Bitwarden Password Manager: Full Detailed Setup

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi everyone blue kibo here today i'm going to talk about another password manager called bit warden today we'll cover what bit warden is and how to set it up in detail a lot of you guys have been asking me about bit warden and this video will hopefully answer all of your questions i've been using bitword in myself for about one year now as my daily driver and i love it bitwarden is amazing it's completely open source the code is hosted on github and best of all it has been thoroughly audited in 2020 so without wasting any more time let's go right into it so today we'll cover the bit warden website and its login page and we'll also cover the browser extension we will not cover the mobile apps or the desktop apps that bit warden also offers however if you know how the browser extension works and the website work then it should be pretty straightforward to figure out the apps bitwarden has many plans some of them are free some are not we'll cover those as well and the differences and then we'll also try it out in some test pages so let's start if you look here on the main page you see bitwarden.com that's the website we have products download pricing help blog and contact and let's start with just kind of scrolling around the page and getting familiar with what bit warden is it says right here it is an open source password manager and it's it's made for personal use or business use it is great at protecting your data as we'll see on the encryption below it uses aes 256 for its encryption um it has multiple plans and pricing and of course it also has an enterprise version so if we look down here why choose bitwarden well it says it's trusted security open source transparency and global access well if we go even further down we'll see here that it has multiple plans if we look here on the personal plans there is a zero dollar per month plan that's it says it's free forever that's the one i've been using for the past year and i'm completely happy with all the features that it provides it also has a premium account which is also very cheap for only a dollar a month and it comes with a few added features which i haven't needed myself but you might and it also comes with a family plan it's about 333 a month and this also lets you use the family sharing options if we go even further down they also have a blog which i highly recommend you go check out it's very cool it has a lot of cool stories and they also post updates about their audits and that's about it on the main page so let's move on to the download page here we have the desktop versions for windows mac os and linux right now i'm running it on linux and on microsoft edge developer we also have for web browsers it supports all of the major web browsers chrome firefox and everything in between it also has the mobile app for the iphone and android and you can also set it up as a command line tool if you wish and it also has the web version that will cover as well where you can access it directly on the web without installing anything as far as security as i mentioned it uses as256 which is great salted hashing and pbkdf2 sha256 everything's pretty standard and of course they also have a contact contact us page they're very supportive if you have any questions okay let's look at their github page here it is so bit warden is completely free and open source it's hosted on on github they have the server code the browser code the desktop and so on uh if you're into if you're a programmer if you if you'd like to uh security research and you'd like to see how they're implementing everything you can go straight into their github code and look at that um as we said uh bitwarden has um is end-to-end encrypted uh the bitwarden server does not cannot encrypt your passwords at any point they can only have the encrypted version of your passwords and that lets them synchronize them between the browser extension for example and your phone it has been third party audited as we'll see here actually let's pull that up real quick and um let's go to the audit there it is so the 2020 security audit is complete they um got a third party to do this the security firm cure53 and you can read the the whole report um they also did another audit in 2018 and you can read the entire pdf if you'd like here it's about eight pages here for the um summary and you can see um the full pdf as well if you'd like to see all the details about this this audit so overall it was a successful audit and any sort of um issues that were found bit warden has already fixed and patched so um of course you know being an open source program is not enough you also need to be audited because especially if you're a password manager that's very very important and we've discussed that in the keepass video and some password managers out there are closed source and they might be audited but they're also closed sorts so it makes it really hard to see exactly how everything is being handled on the background but with bitborden everything is transparent and it's very easy to follow on the pricing as we mentioned i have not needed the premium account but if you'd like you can definitely get that so what you get with a free account is you get unlimited vault items that's your logins um in in other items you can sync your passwords across all of your devices so your phones your browser extensions and so on um you also have a secure password generator and you can also self-host it if you'd like the premium features come with a bit word on the authenticator if you're using one-time passcodes one gigabyte of encrypted file storage if you need to store some files uh together with your password manager also two-step login with yubikey u2f and duo again the two-factor authentication is available on the free version but with the premium version you also get the yubikey u2f and duo uh vault health reports these are great if you'd like to check if your passwords have been leaked or your accounts have been leaked it's a you can get a great health report and it also tells you whether you need to update some of your passwords maybe some of them are not strong enough and and things like that and also you can set up emergency access if you want to have someone else have access to your account in case something happens and the family plan of course lets you share passwords and accounts with your family so today we'll cover the the free version over here that's the one i have and that's the one i've set up for this video so the bit warden blog blog is very very cool you can uh check it out they post updates here and and uh very cool security uh articles and and so forth um if you if you'd like to check it out it's a cool read so let's go back to the main site and um what would you do if you wanted to set up an account well there's a get started button right here you click there and then