How to secure your BITWARDEN account like a pro | YubiKey Tutorial
Рет қаралды 135,274
Күн бұрынLocking down all your passwords with a password vault- like Bitwarden or Lastpass-is a great way to keep all your accounts secure! However, because all this information is stored in one place, it is critical that you protect your password manager with things like a complex passphrase and multi-factor authentication.
**** Correction: Bitwarden's Premium Account is $10/year NOT $10/Month ****
In this video, I’ll show you how to secure your Bitwarden account with a physical token like a YubiKey. Physical tokens add an extra layer of protection for your critical accounts because hackers can’t access them without getting ahold of your physical key.
#HackProofBitwardenAccount #YubiKey #Security #TristanBolton
SUBSCRIBE to see more videos in this series and leave a COMMENT below with your Bitwarden or Yubikey questions. 😊
TIMESTAMPS -
[0:00:22] Why I like Bitwarden
[0:03:07] Signing up for a Bitwarden account
[0:03:55] Think PASSPHRASE instead of password
[0:05:21] BE CAUTIOUS about using Password Hints
[0:06:20] Bitwarden Vault Tour
[0:06:50] Bitwarden Feature: Exposed Password Report
[0:07:28] Pricing (*It’s actually $10/year not $10/month*)
[0:08:07] Locking down your vault with a YubiKey
[0:09:25] Print your RECOVERY CODES and save them somewhere safe!
[0:10:53] Installing the Bitwarden Plugin for your browser
[0:11:50] Unlock your Bitwarden account with a PIN
[0:13:01] Autofilling usernames and passwords on page loads
[0:14:03] Conclusion & Summary
LINKS* -
Buy YubiKey 5 NFC (US Amazon): amzn.to/2QKBG6z (affiliate)
Buy YubiKey 5 NFC (Canadian Amazon): amzn.to/3buvQ0X (affiliate)
Yubico Products: www.yubico.com/products
Yubico Authenticator: www.yubico.com/products/servi...
Bitwarden: bitwarden.com
OTHER VIDEOS -
How to secure your GMAIL account like a pro: • How to secure your GMA...
How to secure your DROPBOX account like a pro: • How to secure your DRO...
How to secure your LASTPASS account like a pro: • How to secure your LAS...
How to secure your AWS account like a pro: • How to secure your AWS...
----
Instagram - / tristan.bolton
Twitter - / tristanbolton
Facebook - / tristan-bolton-8700984...
Website - tristanbolton.com/
Thanks Guys! Have a great day! 😊
*Just a quick FYI - as an Amazon Associate I earn from qualifying purchases. Thanks!
@GMK4EVER 4 жыл бұрын
$10 a year, chief. that's less than a buck a month. cant go wrong with that price!
@barddzen 3 жыл бұрын
It’s $10 a year for Personal, but add in Family and it jumps to $50 a year for a family of 6, nearly the price of 1Password. I moved to using BW on my Synology NAS via Docker and in this case it’s free and unlimited. Sure it’s self managed, but with CloudSync backups to gCloud I can at least get my data back fairly easy.
@alwanosuarez9022 3 жыл бұрын
@@riverjamal5806 stfu bot
@An.Individual Жыл бұрын
here after the LastPass breach
@kenkoh1724 3 жыл бұрын
1. Install 2 way firewall 2. Run 3 virus scans 3. Cover cameras 4. Back up against wall 5. Print recovery codes 6. Clear ram
@krzychaczu 3 жыл бұрын
6:14 I kindly advice _not_ to store passwords in the browser. Adversary who obtains access to this computer can easily retrieve all these usernames and passwords. That's why we setup Bitwarden with 2FA here. 😉
@alexanderf9435 3 жыл бұрын
Hello Krzysztof. Do you mean a browser vault or some settings in BitWarden cause passwords to be stored in the browser?
@krzychaczu 3 жыл бұрын
@@alexanderf9435 At 6:14 on the top of the screen we can see "Would you like Firefox to save this login for bitwarden.com". This is a Firefox built-in password manager pop-up. It is not as secure as Bitwarden and easy to crack. A good practice would be to select "Never Save" here, and then change the Firefox settings -> Logins and Passwords -> set "Save Logins" to "off". Firefox should not offer saving passwords in Firefox any more. We will use Bitwarden for storing logon credentials from now on. I hope it explains well.
