I work in the IT field and specifically as a network admin for a big company and do a lot of cyber security. I hear many youtubers saying how Proton etc is worthless. They could not be more wrong (unless you are a criminal). Using one of the secure email providers is far superior to gmail, hotmail, yahoo etc. It is amazing how easy a hacker group can get all sorts of information from a garbage email provider. Using an email scrambler like Protons is a very good thing for many websites. Remember, if you use Tor, a VPN, a couple proxy servers and a secure email the FBI, InterPol, NSA etc will be able to read your emails. So before you decide to become the next Viktor Bout you might want to re-think your life. The safest way to email is to use burner accounts over Tor and through a series of proxies and a VPN's before you even go online. That is how Journalists and confidential informants do it. Sure there are things the CIA or NSA etc can do to create truly secure internal emails that will never go over a public server but we are not James Bond.

@Jason Rebholz very good job! Im curious when making the security key is it better to use a password generator offline and just copy and paste in a phrase or a bunch of random numbers and letters? Or make up my own? Also I wanted to know if you can take out passwords without it deleting the account for that password. Lets say i want 1password holding everything but not my gaming account and password if i dont want lets say that or a instagram account in there can i take it out without it deleting my account. Is it easy to basically import export One password at a time not all of them. So i can basically add only what i want.

What's wrong with an excel sheet as your password manager?

messi

Jason I noticed in the create login example you created an Alias but not a login to a web site. On your example you needed to click create login from your note.

SURE THEY ARE IN FACT,,ARE PREETY SIMPLE

I’m hard of hearing. I hear you say “control shift L”. Is that correct? My I-pad keyboard does not label control key? Thanks, Lee

According to ChatGPT this is only applicable if you're self-hosting. If you're using BitWardens cloud storage (default way of using BitWarden), then changing the KDF settings and selecting Argon2id does nothing because you're relying on BitWardens hashing. So unless you're self-hosting, it makes no difference which method you pick Argon2id or SHA-256. If I'm wrong on this then please someone correct me.

What pisses me off about this pricing is if it’s just you, it’s one price, but like more than half the people buying these apps, it is usually you and your spouse. Now you can’t have a spouse on your account without her being considered a family. So these people are forcing a retired couple to pay much more because they are not a couple but a family. I have never in my life ever shown up at a function with my wife, and had all the people there refer to us as a family. But when people or services want to charge extra for a family plan, whether it’s you, and your wife, or you and your wife and ten kids it’s all the same. But we as stupid consumers, they think, we will never catch on. Money, it’s money that everything is based on, but if you have a great product, you shouldn’t need these, extra fees, especially fees that would call your wife a family

Their plans have changed A LOT in 11 months, now they really limit what you get by plan and the cost has gone up quite a bit.

A couple of questions if I may. I've read some talk on the auto-fill feature having some security flaws/issues, and shouldn't be used. Is this still true? Also I noticed a favicon for a website account I've added doesn't seem to populate. The website is Kraken. Anything I can do to fix this? All my other websites populate favicons next to their entry in BitWarden, but not Kraken. This really stris up my OCD, hah.

You're a robot. I knew it. 🙄

This is quite frustrating. I've tried to add passkeys managed by my Google account, as well as Hello Windows, and when it asks for my device PIN it always rejects it.

I get why a work might use this but why would I pay $40 a year in perpituity for a service that google offers for free with its free web browser

Is this KDF feature only available on the paid version of Bitwarden? I don't see it on my free version.

Great tutorial, thanks.

Thanks buddy. FUkin Google Smart Lock stopped working after update to ios 18. Didn' tell me they stop using Smart Lock and switched over to pass keys. FYI.. if using Yubi Key Manager to reset smart key best to uninstalled older Yubi Manager and then install latest version. Don' installed new version without uninstalling older version it will delete the uninstall code on older version. Then ur stuck. I had to system restore my PC to fix.

I wanna ask is passkey automatic generated for our device?

What is the downside?

LMAO it doesn't allow my Firefox to proceed.

What if I leave Bit warden Extension OFF, and then when I need to, Activate the extension when I need it?