you can set up your account with your email address your name and a master password so of course in the past videos i've mentioned on keepass and lastpass videos the password manager is very very very important i cannot stress that enough it needs to be more of a pass phrase than a password we've talked about it being maybe a sentence if you'd like it's something that's easy to remember but hard to guess and hard to brute force you don't want it to be something that you write down necessarily because if someone finds it written down somewhere then there goes all of your accounts um maybe something that you you might write down for a few days just to get in the habit of memorizing it but then you might want to throw away that paper you know burn it if you can so no one can see it so in this case i've already set up all of the accounts it also asks you to go verify your email address and once you do all that your account is set up here on the password hint just fyi i do not set a hint for my master password i'd like it to be so that if i forget my master password there is absolutely no way for me to remember it so i want it to be completely secure and the only way that i can get into it is if i know the password i don't want to have any hints or make it any easier for myself to go into uh the um the account once you say submit here the password uh the the account is created and then you can log in so let's go back here so today we'll start with the login from the website option and then we'll go into the browser extension which i've already downloaded and installed over here so let's start with the website so once you log in you're gonna see this so i've already entered my email there and let me put my password in here okay and this is the page you're gonna see so it says that right here if you haven't verified your email it will say verify your your email and once you do that it will show this go premium up option right here we don't have any items in our vault yet but you can see here you know this is where the items would be all your passwords we have favorites for you know favorite items trash in case you delete some of the items then you have login which would be you know your username and password for a website but you can also store credit cards if you want to have a credit card information on your password manager you can do that you can also store your identity which could be you know your name social security number address anything like that and you can also add notes of course you can manage everything in terms of categories with folders in this case i will not do that i will just keep everything in the same one folder let's go into settings right here real quick okay so once you go into the settings page you'll see the my account page you'll see your name your email if you set up a password hint and then here you can change your email if you'd like and you can also change your master password um here on the encryption settings i like to change this so actually let's go ahead and do that so this is uh similar to what keepass has in its options this is how many times the the key is iterated so the the kdf uh iterations you can see here is the the password base uh key derivation function is the number of times that it iterates the longer this is the the higher this number the longer it will take for your account to unlock um nowadays you know computers being so fast this is just a fraction of a second but you don't want to set it too high to where you're waiting you know 10 seconds for your account to unlock so in this case i like to change this so right now it's at a 100 000 i like to go let's say 500 000 or maybe a million so in this case let's just go 300 000 just for this for this case we'll say change and there it is it will ask us to relog in and there it is and we're back and we're back on the settings page and if we go down here we're back to 300 000. so i don't change the kdf algorithm actually you can't change it but i do change the number of iterations okay and here is if you'd like to delete your account down there okay let's go into options so the volt timeout i like to set this to lower than 15 minutes i like to keep this at about five minutes the action on the vault i say to lock there's a difference between locking and logging out locking as it says here locked vault requires that you re-enter your master password and you can access it again whereas if you log out then you you need to re-authenticate so you need to re-enter your username and password and it will resync with the server so the language i don't change that and then i don't change anything here we go to organization nothing there premium i don't have the premium but again it's very cheap 10 a year you can do that if you'd like and you get a gig of storage uh and it lets you pay with a credit card paypal or or an another account so on the billing here i don't have anything there two-step login i do set this up so i have it set up with an app in this case you can use authy or google authenticator you can do that for free you just go here on manage and you set that up and these other features for yubikey duo and u2f security keys these are premium features and of course you can also use an email verification where verification codes are emailed to you you can do that as well but in my case i have it set up with google authenticator and authy for my day-to-day account domain rules i don't change anything here an emergency access this is a premium feature i don't change anything here so once you've set that up and you you're finished with the settings we can go into tools so here we have the password generator so i like to change this so the length usually i like to go for something like 25 characters long maybe at least two numbers and maybe at least two special characters and let me just add this special character here and also i do like to check the avoid ambiguous characters because it just makes the password easier to read and to type if you ever need to manually type it and then you can just copy a password and paste it anywhere you'd like if you like you can regenerate more passwords and there you go so it's very easy to come from other password managers to bitwarden it has an import data feature here you can import all kinds of files from lastpass csv files chrome csv files and so forth and they're one click away and you can easily import everything into bit warden very very simple then you can also export your vault if you'd like it to go from bit warden to somewhere else or you'd like to save the vault somewhere for backup which i wouldn't recommend but you could do that you can do that here you choose your file and then you can just export it and then there's all the premium features down here what i mentioned they're very useful if you'd like to get your exposed password report it checks if your passwords have been leaked online your reuse passwords your weak