Note: Your question may already be answered in the Bitwarden Help Center.
If I am logged into bitwarden for several hours at a time, will my sensitive accounts in My Vault be compromised?
If I am logged into bitwarden for several hours at a time, will my sensitive accounts in My Vault be compromised?
Hi Mike,
Iâm not sure if I understand the question. If you are logged into Bitwarden and someone else gets access to your device, then that would be a problem. Always lock your screen when you leave your PC, and make sure you have security set up on your mobile device, such as a PIN or biometric access.
Providing you keep your devices secure, I donât see an issue with being logged into Bitwarden for a prolonged period. Personally, Iâm almost permanently logged in!
I donât know how hackers get into a personâs computer, but if that were to happen and if we are always logged into bitwarden, would the hacker not have access to our sensitive information?
Hackers rarely get into a computer. Theyâre almost always invited in when someone runs something they shouldnât. There are rare cases where there are browser security issues that result in âdrive by attacksâ. An example of one such would be an Ad that exploits an exploit in a browser.
The safest ways to use bitwarden are the desktop or mobile app. The mobile app integrates into the OS, but the desktop app cannot. This increased account security comes at the expense of convenience and potentially reduced password security since you have to copy+paste instead of auto-fill.
Nearly every attack takes advantage of one of these
Follow these rules
If this is truly a concern to you, use a secure password (of fourteen or more characters) and than manually append a simple (easily) remembered âwordâ of three or four characters to complete the password for those sensitive accounts. You can use the same âwordâ for all your accountsâŚ
frank1940, that sounds like a good idea for my sensitive accounts. Can you possibly explain how I would manually append my passwords?
Many thanks,
Mike211
I think he just means create a password on your sensitive sites that ends in an easily remembered word or pin (say 4 characters long), but donât store those last 4 characters in Bitwarden. When you login to the site, have BW paste in the portion it stored and then you type in the rest from memory.
It is a good solution because if anyone were to access your BW vault items, they donât have enough information to login to your sensitive sites.
Even better. Here is a YouTube video that explains how-to-do-it. (I would always use the same âphaseâ for all of the âsaltedâ passwords.)
Works like a charm! Thanks guys!