A better password workflow with Bitwarden
- Blog
- A better password workflow with Bitwarden
Adopting a password manager marks a significant step toward improved online security. These tools streamline the creation, storage, and management of strong and unique passwords across all accounts, accessible from any device. Most new users already have a backlog of passwords before they start using a password manager; however, many of those logins are memorized, reused, or easily cracked. While importing these credentials into a vault might seem convenient, it can perpetuate vulnerabilities rather than resolving them. For new users, the Data Breach report is a great starting point for determining which passwords are vulnerable and in the most urgent need of updating. It is free for all users and helps identify if any existing passwords have been compromised in known security breaches.
Using a password manager should be part of a broader shift toward stronger password practices. That begins with understanding how to build secure credentials and implement an effective workflow that integrates security with convenience. This article explores how to create a unique password for each of your accounts stored in Bitwarden, ensuring you utilize your password manager to its full advantage.
The ideal workflow for a password manager goes something like this:
Open Bitwarden and create a new entry in your vault.
Navigate to the desired website, service, or app, and create a new account.
In the new entry, add the username you plan on using for the account or generate one.
Next, use the random password generator to create a strong password for the account.
Save the entry. Using random passwords ensures that your accounts are more secure and less susceptible to hacking attempts.
Go to the website, service, or app, and enter your username. Then, autofill the newly generated random password created by Bitwarden into the password field for the new account.
Save.
What you’ve done is ensure that, right out of the gate, you’re using a strong and unique password for your new account. Do this every time you need to create new credentials for a website, and you can be sure that the login will be far more secure than if you had used one of your own reused or weak passwords.
You can also import data into your Bitwarden vault through the web vault by logging in, navigating to "Tools" > "Import data," and selecting your vault destination, folder/collection, and file format before uploading your import file. The process is straightforward - simply choose your file or paste the contents, then click "Import data" and enter any required passwords for protected files. Note that imports don't check for duplicates and won't include file attachments, Sends, or trash items, which must be manually uploaded separately.
If you’ve already created your account and you’re only now adding it to Bitwarden, here’s what you do:
Create the entry for the website, service, or app in Bitwarden.
Optional: You can paste the original password into the Notes section of that entry if you want to, before updating the account with the new password. You can also access your password history at any time.
Use the strong password generator to create a strong password.
Save the entry.
Log in to your account using the old password.
Change the password in your account to a strong password created by the Bitwarden random password generator.
Once you verify you can log in with the new strong password, delete the old password from the Notes field.
Done. You have a strong password that will give you peace of mind.
And there you go: a Bitwarden workflow that ensures you’re using the strongest passwords or passphrases for your accounts (be they old or new) that won’t have you confused or going back to your old, non-password-manager ways.
It's worth considering some general recommendations for secure password management. To recap:
Use a password manager to generate and store unique, strong passwords for each of your online accounts.
Avoid using the same password for multiple accounts.
Use a password generator; doing so will facilitate passwords that combine uppercase and lowercase letters, numbers, and special characters. Using a password generator also ensures you will avoid using easily guessable personal information, such as names, birthdays, or common words, in your passwords.
Use multi-factor authentication (MFA) whenever available to add an extra layer of security.
By following these best practices, running vault health reports, and updating passwords as needed, you can ensure that your credentials are strong and secure and that your online accounts are protected from unauthorized access.
Ready to try out Bitwarden? Level up your cybersecurity today by registering for a free individual account or beginning a free business trial.