Bitwarden Tutorial | The Full Beginners Guide
ฝัง
- เผยแพร่เมื่อ 25 มิ.ย. 2024
- Bitwarden is a leading online password manager. In this video, I'll show you how to set up Bitwarden from scratch with security in mind. This is the complete beginner's guide that sets you up securely.
Links
Bitwarden: bitwarden.com/
📝 Sign up for my free weekly security newsletter: weekendbyte.teachmecyber.com/
❤️ Leave a comment and hit the like button because it helps spread cyber security knowledge to more people.
Table of Contents
00:00 - Intro
00:21 - Create an account
00:44 - Choose a master password
01:44 - Disable Google Password Manager
02:18 - Login to Bitwarden
02:46 - Add MFA
04:34 - KDR key iterations
05:15 - Vault timeout
05:40 - Import your old passwords
06:18 - Install the browser extension
07:58 - Using Bitwarden
10:27 - Enabling auto-fill
11:07 - Premium features
12:14 - Closing
🔔If you found this helpful, subscribe to the channel!
www.youtube.com/@teachmecyber...
🚀 Connect with me on LinkedIn
/ jrebholz
✅ Recommended playlists:
Cyber Security for Beginners | Basics of IT
• Cyber Security Classes... - วิทยาศาสตร์และเทคโนโลยี
Great video! Everything I needed to feel confident setting everything up
Awesome, you'll have it set up in no time!
This is honestly such a great guide. Thank you very much my dude
Appreciate it!
thank you for the tutorial, very clear and helpful. your channel definitely deserve to grow a lot more
Thank you for that feedback!
Amazing tutorial, thank you Jason!
Thanks for watching!
Thanks for this video I really needed it. Straight to the point and easy to understand, great tutorial.
Glad it was helpful!
Great Tutorial and Explanation, Thanks Jason
Thanks for watching!
Thanks, Jason. Your videos have been very helpful to me with my transition to Bitwarden.
Awesome, glad to hear that! How do you like it so far?
Finally I can delete my google spreadsheet with all my passwords in it hahaha. Thanks for the easy to follow tutorial.
What a great feeling! This is going to be so much better and easier for you!
can you possibly share it before deleting??
@@grzegorzkowalski3001 what the fuck did you just ask haha?
@@vincenius3630ever heard about so called 'jokes'? :)
Thank you. I get all the info that I needed !🎉
Glad to hear that!
Fantastic tutorial, very detailed and at the same time simple explanation. Thanks Jason
Thanks for watching!
What an incredible turtorial, you really made it simple to grasp and understand. I just downloaded Bitwarden for my PC. Thank you.
Glad it was helpful! Enjoy Bitwarden!
Thanks for the quick intro video!
Thanks for watching!
Haha - I was not thinking as I followed along and scanned your QR Code - hello Rick Astley!! Love it. Thanks for a great tutorial.
Thanks. Simple and easy to understand tutorial for getting started with Bitwarden.
Thanks for watching!
Excellent Tutorial, you saved me a lot of time!!
Glad to hear that, thanks for watching!
Thanks for the straight forward tutorial, simple and easy to follow bro
Glad to hear that, thanks for watching!
Great video, easy to follow and understand! Keep up the great work!
Thanks for watching!
❤ Thank you for making this process SOOO much easier for us 🎉 GOOD JERB
Great Video, clear instructions, Thank you!
Glad you enjoyed it!
This is a terrific help video as I explore Bitwarden for the first time.
Glad it was helpful!
great to the point video. thanks 🙏
Thanks for the clear explanation. 👍
Thanks for watching!
Great video on getting started, I LOVE Bitwarden.
I love the customization that's available to increase the security settings!
i love this 10$ for a year!! im definitely going to buy it
Nicely Done! Simple and very easy to understand 🇺🇸✅✈️😊
Glad you enjoyed it!
amazing video thanks
Thank you. Deep in a nutshell 👍🏽
Thanks for watching!
