Lost security if logged into bitwarden

Note: Your question may already be answered in the Bitwarden Help Center.

If I am logged into bitwarden for several hours at a time, will my sensitive accounts in My Vault be compromised?

Hi Mike,

I’m not sure if I understand the question. If you are logged into Bitwarden and someone else gets access to your device, then that would be a problem. Always lock your screen when you leave your PC, and make sure you have security set up on your mobile device, such as a PIN or biometric access.

Providing you keep your devices secure, I don’t see an issue with being logged into Bitwarden for a prolonged period. Personally, I’m almost permanently logged in!


I don’t know how hackers get into a person’s computer, but if that were to happen and if we are always logged into bitwarden, would the hacker not have access to our sensitive information?

Hackers rarely get into a computer. They’re almost always invited in when someone runs something they shouldn’t. There are rare cases where there are browser security issues that result in “drive by attacks”. An example of one such would be an Ad that exploits an exploit in a browser.

The safest ways to use bitwarden are the desktop or mobile app. The mobile app integrates into the OS, but the desktop app cannot. This increased account security comes at the expense of convenience and potentially reduced password security since you have to copy+paste instead of auto-fill.

Nearly every attack takes advantage of one of these

  1. Phishing
  2. Weak or reused password
  3. No 2FA
  4. Unpatched browser
  5. Unpatched OS
  6. Running untrustworthy programs

Follow these rules

  1. Keep your OS up to date
  2. Keep your browser up to date
  3. Use a strong(14+ chars) and unique(not used anywhere else) password
  4. Don’t install/run software unless you know what it is and is from a trustworthy source
  5. Use 2FA (security key >>> TOTP>>>>>>> everything else)

If this is truly a concern to you, use a secure password (of fourteen or more characters) and than manually append a simple (easily) remembered ‘word’ of three or four characters to complete the password for those sensitive accounts. You can use the same ‘word’ for all your accounts…


frank1940, that sounds like a good idea for my sensitive accounts. Can you possibly explain how I would manually append my passwords?
Many thanks,

I think he just means create a password on your sensitive sites that ends in an easily remembered word or pin (say 4 characters long), but don’t store those last 4 characters in Bitwarden. When you login to the site, have BW paste in the portion it stored and then you type in the rest from memory.

It is a good solution because if anyone were to access your BW vault items, they don’t have enough information to login to your sensitive sites.

1 Like

Even better. Here is a YouTube video that explains how-to-do-it. (I would always use the same ‘phase’ for all of the ‘salted’ passwords.)


1 Like

Works like a charm! Thanks guys!