@jorge3234 3 жыл бұрын
@@krzychaczu what do you think of Apple password key chain? Is that secure enough?
@krzychaczu 3 жыл бұрын
@@jorge3234 Apple's keychain is a primary target of attacks on mac. It also uses 3DES algorithm to encrypt passwords, which is not considered to be safe nowadays. Of course, it is still better than using the same password in different places.
@Sapphire200 Жыл бұрын
thats exactly how I got all my passwords leaked (thankfully lost nothing due to 2FA and quick actions from me). Then I found out about bitwarden and other 2FAs besides google
@bulbasaur968 3 жыл бұрын
your channel is life saving fr
@mrajax_0101 4 жыл бұрын
I tried all but this is the best
@jayyeo3270 4 жыл бұрын
Great clarity thank you!
@interstellar10 3 жыл бұрын
Tristan, thanks for the great video! I wanted specific info RE: Bitwarden & Yubikey compatibility. Although the Yubikey portion was skimmed-over rather quickly, it gives me incentive to watch your other videos which you referenced throughout & at the end. I appreciate your insight & look forward to maximizing password security.
@tristanbolton 3 жыл бұрын
Thanks - if you still have questions feel free to hit me up here or on twitter @tristanbolton Stay safe
@416nighthawk 3 жыл бұрын
Excellent video. I am now using bitwarden with google authenticator on my phone.
@mackjay1777 3 жыл бұрын
Very helpful, thanks! The PIN is a great feature you explain it well
@johnbod 3 жыл бұрын
This was a fantastic video, thank you so much!
@Daniel-Davies-Gonstead-Student Жыл бұрын
Thanks heaps man! This video, even though I don't use a Yubi Key, has been by far the most helpful video I've found in terms of security with a Bitwarden Account. Cheers again :)
@MrDeol84 3 жыл бұрын
I love bitwarden . This video tell you how to setup all security
@Jackson_010 Жыл бұрын
basics it's encouraging to learn a little bit more! Well done!
@barddzen 3 жыл бұрын
One of the challenges I have is I use BW on my Synology NAS via https for a family setup. I could get by using Yubikey or other 2FA methods, but I’m a very technical person and have incorporated this into my daily workflows. However, getting my wife, daughter and grandkids to do 2FA is a major stumbling block. Just getting them to the well of using a password manager was step 1, throwing 2FA of any kind at them makes them use it less. Everyone gets it’s “more secure” but from my standpoint, adoption of a password manager trumps 2FA use: I’d rather have them using BW vs implemented 2FA (and additional steps) and have them not use it all or minimally.
@n3tfury Жыл бұрын
You're not wrong.
@phant0m214 Жыл бұрын
know your basics course is just what I needed. Taking it a day at a ti so I can fully grasp the core of soft.
@cidadaojoaocr 3 жыл бұрын
Great video! The tips are really helpful!
@apexfractals2555 3 жыл бұрын
amazing work. great video 👍 straight to the point
@perengstrom3414 Жыл бұрын
Passphrases yes. Also, make a 6x6 matrix and fill it with part random capital letters and part random special characters. Use two casino dice and the matrix to choose a random capital letter or random special charater to inject in your passphrase. Use the dice also to decide in which word in order to inject the random, and also where in the selected word the random should be. One random is easy to remember in your passphrase and makes the passphrase a lot stronger (examFple).
@bertsenechal6127 Жыл бұрын
I just bought one and I will put to work and will let you know more after I use it. Great presentation Thank you
@leonardomauro7894 2 жыл бұрын
Thanks for the video, really well explained!
@KunouJS 4 жыл бұрын
I had no idea about using the PIN feature. Typing in my master password all the time made me concerned about keyloggers. Thanks for that. :)
@tristanbolton 4 жыл бұрын
Agreed, I had the same concern. Pin is a great feature
@RandomGuy-lm8wh 4 жыл бұрын
But is the PIN just for that PC then? Or does it sync to other browser extensions as well? Else it will be less secure right? I am sort of concerned about PINcodes. So can you let met re-think my PINcode concern?