This is a great video, you deserve way more view and subs!
Thanks, appreciate that feedback!
Great informative video. Thanks alot
Thanks for watching!
Awesome thanks so much
Thanks for watching!
I enjoyed it and found it very insightful.
Thanks for watching!
Thank you, very usefull!!
Glad it was helpful!
Thanks!
Thanks, appreciate it!
Thank you
Thanks for watching!
Best video I have seen, but I am still a little confused on how to get started for me and the wife (kind of a low-tech buy in my 60's). Are you available for paid consulting to help make sure I can everything right? Thanks
Hi Jason, what an incredible tutorial. I have one question. What happens when you change your phone? How do you get the QR code on your new phone? Thank you for the great work and keep up the great work.
Thanks for great help, Jason. I'm gonna get Bitwarden. What authenicator do you recommend?
For the best security, I would go with a yubikey. If you're okay with using an app based authenticator, anything works. I like Google Authenticator.
10:27 - Defintely don't follow that advice on autofill. That specific feature can increase the chances of passwords being compromised. Even in this video, you can see the "WARNING" statment Bitwarden put under that setting selection. Really shouldn't be encouraging people to tick that box without flagging the potential dangers.
can you do a video or have you done one about if you set up an account via the web, will it be the same on mobile devices i.e. Facebook.
Great video and I use the program. Note: Under Win 11 perfectly with all browsers, but Pixel 6 with Android 14 no autofill with Chrome (Firefox works perfectly). Therefore not a full recommendation on my part.
Thanks for the info on the Pixel 6!
Thank you, this video was super helpful for me. Clear steps and instructions. I set up my vault in no time, even though I identify as a Gen X woman. :D
That's awesome to hear! Nice job!
Would you consider covering the steps one needs to take when cancelling a bitwarden subscription? What’s the process of transitioning all your passwords? No one ever talks about this. Cheers!
Love this idea. I'll add it to my queue and see if there's similar feedback on it!
Great video! I'm experimenting with Bitwarden now. How do you feel about Proton?
I'll be doing a deep dive on Proton pass in the near future. From my research so far, decent solution that's best when bundled with Proton's other services.
Thank you for the helpful information in your video. I am trying to export my passwords from Dashlance to Bitwarden. I cannot locate the export link on Dashlane. Do you know what I am doing incorrectly? I use the Dashlane free version. Thank you for your time.
I knew i was going to get rolled, but i still went for.
Recovery codes are one of the most important thing when setting up MFA, otherwise you can loose access to your vault if your phones got lost or broken or whatever
Always a good idea to secure those!
Thank you for making this well constructed video.
Just wondering, If I were to add MFA with my email address, will I have to use the same 6 digits every single time I enter my master password. So, as long as I do not turn off MFA, do I just need to memorise the same 6 digits for whenever I need to log in.
When you set up MFA token it will rotate so you only use it once. This makes it safer.
Loved the tutorial. Can you offer your views on how I handle the 'LastPass' situation, (possible video perhaps). If I'm moving over to Bitwarden because of LastPass security breaches, I assume the User would (having imported all passwords) have to change them within Bitwarden to make them totally secure. Plus how would you securely delete your Lastpass account and details with confidence?
With the LastPass scenario, you can change all of your passwords after you import them to Bitwarden. You'll have to do this with each website (which can be time consuming).
Changing the passwords after importing them into Bitwarden will make anything you had in LastPass irrelevant even if an attacker would be able to get them.
Check out my other Bitwarden video on the setting to increase the security on your Bitwarden vault.
Thanks...@@teachmecyber
Thanks for the tutorial, super easy to follow! I did have a question. Once I import passwords from chrome, brave, etc, am I able to then change those passwords within bitwarden using the random generator to have them be much more secure, and if so how does that work? I’m assuming once they’re added you can go into that specific password and hit edit/change? Thanks in advance!
Once you import them, you would have to go to each website to change the password there. During the password reset process on the website, you can use Bitwarden to create a strong password and it will be saved to your vault.
