- Goal 4
Set Up a Password Manager
One password to manage them all
Choosing a password manager
We currently recommend Bitwarden. If you're landing directly on this page, head back to the start of this section to learn why.
Create a strong and unique password
Bitwarden calls your password storage account your “vault” and they refer to your key that protects that vault as your “master password.” So first we're going to make one more strong and unique password to serve as your “master password” or your key.
As before, we recommend using the Bitwarden Password Generator site to make it. For this one, we strongly recommend a passphrase. This is the one strong and unique password that you should try to commit to memory.
You may need some time to memorize this passphrase, so you could write this one down if you'd like, but we only recommend doing so temporarily. If you would like to write this down temporarily, we recommend starting with a fresh index card or piece of paper that you can keep separate and safe until you destroy it.
Create your Bitwarden account
Once you've created your new, very strong, unique, random passphrase, head on over to the Bitwarden registration page to create your vault.
On the registration form, you'll just need to enter your email address, your name, and this brand new “master password” you just created. We wouldn't recommend using a password hint. And your password is random anyway, right?
Now, Bitwarden will ask you to log in using your new account info. Go ahead and do so.
Once you're in, Bitwarden will ask you to verify your email address to enable all the features. You should see a “Verify Email” box in the top right once you are logged in. Do that as well.
If you'd like to see a more visual guide to this process, check out Bitwarden's own Help Center.
Enable MFA in your Bitwarden account
Remember Authy, the multi-factor authentication app we set up at this beginning of this journey? We're going to put it to use again here. Enabling MFA on your Bitwarden account will be a big step in helping to secure such a trove of sensitive data (your passwords).
Here is Authy's guide for setting up Bitwarden MFA.
In case you need to set up Bitwarden MFA with a different MFA app or would just like some additional info, here is Bitwarden's own guide for setting up MFA.
Install the Bitwarden Apps
Right now, you have access to the Bitwarden Vault via your web browser. You can access this at any time by visiting https://vault.bitwarden.com. But you can also access your Bitwarden Vault (and your passwords in it) from their iPhone, iPad, Android, Mac, Windows apps. You can even install their browser plugin on Firefox, Chrome, Safari, or Edge.
This is how you're going to be able to use all the passwords you eventually add to your vault. With the browser plugin, you can click to fill login forms on the website. With the mobile app, you can paste in or click to fill logins in iPhone and Android apps. You won't need to memorize these passwords. The apps will do that for you. We recommend trying them all out, so you can get a feel for how to use this in your daily life.
Here is Bitwarden's download page for all of their apps. It's safest to link from this page directly to make sure you're getting the real ones. Once downloaded and installed, you will use your email and “master password” to log in to each of them.
Here are their very helpful guides that explain how to use each of these apps:
Could you use some more visuals?
Bitwarden has created some helpful YouTube videos that guide you through various parts of this process. Take a look at those here:
- How to create an account and login
- Vault Management
- Account management
- How to set up the browser extension
- How to use Bitwarden on Android
- How to use Bitwarden on iOS
- Bitwarden Browser Extension Quick Start
And don't forget their Help Center.
A note on password or account recovery
We obviously think end-to-end encrypted, secure password managers like Bitwarden are the way to go when it comes to dealing with today's mountain of logins. But there is a bit of a risk with such security: if you lose your “master password”, there is no way to gain access to your account.
Unlike many other online services, with truly end-to-end encrypted services, there is no way for the provider (Bitwarden in this case) to help you gain access to your account. There is no password reset or account recovery. Your password is your key and the only way into your vault. If you lose it, you lose access to the account and everything in it.
Ultimately, we think this is a good thing, as it shows how strongly protected your passwords are in your vault. But this does mean that you need to take great care to remember and never lose this “master password.”
Have a look at Bitwarden's help page on this topic to learn more.