@notionpicture 3 жыл бұрын
@@RandomGuy-lm8wh it's been 6 months since your comment so I don't know if this is going to be helpful. The PIN code only works locally and it doesn't send anything to the cloud, for example you can also set a different PIN code for your mobile app, another for the desktop app and another for the extension. And the PIN code is different on each one of them (if you want). So yeah that's a good feature since is per device and does not sync anything.
@pjrodz 2 жыл бұрын
Thank you for this video, man!
@grantnicklin6421 Жыл бұрын
Great advice on the settings to use in the browser and browser add-on towards the end of your video. Thanks for your efforts with this.
@edrumsense 4 жыл бұрын
12:45 Thanks for the video. I think that having all your passwords out of the hands of google is a big step already. After that you can arise all the paranoia you want and even burn the paper where you printed the recovery code and swtich to RAM only OS and extreme things like that
@hamadmohammad3 3 жыл бұрын
Nice presentation, I like the option with the pincode.
@MaZEEZaM 2 жыл бұрын
Really helpful video again. Cheers from Australia and +1 Subscriber for your efforts 😎
@tristanbolton 2 жыл бұрын
Thanks for the sub!
@Hi.PixtuneDigital 4 жыл бұрын
Thank you
@christophervazquez537 3 жыл бұрын
Thanks man. This video was very helpful.
@tristanbolton 3 жыл бұрын
Glad it helped
@azclaimjumper Жыл бұрын
I like that BitWarden is Open Source. I also like that all three of their servers are in Germany. Yes, I've secured Bitwarden with both of my YubiKeys. Two is one; One is None.
@NamNguyen-ps4hk 4 жыл бұрын
Thank you love you
@catflapqo 2 жыл бұрын
Hi, there are some great videos on your channel and they've helped cement my decision to use bitwarden as my password vault, thanks. One thing I'm not sure about is which email to use for registration, is it wise to make this different to the one used for registration/communication of the accounts that bitwarden is holding the passwords for or is it just as good to keep it all in one mailbox? I'm also wondering the same about the authenticator app?
@Ninorc8 2 жыл бұрын
Tristan, great video. After leaving LastPass did you simply deactivate your LastPass account or did you delete all the websites and passwords?
@KrishnaDigital123 Жыл бұрын
when i typed in soft soft tutorial i did not expect it to be tNice tutorials good thank you so much aaaaaaa
@charlescharles6191 3 жыл бұрын
I should say that once I slowed it down the video was very helpful, so thank you.
@mandalorian2010 Жыл бұрын
I host Bitwarden on a Docker Container in Linode. With the exception of hosting on Linode, I own all of my data. Doing this setup, I have an additional way to get access to my data in the event that I forget my passcode and lose my key. I can reset everything from the administrator level. There are obviously pros and cons with this setup but I prefer it.
@AphichayaUrinkham Жыл бұрын
thank god i finally know how to rena stuff
@radixsam7690 Жыл бұрын
thank you
@RuanBekker 2 жыл бұрын
Great video!
@cdhorne2112 3 жыл бұрын
Great tutorial!
@tristanbolton 3 жыл бұрын
Thank you!
@ryaniglesias6381 3 жыл бұрын
Hey Tristan, great video. So I took your advice and deleted my account with LP and installed the free Bitwarden. So far I am liking it, however, two minor things 1) If I already have a password in Bitwarden vault and I launch the website I have to either go to the browser extension and select the account or right-click on the password field, then click on Bitwarden to fill in password ...... is there a way to do one click to fill a password either with the free account or the paid account? I don't mind paying as it's affordable. 2) This one bugs me, when I change any password, Bitwarden does not update the new password automatically, I have to add it manually in Bitwarden. If I am adding a new password for the first time it works perfectly fine but when I am changing a password I have to do it manually. If that's the way it works, could you recommend another password manager? Please don't say LP, I am so unhappy with them...... I will never go back to LP, what they are saying to free users is, on March 16th we are calling the new free service, FREE but we know most likely most people wouldn't be able to use and have to pay but we will still call it a free account. I don't know who LP thinks they are. I prefer to pay for another password manager than go back to LP .... oh well that's my rant.