@@teachmecyber Ok that's what I figured, thanks!
Im aware this video came out awile ago but im super stoked about bitwarden however i was wondering if there is an easy way to change my really bad old passwords into one randomly generated without having to go in and manually change them all by hand?
i have this question too
Thanks for making these! As a cyber professional to be, I wanna know the best course of action for password management to recommend to others.
Thanks for watching!
Great video. I'm coming from Dashlane, Is there an option to disable Bitwarden on a specific website?
Disable in what sense? If you don't have an entry for it saved, it won't auto populate
Great tutorial...simple...but if you ever wanted to know the password contained in the vault for a specific web site, how do you find out?
You can just open the vault and search for the website or application. From there you can view it
I don’t mean to be skeptical, but what does this do that chrome password manager doesn’t?
Take a shot every time this guy says "go ahead and" or "gonna wanna" and you'll be drunk in no time! If you can get past that, it's a good tutorial.
What you're gonna wanna do is go ahead and take a shot 🤣🤣🤣
I just watched a video by you suggesting to keep auto fill off due to some vulnerability? Has that situation changed? Thanks
Bitwarden has fixed the root issue, so it's safe to use again!
I'm trying to add a credit card. Any ideas?
I got have way thru your video where you import your passwords. I am not using any password manage so I am trying to import my passwords from an excel file saved as a *.csv file.. After selecting Bitwarden.csv file as format, I try to import my password file and get" error message " Data is not formatted correctly. Please check you import file and try again." How do you manually enter passwords one by one since this step is anything but "Super Easy" as you say in your video????????????????????? Additional details at this step would be most helpful!
So I followed this video and attempted to set this up on a windows pc. In the two step section at 4.00 mins , I did what as shown and scanned the QR code using my phone. This brought up a long list on my phone , so I randomly clicked on Google play from the list and it gave me a 6 digit password which worked. However the first time I tried to log in on my PC after this , it asks for a new 6 digit password , I have no idea how or where to find it . That ended the whole thing for me. Even tried to set up a new account and start again but of course the system has my email address as already being used so I can’t continue.
Which application did you download that gave you the 6 digit code? Whatever application you downloaded is where you will find the six digit code. Each time you log in, you will be prompted for it.
You can also check out my more recent video on setting up Bitwarden with passkeys which will be easier to use.
th-cam.com/video/QkC1LcRUpag/w-d-xo.html&ab_channel=JasonRebholz-TeachMeCyber
Hi Jason- May I ask a question, and forgive me if it's silly, I am in my 70s and not exactly technically aware. I write because I had a problem with my laptop once and left it with a repairer but forgot to give him my code to open the laptop.. I rang him a few days later when I remembered and he said I've already fixed it. Cracking the laptop's code is no problem to people who need to know.
So bearing that in mind, if I put Bitwarden onto my extension it looks like you don't have to input your Bitwarden password again if a browser is already open, when the laptop is in like sleep mode. Which I normally do when signing off. So if someone pinched my laptop could they simply open the computer [if in the know] and click on the extension manager to have access to logins. - like I said, apologies if question is silly or you've already answered it in your presentation.
You can control this behavior using the timeout feature. It will lock the extension after a certain time of it not being used. Even if the browser is open, if the timeout is reached it will force you to login again.
@@teachmecyber Oh thanks. I remember you saying change timeout to 5 mins. So that's what it means. Thankyou for answering my query, I appreciate it. Your guide was/is very helpful. Cheers, Steve
Thanks for the feedback and good luck!
One of late movers to password managers and considering Bitwarden - although my question relates to all password managers - lets assume I have 100 logins of 'dubious' password quality I need to enter, what is the best workflow to enter manually?
I was thinking of
1) take say 10 logins
2) enter details as I currently use now
3) check I can login OK ie autofil works correctly
4) change each password using passwrodxd generator
5) Repeat next batch
Best done in web version or browser ext?
