden account will be a big step in helping to secure such a trove of sensitive data (your passwords).

Here is Authy's guide for setting up Bitwarden MFA.

In case you need to set up Bitwarden MFA with a different MFA app or would just like some additional info, here is Bitwarden's own guide for setting up MFA.

Install the Bitwarden Apps

Right now, you have access to the Bitwarden Vault via your web browser. You can access this at any time by visiting https://vault.bitwarden.com. But you can also access your Bitwarden Vault (and your passwords in it) from their iPhone, iPad, Android, Mac, Windows apps. You can even install their browser plugin on Firefox, Chrome, Safari, or Edge.

This is how you're going to be able to use all the passwords you eventually add to your vault. With the browser plugin, you can click to fill login forms on the website. With the mobile app, you can paste in or click to fill logins in iPhone and Android apps. You won't need to memorize these passwords. The apps will do that for you. I recommend trying them all out, so you can get a feel for how to use this in your daily life.

Here is Bitwarden's download page for all of their apps. It's safest to link from this page directly to make sure you're getting the real ones. Once downloaded and installed, you will use your email and “master password” to log in to each of them.

Here are their very helpful guides that explain how to use each of these apps:

Could you use some more visuals?

Bitwarden has created some helpful YouTube videos that guide you through various parts of this process. Take a look at those here:

And don't forget their Help Center.

A note on password or account recovery

I obviously think end-to-end encrypted, secure password managers like Bitwarden are the way to go when it comes to dealing with today's mountain of logins. But there is a bit of a risk with such security: if you lose your “master password”, there is no way to gain access to your account.

Unlike many other online services, with truly end-to-end encrypted services, there is no way for the provider (Bitwarden in this case) to help you gain access to your account. There is no password reset or account recovery. Your password is your key and the only way into your vault. If you lose it, you lose access to the account and everything in it.

Ultimately, I think this is a good thing, as it shows how strongly protected your passwords are in your vault. But this does mean that you need to take great care to remember and never lose this “master password.”

Have a look at Bitwarden's help page on this topic to learn more.

Get on the list!

Learn about free training sessions, livestream Q&As, and new guides.

You can unsubscribe at anytime. For more details, review our Privacy Policy.