Password management
Using the same password everywhere? Stop doing that and use a password manager instead. In this training you'll learn step by step how to work with Bitwarden, the password manager we deploy at our clients.
How many accounts do you have where you use the same (or nearly the same) password? Count them — most people end up with more than ten.
Why use a password manager?
If a website where you have an account gets hacked, criminals immediately try that same email address and password on hundreds of other services (credential stuffing). If you reuse passwords, your entire digital life goes down with it. A password manager solves this: you only need to remember one strong master password, and the manager generates and remembers a unique, long and random password for every service.
Wondering whether your email address has already been in a data breach? Check it on Have I Been Pwned.
Getting started in four steps
-
Create a strong master password
Your master password is the key to your vault. Make it long rather than complicated: a passphrase of four or five random words (for example fiets-wolk-drummer-augurk) is much stronger than W8chtw00rd! and easier to remember. Never use it anywhere else and never share it with anyone.
-
Install Bitwarden
Create an account and install the apps — Bitwarden explains this well itself:
- Getting started with the web vault
- Installing the browser extension (Chrome, Edge, Firefox)
- Setting up the mobile app (with autofill)
-
Fill your vault
Import your existing passwords from your browser and then turn off password saving in the browser. Replace weak and reused passwords step by step using the password generator: at least 16 characters, random. After all, you no longer need to remember them yourself.
-
Turn on two-factor authentication
Two-factor authentication (2FA) is the safety net for when a password leaks anyway. Enable it at minimum on your email, your Bitwarden account and your banking. Prefer an authenticator app over SMS. Bitwarden can also generate 2FA codes for your other accounts and fill them in automatically.
Frequently asked questions
What if I forget my master password?
Bitwarden cannot reset your master password — that's precisely the strength of the encryption. So write it down once on paper and keep it in a physically secure place (a safe). Within a business environment, account recovery can be set up through the organisation.
Isn't it dangerous to keep everything in one place?
Your vault is encrypted with your master password; not even Bitwarden can get into it. One strong vault with 2FA is demonstrably safer than dozens of weak, reused passwords scattered around.
Am I allowed to share passwords with colleagues?
Yes — but only through the password manager. With Bitwarden Organizations you share credentials per team or folder, and you can revoke access immediately when someone leaves. Never by email, chat apps or notes.
My browser already remembers my passwords, doesn't it?
Browsers store passwords less securely and sync them to your personal account. A password manager offers strong encryption, secure sharing, 2FA codes and data breach warnings.
✔ Do
- One unique password per service
- A passphrase as your master password
- 2FA on all important accounts
- Share only through the password manager
- Change your password immediately after a data breach notice
✘ Don't
- Reuse passwords
- Save passwords in the browser
- Keep passwords on post-its or in Excel
- Use your master password anywhere else
- Give out 2FA codes to anyone who asks for them by phone
Test yourself
Further reading
- Bitwarden Help Center — all official documentation
- Veiliginternetten.nl — the Dutch government's practical tips on passwords and accounts (Dutch)
- Have I Been Pwned — check whether your data was in a data breach