Thanks
It's never too late to get started with a password manager. If you have your passwords somewhere already (even if it's just typed out somewhere in a file), the easiest way is to format the passwords in a CSV file that you can import into your password manager.
Here's a link to the format for Bitwarden: bitwarden.com/help/condition-bitwarden-import/
The more manual approach would be to log into each website (whatever batches work for you), reset the password using the password generator, and enable MFA where you can.
For this, the browser extension will be your best bet.
Hope that helps!
@@teachmecyber Mine are handwritten in a notebook, a very thick notebook. I think I'm gonna need AI to transfer mine or I gonna have a lot of boring manual transfer to do..
So the password manager provides and remembers all these great passwords, but then you only need one password to get into the password manager which grants you access to all the great passwords stored in it. How is this different from using the same password on every site you log into?
You can and should put MFA in front of the password manager to secure it. The main risk with using the same password on every website is that if that password is ever compromised, attackers will try to log into other websites.
Thx for the video. I have a question if i have this app with the code two factor authentification what would happend if my phone get destroyed(happend to me sometimes) how am i able to access my bitlocker Account?
It depends on the authentication app. For most, if you lose your phone you'll be forced to use backup codes for each app if they provided it. In some cases, you'll be locked out and need to work with each app to reset the MFA.
Google has a new feature that you can sync your those 2FA codes to other devices so that if you lose your phone you will still have access to the codes in the future
A good system is to have a backup MFA mechanism, like a spare yubikey
@@teachmecyber.. an even better system is not to loose your phone in the first place. For something that most people can't do anything without, there is allot more than "oh i lost my phone"
With authy authentication app, you can have the same features on the smartphone and on the desktop/laptop. If you loose the phone, you still can use the software on your pc
Do you recommend this or 1password if you going to the premium route?
If you're planning to go the family plan route where you will share it with less technical people, I would go with 1password.
If it's just you and you like the additional configuration options, go with Bitwarden. If you're looking for something that is easy to use and still super secure, go with 1password.
You can't go wrong with either choice
@@teachmecyber I went with Bitwarden premium have a quick question since I am new to password managers, Do you have to sign in with your master password in BW google chrome extension whenever you restart your pc to fill a password in case you need or is there any other way too cause the extension is locked after windows restart or browser closer unless you put your master password because I am paranoid if any keylogger get to my windows pc and capture my master password
Try setting the lockout period to never. Also, set up MFA with a hardware token. That will keep local or online access locked down.
If you're still concerned, 1password's use of a secret key is an added layer that Bitwarden doesn't have
How do I import a spreadsheet of all my passwords into BitWarden?
Here are instructions: bitwarden.com/help/condition-bitwarden-import/
I'll be making a video on this in the future as I get a lot of questions on this!
Do you know how I can get Bitwarden to auto generate a new password on iOS when in an app (not a browser) and you create a new account.
Autofill and app extension are activated, but the suggestion of a new password still doesn’t work.
Thanks for the assistance
Are you seeing this in every app or just a subset? I've had similar issues in some apps which has forced me to just open up Bitwarden separately and make a new entry manually.
In most apps…
There have been some issues with Bitwarden in the past with IOS. You may have to click the autofill a few times.
Amazing explain with example, thanks! 🎉 Now when I see how much is easy to use with friendly UI, I see I made a big mistake...😢
I have question for you. I am middle of trojan attack where probably stole maybe all my passwords from Opera, Chrome, Egde.
1. Is it safe to create bitwarden account if trojan still exist on my win11?
2. My emails are compromised and passwords, that's mean I have to say farewell for all of them and bitwarden to crates unique password for all of my accounts where I need to change them one by one?
3. Up to now I used 3 emails for registrations on webshops, forums, subscribes, different platforms etc. What do you think to create a new gmail account only for registrations and in all of those sites to use only that one?
