Day 1: Use a Password Manager

Why You Need a Password Manager

A password manager helps you securely store and manage strong, unique passwords for all your online accounts. Instead of remembering dozens of complex passwords, you only need to remember one strong master password. This greatly reduces the risk of password reuse, weak passwords, and phishing attacks.

I recommend Bitwarden because it is open-source, secure, and easy to use. The European instance, Bitwarden.eu, is hosted in the EU, follows strong data protection regulations, and is less likely to be seized by an insane government.

Key Benefits of Bitwarden:

  • Stores and autofills passwords securely
  • Works across all devices (Windows, Mac, iPhone, Android, browser extensions)
  • Supports Two-Factor Authentication (2FA) for added security, which we’ll talk about later
  • Encrypted with zero-knowledge architecture, meaning not even Bitwarden staff can access your vault - only you
  • Free to use with optional premium features

Step 1: Sign up for Bitwarden

Go to https://vault.bitwarden.eu/#/signup and follow the process. Make sure that bitwarden.eu is selected in the drop down

Step 2: Create a Strong Master Password

Your master password protects all your saved credentials, so it must be strong and unique. Follow these guidelines:
✅ Use at least 14-20 characters. (My passphrase is 75 characters long)
✅ Include a mix of uppercase, lowercase, numbers, and symbols
✅ Avoid common words, names, or dates. Avoid information that is personal to you that can be discovered through Facebook or other public information
✅ Use a passphrase (e.g., “Dragon!Tree$Lemon99”, or “Sometimes late at night, 1 lie awake and watch 4 dreaming!”)
Four or more random words put together that you can memorise with an image is surprisingly secure. This website helps you generate them.
Do not reuse a password from any other account or any password you have ever previously used.

🔹 Tip: Use Bitwarden’s password strength tester to check your master password.

Step 3: Install Bitwarden on Your Devices

Windows & Mac

  1. Go to https://bitwarden.com/download.
  2. Download and install the desktop app for your operating system.
  3. Open Bitwarden and log in with your new master password.

iPhone & Android

  1. Open the App Store (iPhone) or Google Play Store (Android). (or use the links at bitwarden.com/download)
  2. Search for Bitwarden Password Manager.
  3. Install the app and sign in.
  4. Enable autofill so Bitwarden can suggest and fill in passwords for apps and websites.
    • iPhone: Settings → Passwords → AutoFill Passwords → Enable Bitwarden.
    • Android: Settings → Passwords & security → Auto-fill service → Select Bitwarden.

Browser Extension (Chrome, Firefox, Edge, Safari, etc.)

You can install bitwarden as an extension for the your WWW browser (e.g. Google Chrome). This enables Auto-Fill of passwords when you’re using the web and generally makes it usable on your computer/laptop.

  1. Visit https://bitwarden.eu/download.
  2. Select your browser and install the Bitwarden extension.
  3. Log in and pin the extension for quick access.
    Once installed, you should find it in the top right of your browser window. You may need to go into Extensions to find it (the first highlight). If you do, you can use the pin Icon in there to pin it to the toolbar.
    ecad4411e9d614472612d13f0495b41d.png

Step 4: Save Your First Passwords

Start by adding important accounts (email, banking, social media) to Bitwarden. Use the Bitwarden password generator to create strong, unique passwords for each one. Change the passwords, don’t just add the current password.
Because you don’t have to remember them, you can make these as strong as the site will support.

Step 5: Make Life Easier

There’s a trade-off between security and ease of use. I think the following settings are reasonable to make it easier to use Bitwarden in your life. But they make it easier for someone with access to your phone to do bad things. Think about your threat model.

Mobile Apps

  • In Settings, Account Security, turn on Unlock with Biometrics, so that you can use fingerprint unlock
  • Alternatively turn on Unlock with PIN Code in the same place
  • Set Session timeout action to “Lock”

Browser Extension

  • In Settings, Account Security set Session timeout action to “Lock”
  • Unlock with PIN code
  • On Windows you can configure unlock with Biometrics. It’s a bit fiddly. You need to have the Desktop application installed. If you struggle with this, I’ll help you out when we’re in Wexford.

Next Steps

Now that you have a secure password manager, tomorrow’s task will be to enable Two-Factor Authentication (2FA) to add an extra layer of security to your most critical accounts.

Action for Today: Install Bitwarden on all your devices and secure your first few accounts!

Month of Security
Day 1: Use a Password Manager
http://comicmuse.net/p/1d47857ad485489780539da43e79845f/
Author
comicmuse
Posted on
March 1, 2025
Licensed under