The Bitwarden Blog
10 Burning Questions on Crypto and Passwords
November 17, 2021
Cryptocurrencies and crypto services rely on being able to assign specific ownership of digital assets. Doing so requires that users maintain their credentials and associated seed phrases and passwords. Lose your password or seed phrase? You might lose your money. With a password manager, you take credential management into your own hands for safe handling of cryptocurrencies.
1. Are password managers trustworthy for storing vault passwords and seed phrases, despite conventional advice to not store anything online?
If the password manager is supporting an end-to-end encryption model, absolutely. That model should also support zero-knowledge encryption, meaning the password manager provider cannot see anything inside your password vault and cannot help you reset your password as an individual.
The password manager must itself of course have a strong and unique password that is used only for the password manager. And the password manager should have two-factor authentication enabled with the appropriate backups of recovery codes in multiple places.
With this in place, you can confidently use a password manager to secure passwords and seed phrases for exchanges and wallets.
- Bitwarden is open source, providing the most transparent and trusted security.
- Bitwarden is audited by reputable third-party security firms as well as independent security researchers.
- Bitwarden does not store your passwords. Bitwarden stores encrypted versions of your passwords that only you can unlock. Your sensitive information is encrypted locally on your personal device before ever being sent to our cloud servers.
- Bitwarden has a reputation. Bitwarden is used by millions of individuals and businesses. If we did anything questionable or risky, we’d be out of business!
- If you prefer controlling everything yourself, you can self-host Bitwarden.
No. Your data is fully encrypted and/or hashed before ever leaving your local device, so no one can ever see, read, or reverse engineer to get to your real data. Bitwarden servers only store encrypted and hashed data.
4. Would you recommend saving passwords for Coinbase or Binance accounts, or other exchange accounts for that matter?
Yes. For the following reasons:
- You can use a password manager to generate a password that is long, complex, random, and unique to the site.
- You can use Bitwarden Premium Accounts to co-locate your two-factor authentication within your password manager for security and convenience.
- You can use Bitwarden Secure Notes to store other important information about your accounts.
- Once your credentials are in Bitwarden, you are more protected from compromised links or phishing sites. For example, Bitwarden will not suggest an autofill unless you are on the correct website.
5. Can I use Bitwarden to randomly generate passphrases even if I don’t plan to keep those phrases in the vault? Will Bitwarden keep records of the phrases or passwords it generated?
Yes, you can use the Bitwarden Password Generator on any Bitwarden Client Application such as mobile app, browser extension, desktop, web vault, and command-line interface. While Bitwarden does retain the history of the password generator for each application, you can clear it. Although you may want to hold off until you are absolutely sure you have your password or phrase saved or written somewhere, here’s a case where that feature came in handy.
Bitwarden also offers a web-based password generator.
You can create unlimited free accounts with Bitwarden. This is one of our core missions, to make password management free to individuals. Enjoy as many accounts as you like.
Migrating to Bitwarden is simple, easy, and free. Bitwarden offers a data import tool for easy migration from popular password management solutions to your personal Vault. A list of common import options can be found on the Bitwarden help site.
To hear from other users who have migrated to Bitwarden, see this blog post on how Moving Password Managers is Free and Easy.
Bitwarden is available on both Apple and Android devices, Mac, Windows, and Linux desktops, and all popular browsers including Google Chrome, Firefox, Brave, Safari, Vivaldi, Opera, Edge, and Tor. Visit the Bitwarden Download page for direct links.
9. Will Bitwarden alert me if any of my accounts or passwords stored in my vault have been found in a data breach or compromised?
Bitwarden offers several vault health reports to advise you of exposed, reused, and weak passwords, as well as unsecured websites, inactive two-factor authentication, and data breaches. For more information, see this help note on Vault Health Reports.
10. What steps can I take to ensure my Bitwarden account (that stores my crypto passwords) doesn’t get hacked?
The password manager must itself, of course, have a long, complex, random, and unique password used only for the password manager. The password manager should also have two-factor authentication enabled with the appropriate backups of recovery codes in multiple places.
Bonus Question 11. Is it possible for my family to gain access to my passwords or phrases if something happens to me or I pass away suddenly? What would the process be?
Bitwarden has a feature called Emergency Access. It is available with our Premium Account for $10/year. With Emergency Access you can assign one or more delegates to receive access to your vault in the event that you are no longer able to do so.
Keep your assets safe and secure with a password manager. To get started today with Bitwarden, sign up for a free account, Premium features, or launch a Teams or Enterprise plan to collaborate with colleagues.
Back to Blog