@saadgbar6181 Жыл бұрын
Great video! now... the GMS soft really distorted in my mac, I searched a couple of tutorials to change in nu Options content settings,
@TomTheAustrian 2 жыл бұрын
Really great video! It’s $10 per year, not per konth though 😀
@Ghostbit 4 жыл бұрын
Very helpful video, Tristan. I was surprised to hear your comments about phone-based authentication being even less secure then SMS. Have you done a video on this? I just started using Authy, thinking it was a better option then SMS. Can you point me to a better examination of matter? Also, I feel a fair bit more at ease ordering a Yubikey after watching this. I've always had a fear of losing it and getting locked out of everything forever but I didn't know about the recovery code.
@tristanbolton 4 жыл бұрын
I'm glad you found it helpful. I'm doing a video on Authy vs Yubikey that may help. If your two-factor authentication is SMS or a phone call to a cell phone, it is possible to have your number ported to another SIM/eSIM or even ported to another cell phone carrier without your knowledge. This attack is fairly common but often it is because someone is targeting you and your accounts. However I suspect it will be easier and easier to get SMS and phone calls routed to hackers and therefore using a Yubikey or Authy is much better. They key thing about Authy is the cloud backups and account security (Video coming soon on this). Having a physical key, like a yubikey, is a great way to protect your accounts. Remember the recovery methods you setup for your account is often used to break into them, so if you setup your cell phone to send an SMS code if you loose your yubikey, you're not really anymore secure. Printing off backup codes is one of the best ways to protect yourself if you loose the key.
@kstaxman2 Жыл бұрын
and you can have a back up key as well.. I have two keys one I keep with me and one I keep hidden away for emergencies. I do suggest checking the hidden key every few months just to make sure. And as you said the emergency access key offers a last measure of security.
@ricepaintingcompany 5 ай бұрын
All I have to say is........... Thank you!!!
@ronald0122 4 жыл бұрын
You meant 10$ a year
@tristanbolton 4 жыл бұрын
I did. Thank you!
@tsunarun Жыл бұрын
Thanks for this review 👍👍👍 If i have 2 keys can I flash the barre code one more Time for thé second one ????
@vishnunr3536 Жыл бұрын
Are the sample softs there when you open the software or do you have to download them from sowhere
@azclaimjumper Жыл бұрын
Please consider creating a video that shows how to secure PC's & Macs with Yubikey. These should be 2 separate videos, one for PC's & a 2nd video for Macs
@Earthcrosser 3 жыл бұрын
I use Bitwarden hosted on my Synology NAS and it’s much better than the free offering by Bitwarden where your vault is hosted on their servers (ugh!). You get premium features (FOR FREE!) like the reports and team sharing, plus Yubico access. I just got my Yubico 5C NFC and I’m excited to try it. :-)
@leoncryp8182 2 жыл бұрын
How do you self host for free? I though you need to pay the $1 month Premium account? 3rd party bitwarden code fork / hack?
@des7638 2 жыл бұрын
Thanks Tristan. Why do you prefer the Yubikey authenticator over just the Key?
@mh7711 9 ай бұрын
I think because the free Version of bitwarden only allows this method, for the Yubikey you need Premium bitwarden
@DesertHash 3 жыл бұрын
What's the difference between the pink string of characters written under your QR code at 8:54 and the recovery code shown at 9:40? I didn't set up my bitwarden yet and presumed the former (text written under the QR code at 8:54) would be the thing used for recovery. Given all you need is the code at 9:40 for 2fa recovery, is it pointless to record the text written under the QR code at 8:54?
@digitaldeepak21 Жыл бұрын
What if bitwarden goes out of the business? We should be able to have an offline copy of the encrypted file that we can open and access, right?
@ronnyvillalobos1363 3 ай бұрын
You can.. Export vault either choose an encrypted JSON file or use plain text.
@user-wm8yx9fg1y Жыл бұрын
all the different elents together in a language that is universal. I've seen plenty of DAW tutorials being new, but tNice tutorials is by far the best so
@veillerguise 3 жыл бұрын
@Tristan You forgot to mention how Bitwarden is audited by security groups.
@tristanbolton 3 жыл бұрын
You're right, Bitwarden is opensource, so everyone, including security groups, can look under the hood and verify it is safe. One of the big reasons to use Bitwarden over other closed systems.
@deadmancontrol1742 Жыл бұрын
Have you uploaded any of your soft?
@sunlite9759 2 жыл бұрын
Best suggestions: 1- Add an additional key word, number or character to each password that is added manually when signing into web page. 2-Keep financial passwords private. Do not list to vault passwords.
