Is Bitwarden secure for a single user?

Hello Bitwarden users and staff,
I just recently discovered Bitwarden and I am looking forward to switching to it from my old 2009 Steganos Password Manager since I assume it’s more sucure. Now, my old password manager was pretty basic and certainly did not have online functionality at all. Even though I trust the features and processes of Bitwarden, I’d like to ask you some question I could not answer myself.

I am the only one having access to my vault. I do not share my passwords with anybody and I am not looking forward to do so. On my old password manager I needed a master password to access all of my entries but I also needed to be on my computer. The online features provided my Bitwarden allow me to access my password on my phone as well but isn’t it way more dangerous for me to store them in my vault if all a thief/hacker would need was my email address and my master password?

I do get that there are 2FA methods to prevent intruders from accessing my vault right away but I am honestly too scared to lose access to my 2FA devices that I decided against 2FA for now.

Basically what I am looking for is a way for me to whitelist my own devices in my settings so that I can make sure that I am the only one logging into my vault. Did I miss a feature like that? Also, are my assumptions correct or did I miss something that prevented all of this from happening?

Would really appreciate your answers,
thanks.

2FA is the answer. If you use an authenticator app then there are a number of ways of ensuring your don’t get locked out:

  1. Print/save the BitWarden two step login Recovery Code;
  2. Use an authenticator app which backs-up your 2FA secrets locally, like Aegis;
  3. Use an authenticator app which backs-up your 2FA secrets to the cloud, like Authy;
  4. Use an authenticator app which saves your 2FA secrets to one or more hardware security key(s), like Yubico Authenticator;
  5. Scan the QR code used to set-up 2FA with authenticator apps on more than one device, particularly useful when using Google Authenticator;
  6. Print/save the QR code used to set-up 2FA, so you can set-up another authenticator app as required;
  7. Print/save the manual entry 2FA secret used to set-up 2FA, so you can set-up another authenticator app if required.

It can make sense to do some combination of the above, but everyone should print/save their BitWarden two step login Recovery Code.

1 Like