If you haven’t started using a password manager, now is a great time to start! If you are already there, pay attention to the following safety practices to enhance your overall security profile.

Download apps from trusted app stores

App phishing, where fake apps try to look like official apps, is real. Always load apps from a trusted app store and do not sideload applications. Avoid visiting untrusted sites and installing untrusted apps or extensions.

Be aware of App PIN brute-forcing

Many password manager users like to unlock their vault with a PIN code. This is a convenience that requires attention in the event that malicious software gains access to your system to brute-force a PIN code.

Bitwarden requires the master password after 5 failed PIN attempts to protect against brute force attacks. Setting a PIN in Bitwarden also warns you that PIN settings are reset upon logging out. And Bitwarden provides an option to lock with the master password on browser restart.

The convenience of unlocking your vault with a PIN comes with additional security options
The convenience of unlocking your vault with a PIN comes with additional security options

Choose a strong master password

Using a strong and unique master password is of the utmost importance in protecting your data. This greatly minimizes the risk of a brute force attack and will help keep you safe.

Be in tune with your clipboard

At Bitwarden we recommend using the built-in autofill mechanism and avoiding copy and paste when possible. As an extra precaution, Bitwarden allows users to clear their clipboards after a specified time.

Bitwarden options include a Clear Clipboard option at a specific interval
Bitwarden options include a Clear Clipboard option at a specific interval

Watch your browser address bar

Unfortunately, there are villains trying to trick you to visit malicious URLs, sometimes by subdomain stacking and HTTPS confusion. Stick with strict URL matching, use a trusted DNS provider, and pay attention to your browsers certificate validation.

Bitwarden provides a range of options for match detection with details in our help site article Match detection for URIs.

Default URI Match Detection in Bitwarden
Default URI Match Detection in Bitwarden

Maintaining The Utmost Security

These are just a few tips that can help you enhance your own security once you have a password manager in place. Have other tips? Send them to us on Twitter @bitwarden.

To start your own personal vault with Bitwarden visit bitwarden.com.