@michaelcorleone287 Жыл бұрын
I don’t understand step 2. What do you mean by that?
@sunlite9759 Жыл бұрын
If you use a password manage do not add them to it. I don't keep any financial passwords on my computer.
@michaelcorleone287 Жыл бұрын
@@sunlite9759 what do you suggest I do with them? What do you think of peppering my financial accounts?
@user8eighty949 2 жыл бұрын
should I have an email for bitwarden only? and then store another email inside who have all my registered accounts?
@Peasachance 2 жыл бұрын
If i wanted to have a gmail account secured with a Yubikey like in your previous video and have also Bitwarden secured with a yubikey like in this video, can I use the same Yubikey for both? (the gmail account password would not be in bitwarden)
@Intensity2U Жыл бұрын
Do you have a tutorial for how to use the Bit Warden app on smart phones?
@queenkaking7029 Жыл бұрын
overwhelming, but tNice tutorials was absolutely brilliant! Thank you!
@menageartois 3 жыл бұрын
Why people don’t use spaces in passphrases is interesting :)
@tristanbolton 3 жыл бұрын
lol - probably the least used special character. I always just assume most password fields won't accept spaces. I'll have to try that next time.
@bilijeanz 4 жыл бұрын
Do you do 2 steps on both Bitwarden and the accounts you have? Meaning would do yubikey or MS Authenticator on your main Bitwarden account + your gmail account.
@tristanbolton 3 жыл бұрын
Great question, it depends on the account. I try to do a unique password everywhere, and enable second factor on as much as possible. That second factor varies depending on the app, could be SMS (though I use this as little as possible), Duo, MS authenticator, TOTP in bitwarden, and Yubikey. It really depends on how important that access is to keep secure. The most secured services are a username with a unique password and two-factored with an offline yubikey and further IP protected so it can only be accessed from trusted IPs/locations. That is over kill for most users, and I only have 2 or 3 apps that are that level of secure. For your Gmail I'd def have a second factor with Yubikey.
@watuzi 3 жыл бұрын
Hi, thank you for the tutorial. I am using Bitwarden now since it is much cheaper option than Lastpass. Do you need separate yubikeys for each device you use? How do you use yubikey for the phone? Thanks
@TheScavengr 2 жыл бұрын
You can use the same Yubikey for all your devices. I would recommend getting two keys, so that if you loose one, you still have the other for backup. Make sure all the accounts that you set up with one Yubikey, set up the same accounts with the other Yubikey as well and store one in a safe place. I'm going to do the same. Just ordered two for me.
@TheScavengr 2 жыл бұрын
You only need to set up 2FA with Yubikey once while setting up your desired account. After that, you can plug in or scan your Yubikey with NFC to any other device you own in order to sign in to that account. Hope it answers your question.
@Nagfan09 3 жыл бұрын
How many yubikeys does bitwarden let you add to your account please?? I only ask because yubikey say you should always have a spare as a backup which makes sense,thanks for the vid!
@user-xt5sb9wm6f 2 жыл бұрын
Plenty of them
@MrOzyreusz 3 жыл бұрын
Yubikey OTP or Yubikey FIDO2 or Yubikey U2F?
@TheRealJohnMadden 3 жыл бұрын
I prefer KeePassXC but Bitwarden is amazing as well
@tristanbolton 3 жыл бұрын
I haven't really used KeePassXC before, what do you like about it over Bitwarden?
@NickAlways 3 жыл бұрын
In lastpass u can get access through your phone even after losing the master password
@AK-wm8lj 2 жыл бұрын
Hey man. Do u reckon we should write down every password we save or generate passwords just in case Bitwarden goes down or something?
@azclaimjumper Жыл бұрын
BitWarden has 3 servers, all in Germany. I think the internet is more likely to be turned off than having all 3 BitWarden servers go kaput.
@plusultra7329 4 жыл бұрын
Hi, do I need the Yubikey if I use Authy for Bitwarden? Thanks!
@tristanbolton 4 жыл бұрын
I prefer hardware tokens, like yubikey, for any key accounts like a password manager. Authy is a good alternative if you don't want to use a hardware key.
@Mike20878 4 жыл бұрын
@@tristanbolton Can you use Yubikey with Authy?