I want to be maximum safe in the future
1. If you still have malware on your system, don't create your bitwarden account just yet. This is just in case they have a keylogger on your system. Instead, I would first reinstall your operating system to just be on the safe side.
2. If you believe all of your passwords were stolen from your browsers, you will want to change each one of them that was stored. As you change them, set up MFA for each account that supports it. If they support passkeys, use that!
3. Using a unique email per login can help with security and privacy but it's not a huge difference maker. If this is important to you, check out my video on Proton Pass. They have a built in feature to use a unique email address for each account. Alternatively, there's a trick where you can add a "+" to your email address and still have it reach you. E.g. if your email was gorky25@gmail.com, you could do gorky25+amazon@gmail.com for your amazon account. Just change out "amazon" for whatever account you want to use.
@@teachmecyber I appreciate your answers, thank you very much!
@@teachmecyber I didn't ask. Is it all the same on mobile phone? Maybe to start from there for sensitive accounts before I clean all or uninstall OS (I just reinstalled 3 months ago :(( )
Should be fine from your mobile device. You're much less likely to have an issue there! So that's a good way to get started while you work through cleaning up your desktop. Good luck!
What about a self-hosted video, Docker behind nginx proxy manager, not the easy setup on ubunto
Still don't know how to add all my websites and passwords. If I've got an account with pre-existing password how do I make Bitwarden take over the password? I don't have them in an importable doc....what do I do? One by one? But how?
If you aren't storing the passwords anywhere, you'll need to access your websites one by one and reset the password. When you reset the password, you can use bitwarden to generate and store the password.
I am using bitwarden as my password manager setup on my phone and PC. Password of a website is saved on it. Now, I am logging into the website through my friends PC where the password manager is not setup. How do I log in as I dont know my password?
Your best is to pull it up on your phone and manually enter it. Alternatively, you could install the browser extension on your friends browser and pull it there. Not ideal though because you're installing something on their computer
What if one's browser is a fork of Chrome, say Thorium? How do you import passwords from that? Thorium will export them to a .csv file I believe.
If you have a CSV, you can import that into Bitwarden. You just have to format the CSV correctly. Instructions for that are available here: bitwarden.com/help/condition-bitwarden-import/
And...does that password change and stored each time you sign into a web site?
It is not changed every time you login. You have to manually change passwords.
This didn't work out quite as planned. I was able to export the logins from Firrefox to a text file (CSV) and then I was able to load those logins to BitWarden, but none of the website names are included so I have no idea which one is which.
I'm having to go through 180+ logins, copy the password from BW, paste that into FF password manager to find what website it is, visit the website and let FF log me in so that BW can ask me if I want to save this login, click yes and then delete the old entry in BW.
So convoluted. I also have no idea if the FF browser addon is communicating with the desktop app that I had already downloaded before I watched this tutorial.
Try to export the passwords from Firefox again using this guide (if you haven't already):
bitwarden.com/help/import-from-firefox/#tab-latest-version-5UCjBiyWDXDeA1mED6tyhZ
You can open the CSV to see if the URL is in there before you import to Bitwarden.
Good vid.. But i ran into some strange behavior. I use Bitwarden with 'auto lock" for security reasons. However, when i enter my PIN to unlock via context menu (ie lets say on Google..) my vault has (2) account, yet when i unlock this way via the context menu, it unlocks and autofill's the 2nd entry not the 1st..
Anyone else find this a problem or is just me? The way their store din my Vault, i have to keep clicking the 1st one all the time, or unlock via extension. The alternative would probably be to switch them around in the vault so the 2nd one becomes 1st, and 1st becomes 2nd..
But still....
When you say the second entry, are you saying the password entry from the second vault but you want it to fill in the information from the first vault?
@@teachmecyber Correct. I'm just surprised it assumes the 2nd entry ,,,and wonder why if there are two
So let's say I upload the passwords from chrome into the Bitwarden. Do I then delete all the passwords from chrome ?