THIS IS THE WORST ADVICE EVER 1. Affordability Offline $0.00. Online $25 to $50 a year. 2. Simple Networking makes passwords available everywhere use system scheduler and Free file sync to automate. DON'T TRUST YOU MOST IMPORTANT DATA TO BE STORED ON THEIR COMPUTER. Only an idiot would make only one USB backup. His next video tellsabout online password manager being hacked LOL Here is a another great solution ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-boj9q26gadE.html

Too much Magic.

I clicked for a "tutorial", and got a "lengthy sales pitch" first. People looking for a TUTORIAL shouldn't have to waste thir time on a lengthy sales pitch. Booo.

You are a god dude. I got up in the LastPass Breech. Since then I have never been the same.

If youi die, how will your relatives access your accounts?

The ugliest interface ever on android WHYYYYYYY is it so confusing

Can you make a HOW to change all your passwords using bitwarden?

i just open random website and my antivirus say it had a malvertising

Why would you use a password manager that also hosts your password vault? That sounds really stupid!

What if I forget my pass key? Maybe, I'll just stick with password.

I cant use that on Android

So far I haven't been able to set it up at all. It is amazing the clutter these tech companies fail to cover the most basic functions at all, like setting up the password manager to work at all.

I dont have that screen after clicking create passkey. It just asks me to type a number then says its the wrong number. Google absolutely stinks. Always asking for verification, haphazard non-intuitive email, and rigged search algorithms makes google a horrible time wasting experience all round. If I could avoid this fascist organization I would. No help at all by the way.

this is not what I was expecting from this video...

Is the passkey saved on your apple account in iCloud?

Found this very good and the first tutorial I understood. Yes a bit fast at talking but great summary and intro to something I’ve had for a year and couldn’t get to use as didn’t understand it. Now I’m back into using again. Thx and well done.

You're calling yourself a security expert but you're (still) using goggle's services. Of one thing i am sure: you cant be trusted

it would be good to folow the process of changing passwords in conjunction with a web site..Seeing th flow would be good..................Possible next time!

What I don't understand...are you required to use some kind of a USB key to be able to create a passkey? And does each device require its own passkey?

I hardly ever use my phone for Google anything. My desktop and Chromebook are my usual go-to email devices, but neither has face recognition or fingerprint scanning. So what do passkeys actually bring, assuming I'd have to use a password on those devices anyway?

Thank you for the info. Do you have two Yubikeys, one as primary and one as a back up when login into sites that don't support passkeys but do support Yubikeys?

Hello, Is there any way to recover money ????

My Google Account still saves my password, so I could still sign in with my password if necessary. I thought passkeys enhance security because they are useless if somehow they are stolen, which is of-course not the case with passwords. My question is how do passkeys enhance security, given that passwords can still be used to sign in, as is the case with my Google account?

For a cyber security video, I am sad to see that the email was unblurred at 9:45 for just a moment. Besides that, great vid!

Hi Jason, have you stopped making videos ?

Is all of this still applicable today? Or did Bitwarden update itself to the point where it is no longer needed?

So.much.set up.

Hey mate, am I able to clarify something with you on the whole Bitwarden/passkeys feature? When first using the passkey option on a site (say Microsoft for example), the Bitwarden pop up will appear saying, “Save passkey as new login”. Now as far as I am aware, this is different from using a YubiKey for the passkey where it is stored on the YubiKey only. When using the Bitwarden option to have the passkey stored in your vault, where is the private key being generated and where else is it being stored? Or is it only being stored in the bitwarden vault? I was thinking that there may potentially be a risk with this if the private key is stored on your machine locally as well as your vault should your PC get hacked etc. This might not be as big of an issue as I think though so interested to hear your thoughts. Also, on this topic, what are your recommended settings for Bitwarden and security/2fa etc? I currently use a master password with my Yubikey as the Webauthn 2FA for Bitwarden. I guess this along with passkeys for whatever accounts support it is as good as it gets? Just want to know whether the difference between keeping passkeys in your vault or on the Yubikey are worth thinking about? Thanks!

I tried this on Windows, with both Bitwarden and Windows Hello. The latter does not sync to other devices, but it could use other devices (Android) to store the Passkey. Assuming Bitwarden allows syncing across devices (did not try, but this is the point, otherwise, it's next to useless).