@teamhairball4182 2 жыл бұрын
How's the security of Bitwarden while using it as an extension? How do I know for sure my passwords can't be accessed while the extension is unlocked?
@beauthompson5338 4 жыл бұрын
hi do you have a video on how to do a totp on bitwarden ?
@tristanbolton 3 жыл бұрын
No, but I'll do that. Using TOTP feature is one of my favorite parts of Bitwarden
@mh7711 9 ай бұрын
So Do I have to login into bitwarden using Yubikey Authenticator every time I turn onmy Computer / every Day once? and the being logged in in my vault the whole Day? can I choose/change this? or that I dont need to login on my PC? that I only have to authenticate when a) I use a complete New device or b) I am logging in from a Different place/City? would be save enough I think....
@txsjohnny 3 жыл бұрын
Tristan, can Bitwarden do password change sweep like LastPass? This is where basically all of your passwords are changed. I think you can pick the ones that have been compromised, weak passwords, similar passwords, or ALL - not sure. I cannot find how to accomplish this in my Bitwarden account though.
@tristanbolton 3 жыл бұрын
I haven't seen this feature in Bitwarden. I didn't find it worked very well in LastPass personally. Bitwarden does have an Exposed Password report, which I haven't seen in lastpass (correct me if you've seen this). I really like this feature as it watches all the passwords in my vault and if they have been exposed. You can do this manually at: haveibeenpwned.com/
@shulhaaffandi186 Жыл бұрын
Good voice
@youdoer Ай бұрын
If you have a physical token does that mean emergency access no longer is possible?
@murtadha96 3 жыл бұрын
Hi, are you making a video about the Bitwarden OTP Authenticator?
@tristanbolton 3 жыл бұрын
I covered bitwarden's OTP authenticator in this video: kzfaq.info/get/bejne/sN6FdpqcptO9qmg.html Hope that's what you're looking for
@P4P1Kpl Жыл бұрын
Is it working with this blue one? or only with black?
@quatie Жыл бұрын
Can you check the reports through android app?
@PiriyaSambandaraksa 3 жыл бұрын
I'm switching to BitWarden from LastPass. I also use Authy, should I switch to Yubico Authenticator or use the Bitwarden TOTP instead?
@tristanbolton 3 жыл бұрын
Great question Piriya - I use Yubico Auth for my most critical items, such as logging into Bitwarden. Then for easy of access to my other accounts, that are less critical, I'll use Bitwarden TOTP. I have an Authy video coming soon
@romeoxlove Жыл бұрын
And I recomnd starting with LMMS instead of spending 0 and not really know what your getting into. LMMS is free and I've been
@danl6734 Жыл бұрын
PLEASE do a self-hosted BW video. I've spent about 10 hours fighting with it trying to get it working. I tried in AWS but got so so so frustrated as it just not working as I'd expect that I gave up.
@z3r0sky 3 жыл бұрын
Can you add a second yubikey for backup purposes?
@tristanbolton 3 жыл бұрын
Yes, when the QR code is generated, copy it to the first yubikey, unplug it and plug in the second one, and copy the QR code again. After that proceed to the next screen, and now the private key is on both Yubikeys.
@paulurban2 3 жыл бұрын
As Tristan explained, for OTP codes you can just set up two keys at the same time with the same QR code / secret. Some sites also support Yubikeys directly as a second factor as a more secure alternative to OTP codes (can be more resistant to phishing attacks). Some sites allow you to register two Yubikeys, so I register my primary and my backup Yubikey. However, some sites only support a single Yubikey, in which case you’d need some other second factor, which kind of defeats the purpose.
@user-fo5ki8xo8l 3 жыл бұрын
Could you do a video about windows login with yubikey and using yubikey for encryption of all the internal hard drives (or to say it in another way, to secure all data on the pc, if someone stoled the pc)? Thanks :) PS: I want to purchase a yubikey and I saw they want to release a yubikey with a fingerprint scanner, should I wait?