passwords all of these reports are premium feature except features except the data breach report which is free so you can check breaches on this email account and it says that this email account was not found in any known data breaches so that's pretty much all there is to it to the website portion of bit word and so in case you're in a library or somewhere where you'd like like to log in and you can't really install an extension or the app or you don't have your phone with you you can just go straight to bitwardon.com click on login login with your username and password and you have access to all your vault now we'll move on to the browser extension so the browser extension you can see it here i have it installed for edge here but depending on the browser you have it might look a little bit different but the functionality is identical so we'll click on login here we'll log in with our username and password and there we are so now we have a few things on the bottom here so let's start with all of them let's start with the tabs here so the tab portion here shows you if there are any passwords stored for the site that you're looking at so in this case we're looking at the vault.bitwardon.com site and it's telling us there are no logins available to autofill for this site if we go to the my vault page this is where all of your logins will be stored so right now we don't have any of them but this has nothing to do with the logins uh that are related to the site you're on this is just all of the logits and logins in one place then you can go to the generator as you saw in the website version this is very similar it gives you a password generator and you can change a bunch of the settings so in this case let's just go 23 characters long and then enable everything here and then two minimum numbers two minimum special characters just the same as the website and then of course you can just copy this regenerate this password and it makes it very easy what i really like about bitwarden is it also gives you a password history which is really nice in case you copy and paste the password somewhere and then maybe something happens you didn't save it something went wrong you can go to the password history here and you see all of the passwords you've generated in the past you know session and you can just copy them based on the time if you forgot one it's right there so bit where that makes it very easy to go back with all the generated passwords and then the settings let's go through some of these i like to change just a couple the folders here i don't as i said i don't organize things by folders but you can the sync here you can sync your volt you can force it to sync if you if you know you made a change for example on your phone and you want it to sync with your uh with your browser extension you can do that um here the vault timeout i leave it on browser restart you can change that to you know immediately lock or give you a minute and unlock and so on i like to leave it on browser restart so when i log in i like to have it logged in for the entire browser session and then when i'm done i can close the browser and then bit word and just logs me out the volt timeout action i like to keep it as locked so this this way i don't need to re-log in i can just type in my master password and i'm back to logged in so bitwarden just does that by by storing the volt and then locking it instead of having to just delete the vault and then every time you log in to re-download it from the server you can also unlock it with a pin i wouldn't recommend that i like just having the master password login you can also add biometrics if you'd like to unlock it that way you can lock it now you can set up the two-step login if you if you'd like as we talked about in the website and there's some premium membership features down here you can change your master password you can look at your fingerprint phrase you can log out of course importing items is the same as the website exporting the vault sharing your vault and um you also can go to the bit word and web vault which is the the website down here on the options i do like to disable this it's disabled by default actually but i don't enable the autofill on page load i like to autofill my passwords only when i want to do that i do change this however clear clipboard i set it to 30 seconds so what that means is anytime you copy a password from bit warden it gives you 30 seconds to paste it somewhere and then after that it will clear it very similar to what keepass does um and then i don't change anything else down here so everything there is the default okay let's see down here um and that's it so that's pretty much it you see how simple bit warden is it has everything is straightforward it's ready to go it's very very simple so let's start with creating a login so to do that i'm gonna go to this page and let's try our login here so we're gonna try to log in put an email and a password and see what bitwarden does when it's recognizes that you've logged into a new website so here for email i'm just gonna type random stuff and a random password and then i'm gonna say submit and there it goes it says should bitward and remember this password for you i'll say yes save now and if we go here now here on the tab because we're on this site it will show that we have one login available for the sitetest.com and if we go to my vaults we also have this page it shows that we have one login zero credit cards zero identities zero secure notes and then here are all the things uh in this case not organized in folders they're just all without folders so it's the test.com login so if you if you wanted to change it you can just click it you go to edit and then you can change the name you can change the username or the password or the url and if you're using the apps on your phone then the url might be different on the phone so you might have more than one url being added as you use bit word and on your phone but that's fine you can have more than one url attached to one login and down here we can make it a favorite if you if if you like and you can also assign it to a folder and add some notes if you like also here it's a very cool feature it's a custom fields so you can have a text field a hidden field or a boolean which is a you know true or false let's make it a hidden field and then i'm in cases where you need maybe two passwords so i'll just call this password two and then in this value here right we can have our second password and this way you know some websites require require you to have two passwords you can do that with the custom fields down here and then we can say save so if you wanted to log in now to this page you can just you see the one there it says that you have one login for this account you can just click on that and then click on the account that you want it to autofill as you saw bitwarden just autofilled it let me just delete it and do that