Yes, once you confirm they're in Bitwarden, go ahead and delete them from Chrome
got it bro, thank you !@@teachmecyber
Very nice until it stops working and you can't log in either with the app or the token sent to your email. My experience with it was very bad.
I would switch from LastPass but it's a pain in the ass. I would have to transfer all my data, plus I also use an Authenticator with Last Pass, and I just don't want to deal with creating all that new authentication shit.
2:10
Oops!
😄
🤣🤣🤣 good catch!
soory man but I am confused. How do I tell Bit Warden that I want to use it for my existing Logins like Gmail. I go to my Gmail and it asked for my password. I have no idea what to do next ?
Make sure you set up the browser extension and enable auto-fill. As long as you have the website added to Bitwarden, it will fill it in for you. If for some reason it doesn't, you can open the browser plug-in, search for it there, and then select it there to fill in.
@@teachmecyber Great thanks for your help.
@@teachmecyberI find this response completely uninformative! I still don’t know how to get this program to work! It is actually far too complicated!
The program should guide me through the entire process! As always it always assumes that I know something I just don’t really know!
It frustrates me when the instructions ask me to click on something which I don’t know it is! The authors ALWAYS assume that I know what symbol they are talking about! You know that symbol to the right of this message, the arrow pointing to the right. How am I supposed to know what that symbol means? The authors explaining how something works ALWAYS assumes that I know what any particular symbol represents! I don’t! It is not at all clear to me why an arrow head pointing to the right should mean post. The authors ALWAYS assume that I know! It is so frustrating and you don’t even realize the frustration I feel! I am not honestly sure that I will ever get Bitwarden to work!
its mostly great but he overcomplicated the way for remembering a login @8:08
you just need to login like normal and when you press login BW will ask you automatically if you want the password to be remembered
it works 9/10 times
the way he did it is for when BW fails to ask you if you want to save the login
P.S Jason m8 don't show the QR code for 2fa
someone might be able to get your 2fa token like that
Go ahead and scan it and you'll see something fun 😂
don't know how much you care but you can kind of make out your email @ 10:17, nice guide tho bro
Thanks for the flag! Thankfully it's a throw away account 😂
Dude, I wish you had told me to write down the authenticator code. I didn't know I'd need the same numbers again. Now I can't log back in.... Any advice?
The authenticator code changes. You'll need to check the app to get a fresh code each time. Try that and see if you can get in
That worked. To my amazement. I never knew there was such a thing. Thanks a lot for your help. Do you have any other tutorials? I want to know how to use it to change my existing passwords.
Also, the thing that scares me about these kinds of things is what if somebody figures out my base password? Then they have access to everything, is that right?
I have a bunch of Bitwarden videos, check them out! You have to make sure your master password is safe. Be sure to add MFA to your account as that will help keep your vault safe from hackers. I have a video on this!
oops. i just found the IOS information on your video at about the 12 minute mark. my apologies!
It's hidden in there!
Again why and what is default
Please use Dark Mode, sincerely - My Eyeballs
Haha my sincere apologies to your eyeballs. Noted for future videos!
this is all alot of hassle when google does it all for u, i dont have alot of patience lol
It's worth the set up time. So much better and more secure than Google's password manager!
Too much jargon with no explanation… need a more basic tutorial
I'm sorry you felt this way. Is there anything else I can expand on that will help make it more clear?
Eh, what? This is extremely well explained! Like straight forward, because he leaves us nothing but the important details. Nah man, this is a great tutorial.
I found this easy, understandable and straight forward, even though I’m not native english speaker. Only the basics to get started. Just what I needed!
Ridiculous comment. It is an extremely well made tutorial.
Dont agree at all. This was just what i needed and im new to this kind of product. Very well done. 👏
I have my own server where I put 2 docker containers, bitwarden and mysql5.7, no need to pay anything, no account on their official site, works just fine.
That's a great way to do it for those that are up to the install / maintenance
your own server?
Dockers
Container?
What are these terms what do you mean how do you do it can you please explain in brief