@tristanbolton 3 жыл бұрын
Yes, I'll do one on how to secure your windows with a yubikey. I wouldn't suggest a fingerprint yubikey. You can password protect your yubikey if you like and that is plenty of security if you use it the way I talk about in the videos
@ptjokr3700 Жыл бұрын
and my friends are planning to make a ga and i'm making the soft, so tNice tutorials really helped
@thepiecesfit5049 Жыл бұрын
7:42 is $10 / year , which is under $1 a month
@jrostern14 Жыл бұрын
Remember to securely destroy the plaintext CSV file used to export from another password manager such as LastPass to BitWarden. Ideally do not allow this file to land on your local drive and certainly not in any cloud storage. I exported the CSV to a USB thumb drive and then physically destroyed it after the migraiton. Best practice would be to then change any critical passords immediately thereafter. Remember that you're not paranoid if they truly are out to get you.
@JA-zy7pp 3 жыл бұрын
Hi. Would it be possible if you could make a single video on how to secure email accounts, from signing up to sending encrypted email...to anything...so we won't missed a step? I wanna start investing, but afraid I might get hacked...I'm not techie and so many videos online makes my head ache...Thanks...
@donlibes 3 жыл бұрын
At 9:00, does the app somehow have permission to read your screen? I would imagine this is something you need to explicitly grant permission for but I didn't see such a step. And it seems insecure because how do you know what the authenticator app is really doing. (Yes, you have the source to bitwarden but not to the authenticator app, right?) I also would find it helpful if you wouldn't rely so much on vague words like this/that/it. For example, at 9:10, you say "This is now locked in that way." which left me thinking "What does he mean by "this" and "locked in" and "that way". (You do this a lot!) I'm also wondering about the following scenario: You have phone in hand, away from your computer, but need a password from Bitwarden. How are you entering your Bitwarden master password? It's super-long and with case changes, special characters, numbers, seems like it must be painful to enter on a phone.
@manny7886 3 жыл бұрын
Can you use more than 1 Yubico key sso you'll have backup besides the code generated?
@tristanbolton 3 жыл бұрын
Yes, you just add the QR code to both Yubikeys at the same time
@CesarPeron Жыл бұрын
You might use Win + V
@ashleymorris6636 5 ай бұрын
If this is a potential threat and copy and paste is a threat, then how to access accounts with out having to manually do it is there another way?
@bobbobek5358 3 жыл бұрын
Great info, I'll be leaving LastPass
@manish17788 4 жыл бұрын
most people use free bitwarden because it provides almost all the features with free. but then how do they support the company?
@tristanbolton 4 жыл бұрын
The free one works well. I'm not sure where Bitwarden makes all their money but all the organizations I've suggested it to have bought enterprise licenses, so that helps keep it free for individuals
@dewdaltz Жыл бұрын
please enlighten me on how the attachment works. I tried taking a pic of one of my Insurance card but for some freaking reasons I cant open it after I took picture from the Bitwarden Vault login.
@brucewayne2955 2 жыл бұрын
Does BitWarden have a passwordless option where I don't need a master password just a 2fa key (with a backup key of course)?
@azclaimjumper Жыл бұрын
NO. to access your Bitwarden vaults you need 3 things, an email address, a passphrase & your yubikey. I've have two Yubikeys in case I lose one, it's the same principle/concept as getting 2 keys when you buy any physical lock
@bubbalawrence1 3 жыл бұрын
So if you lost the yubikey but had your bitwarden recovery codes and recovered your bitwarden, would you be able to link a brand new yubikey?
@garlckbread 3 жыл бұрын
I would think so, I know for duo it would keep the group but not sure if it would prompt you about switching the key or not
@tristanbolton 3 жыл бұрын
Yes, you'd be able to do that.
@aaron6841 3 жыл бұрын
Do you need separate bitwarden accounts to lockdow more then one email?
@bergmul 3 жыл бұрын
What do you mean? In any password manager like bitwarden you can save several accounts for different websites or multiple accounts for a single website.
@aaron6841 3 жыл бұрын
@@bergmul I've worked it out lol thanks
@koehnejonas 3 жыл бұрын
Hey, still waiting for the OTP Tutorial for Bitwarden. Are you still working on it?
@im1random263 3 жыл бұрын
Just put in the secret key and there you go
@christophermook7061 2 жыл бұрын
at timestamp 8.56 i open the yubikey authenticator app next to the bitwarden qr code, but don't see the option to add an account. no add button anywhere. Anyone know how to solve this one?
Jason Rebholz - TeachMeCyber
Рет қаралды 43 М.
GStore Mobile
Рет қаралды 1,5 МЛН