again so you go here and then if you have multiple logins all of them will show up here on the tab page and then in this case we only have one we just click it and it fills it up so what's the difference between clicking the the login that you see on the tab page versus clicking the login that you see on the my vault page where on whereas um the the difference is very simple on the my vault page if you click on it you get this site to where you can edit and change the information whereas on the tab page if you click it it actually performs an autofill on the site you can also do the autofill by manually copying and pasting the username and password if you'd like to do that you have this button right here copy the username this button right here copies the password and this button right here takes you to view the item is similar to clicking on the item on the my vault page so that might be a bit confusing but once you use it a few times it's pretty straightforward so for example if i go to another site let's go to google.com in this case i don't have a sign in for google.com so bitwarden the tape the tab page doesn't show anything however the my vote page still shows all of my logins right so you can still click on the test.com change it if you like copy it view the password anything like that okay so let's go back here let me refresh this page okay so here if you'd like another password let me just go to the generator here generate another password and let's just copy this one let's say you want to use this one with let's say another username and then you say submit and let's say we save this now we will have two logins for the same site right so the the the name in this case is test.com we can change that we can make it log in one login two and then this right here is the username and they're different so you can copy the passwords if you like or whatever which one you click that's the one that gets filled in so in this case if i click on this one then this one got filled in but if i click on the other one then the other one gets filled in so here let me try that so if i click on this one that one gets filled in right so it's pretty straightforward okay so now let me close out of all of these pages and uh let's try as an example to add something other than a login let's say you want to add a credit card so you go here you click on the plus button and then you can type the name so let's say this is a oh i don't know a chase credit card and then the card holder name blue kibo and then the number let's say it's my card number right you can just enter your numbers for your cards and then you can put the brand of the card the when it expires right and then a security code so you can enter everything in the card some notes if you'd like and then a custom field if you'd like and you can save it and now in the future if you have a page where you you want to fill in a credit card you can do that you can just see here now you have the logins and also the cards and if you click on the cards in this case it's unable to fill it because it wasn't able to find a credit card field to fill it in so it's actually smart in the background it only checks for credit card fields but in this case you can just copy the the card number yourself here and paste it in if you want it right so it's pretty straightforward other than a cards as you saw we can also have an identity so let's add an identity this is so useful i've used it so many times saves you so much time in entering your personal information on on websites so name blue kevo and then title let's just do mr blue kibo okay and then we have the username a company name right your social security number if you'd like then you have you know your password number let's say you need that oh that's pretty close to pi then you have your license number your driver's license number if you want an email address right your phone number your address you can just fill all of these in as much as you want your state zip code right it's everything you'd like and then just like with the credit cards uh it lets you fill this identity in if it finds that it's you're being asked for the identity right if it finds that you it needs to enter a shipping address or your name or your phone number it can just pick that out from the identity of course you need to double check because it's not perfect sometimes it might not enter everything automatically correct but you can always go back copy and paste things if that happens so in this case if i click on the identity here it filled out this as the username anyways you know if there's more fields it will fill whatever you can find so we covered the login the card the identity and what's left here is the secure notes this is very useful so you can add a secure note so this could be anything right you can name the note let's name it note one and then you can just type whatever you want here so this is you know maybe you want to reference something maybe you have something that you need maybe it's not a password but maybe it's some name or some address of something you can just put it on the notes and easily access it so keep in mind that everything you're putting into the extension is getting synchronized with your phone app the bit word and phone app with a browser version going to bitwarden.com with your desktop app everything is synchronized and it's done in an end-to-end encrypted way so it's a very very secure way so let's save the note here and we go back and right here we have a secure note right and you can just copy the note if you need it to and paste it somewhere if you need it to but but you can see how this starts to fill up now right you can see that there's two logins for this page there's cards that are available there's identities that are available that you can fill in there is if you go here on the my vault there's notes right there's um everything is shown here on the no folder section you can generate your passwords you can go to settings and change anything like we did just you know make it whatever you like customize everything that you like give it a shot and you'll like it so that's pretty much it that uh i wanted to cover for bit warden as i said i've been using it for about a year and it's been my daily driver and i love it it's great it works great on the phone it doesn't charge you to have a phone app and a browser app and a desktop app it's all free you have access to all of your passwords it doesn't limit the number of passwords you have and it also is audited which is very very very important so that's pretty much it for this video i hope you guys like it and i hope you guys give bit warden a shot and hopefully you enjoy it until next time bye bye
Info
Channel: bluekeybo
Views: 12,123
Rating: undefined out of 5
Keywords:
Id: qzuut0-noHk
Channel Id: undefined
Length: 27min 59sec (1679 seconds)
Published: Sat Mar 06 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.