The twin dilemma: how to create strong, secure passwords without forgetting them? The solution is obvious: make use of a password manager. They’re common as muck these days, but our favourite by far is the brilliant Bitwarden.
A quick precis of why we love Bitwarden: it has all the features you’d expect in a good password manager – easy and convenient to use, while locking your sensitive data away in a watertight vault using end-to-end 256-bit AES encryption that ensures it remains private. There’s 2FA support for extra security, and it works across all your devices: desktop, mobile and browser.
It’s also open source, so completely transparent (and if you don’t want to trust your passwords to its ultra-secure servers, you can even set it up as a self-hosted server as we’ve done). It’s also completely free to use – no key features are locked away behind a paywall, although affordable premium tiers exist – just $10/year – if you want to take advantage of extras like a password vault health check or TOTP generator and storage, or just want to support it financially.
Set up your Bitwarden account
Visit https://bitwarden.com/ and click ‘Create Your Free Account’ to get started. You’ll be prompted to provide an email address and a strong master password – this is the only one you’ll need to remember going forward, so make it lengthy (no fewer than 12 characters, and avoid easily guessable phrases or words – mixed case letters and numbers are good).
Once set up, you can download the Bitwarden apps for your computers (Windows, Mac and Linux), mobiles (iOS and Android) and even web browser (all major platforms, plus a few niche options like Tor and Brave, are supported via add-ons). Log into your account through these and you’re up and running, with access to your passwords just a few clicks or taps away.
The most useful clients are the browser add-ons, as these link into the websites you visit. When Bitwarden detects you logging into a website it’ll offer to save the password in its vault for you – click Yes, and your details are stored. Now is the perfect time to go into your account details on that site to change the password to something stronger using Bitwarden’s random password generator (again, aim for 12 characters plus and make a note of any special requirements, such as special characters, to make it even harder to hack). Copy and paste this into the new password field(s) and if you’re not prompted to update your password by Bitwarden, edit the site details manually to do so (note, your old passwords are stored under ‘Password History’ for future reference if needed).
You'll notice that Bitwarden can also securely store other information: secure notes containing non-website information, plus forms and credit-card details for quickly filling into websites too.
Security and convenience
Having to enter your master password each time you open Bitwarden can be annoying, so click Settings to find simpler ways to unlock the app – as of Bitwarden 1.20, both Windows Hello and macOS Touch ID support have been added; Touch ID is also available on your iPad and iPhone. If you’re happy to lessen security on a trusted desktop or laptop, choose to unlock Bitwarden with a PIN instead of your master password.
We also strongly recommend you add a secondary layer of protection to your Bitwarden account in the form of two-factor authentication (2FA). This would ensure that even in the event your master password was somehow compromised, hackers still wouldn’t be able to gain entry to your account without direct access to your phone.