How to not get locked out of bitwarden

Hello Everyone,

I have a Chromebook (Acer 513 spin) I also have an Android 10 device a Samsung Galaxy Note 9.
Bitwarden works fantastic on both, I’ve never had any issues in the past few years using Bitwarden.

What would happen if it Bitwarden’s server went down, or they had an outage that lasted a short time?

Would I still be able to access my passwords on my Chromebook and my Android device? I was a little leery leaving all my eggs in one basket, so I’m also using another password manager as a back-up (just in case)

I use Authy for 2fa and a 20+ character master password and for the past few years Bitwarden has been trouble-free. never been locked out I’ve never had an issue with it’s been a great experience.

Thank you Bitwarden what a great password manager.

I’d like to get some feedback on ditching the other password manager is a back-up and only using Bitwarden.

Some feedback on ditching the other password manager as a back-up and only using Bitwarden would be appreciated.

That’s the keyword. And that is why I have a weekly reminder in my calendar to create a new backup.

Where do you back it up to? I also do backups where do you back up your passwords to? Do you self host?

The short version: I store my weekly Bitwarden backups in password-protected RAR-files which are stored in a place that is regularly and automatically backed up.

Nope. I also do not intend to do that one day. I assume (and hope) that the combined expertise of the folks from Bitwarden is and will always be greater than mine.

Depending on how important your passwords are to you and which value they have for you you might want to take a look at something like this.

I do too. But I additionally use the free version of DUO and some Yubikey 5 NFC. So even if 2 out of these 3 services would cease to exist or to work I still will get into my Bitwarden account.

1 Like

This feels a bit excessive to me. Why backup so often?

I thought me backing up once a year or when I make a change to an important account was a little too much.

My Bitwarden database is a “living, breathing thing”. In other words: I cannot remember a single week during the last months in which I did not have to change a password. This is not about wanting to change them. If anyhow possible I avoid doing this. Unfortunately there are so many admins that are convinced that new passwords are better passwords.

3 Likes

I export my passwords to a copy of KeePassXC regularly, which is available on my home network. I also use it perhaps once a week to check that it still works.

I also export records of the passwords to heavily encrypted removeable drives and remote drives which are also heavily encrypted. All the encryption happens on my computer, I don’t trust assertions of encryption by vendors of such things, so any encryption they (claim to) add is irrelevant. Like Peter_H I also have 2FA codes stored in Authy.

If Bitwarden was to suddenly stop working, which I think is extremely unlikely, then it would be a big nuisance. but I would be able to recover. Provided they are properly protected having several copies of things does not increase your risk of data being stolen but it does decrease your list of a single point of failure giving you real problems.

2 Likes

I would like to add that whatever mode of backup you use IT should NOT be your only backup media. Never have less than two backups (I keep around 4) because any media can fail. The motto is one backup is NO backup. My .02

4 Likes

When you just A home user and all you have is a Chromebook and an Android device what is the best way to back things up so it’s not just stored on your computer or on a SD card unencrypted how do you encrypt them?

When you have a Chromebook you’re very limited with what you can and can’t do.

I don’t know anything about Chrome OS. However, I presume that it has an option to encrypt removeable drives like every other operating system these days.

Given their history I wouldn’t trust any encryption that Google offers, but your view may vary. No idea if Veracrypt works on Chrome OS, but if it does that is an option.

Another option is a heavily encrypted remote drive (even ones on Google drives :grinning:), which if Veracrypt works on Chrome OS should be encrypted on your computer unless you trust Google (I don’t).

As OpSec says, one backup is not enough. Have several. They can be automated so that they are not much hassle. I occasionally look at the logs of my automated backups, to see that they are still working.

For me its VeraCrypt all the way. Works with all my linux systems while many products are married to Windows.

2 Likes

Veracrypt is one of my favorite tools to store sensitive data and files - like Bitwarden backups. However of late I’ve been growing fond of Cryptomator.

Basically I’ve set up encrypted vaults on major cloud services like Onedrive and Dropbox, storing there my backups. It’s easily accessible across my devices, including mobile, which is a big plus in my book that Veracrypt unfortunately cannot tick off.