Stay secure with Vault Health Reports in the Bitwarden Password Manager

Are any of your passwords being used across multiple sites? Or perhaps you have some accounts that offer 2FA but you haven’t yet enabled that feature. Have you ever wondered if a password of yours has been exposed or found to be part of a data breach? How would you go about finding out all of this information? If your password manager of choice is Bitwarden, those details are at your fingertips. The information offered in the Bitwarden Reports section can not only help you prevent your identity from being stolen and your accounts from further compromise - it can also go a long way to ensure your general digital security.

With every Bitwarden Premium account (which only costs $10/year) you get access to some very important (and handy) reports, which offer crucial information about your accounts and passwords. 

In all, there are six reports you can use, each of which serves a distinct purpose.

The reports are there to help you identify and close security gaps in your online accounts. The six reports are as follows.

The first report informs you if any of your passwords have been exposed to data breaches. Consider this report a regular must-check. If the Exposed Password reports find any of your passwords have been exposed, change them immediately. Of course, when you change them, make sure to use the built-in Bitwarden Password Generator, so you're changing the exposed password to something unique and strong.

Most people are guilty of reusing passwords. It's understandable, having to memorize all of our passwords can be a real challenge. But that's the very reason to use a password manager…so you don't have to memorize passwords.

The Reused Password report scans your vault entries for reused passwords. Any password you've used for more than one vault entry should be immediately changed. Why? The more you reuse a password, the more vulnerable you are should that password be exposed. If your passwords are unique for every account, then your risk would be limited to that one account, and then you can simply change the password that was leaked.

Over time, you've probably used weak passwords for one or more accounts. After all, remembering and/or typing password is far easier than remembering or typing %k!k$BBhXUms2e. However, using password as a password is a huge mistake.

Should the Bitwarden Weak Passwords report come back with any passwords that are considered weak, change them immediately (using the built-in password generator).

At this stage in the game, every website you visit should be using the more secure HTTPS protocol (over HTTP). If you still visit sites that default to the non-secure HTTP protocol, you will want to make sure to change the vault item URL from http to https. When you log into a site that defaults to HTTP, any information you transmit to that site will be in plain text, which means it can be easily read by anyone capable of capturing your online traffic. 

When you change to HTTPS, the information is encrypted and therefore harder to read. Use this report to locate any vault items that contain URLs with the HTTP protocol and change them.

This report will list any vault entries that are missing 2-factor authentication (2FA) for sites and services that offer the feature. You might not even know that a website you use offers 2FA (which adds an extra layer of security to the account login process).

If any service you use offers 2FA, you should employ it immediately, otherwise your logins aren't nearly as safe.

Finally, the last report, Data Breach, checks for breaches associated with usernames or email addresses. These breaches can not only expose your account credentials but also personal and sensitive information (such as Social Security numbers). 

If Bitwarden reports that any of your accounts were part of a data breach, change the passwords for those accounts right away.

One thing to keep in mind is that not all of the reports are automatic. Some of them, such as the Data Breach report, must be run manually. You go to the report, type the username you want to check, and click Check Breaches. Once the report is complete, it will present its findings so you can act on any breaches.

To access these reports, you must use the Bitwarden Web Vault (Figure 1), since they are not available in either the desktop or mobile apps.

This information is critical for the security of your online accounts and because of that you should run these reports regularly and stay on top of anything reported. With just a little action on your part, you and your accounts can remain secure and safe from hacking attempts.

Ready to try out Bitwarden? Sign up for a free business trial to protect your team online, or quickly get started with a free individual account.