I work in the IT field and specifically as a network admin for a big company and do a lot of cyber security. I hear many youtubers saying how Proton etc is worthless. They could not be more wrong (unless you are a criminal). Using one of the secure email providers is far superior to gmail, hotmail, yahoo etc. It is amazing how easy a hacker group can get all sorts of information from a garbage email provider. Using an email scrambler like Protons is a very good thing for many websites. Remember, if you use Tor, a VPN, a couple proxy servers and a secure email the FBI, InterPol, NSA etc will be able to read your emails. So before you decide to become the next Viktor Bout you might want to re-think your life. The safest way to email is to use burner accounts over Tor and through a series of proxies and a VPN's before you even go online. That is how Journalists and confidential informants do it. Sure there are things the CIA or NSA etc can do to create truly secure internal emails that will never go over a public server but we are not James Bond.
@Jason Rebholz very good job! Im curious when making the security key is it better to use a password generator offline and just copy and paste in a phrase or a bunch of random numbers and letters? Or make up my own? Also I wanted to know if you can take out passwords without it deleting the account for that password. Lets say i want 1password holding everything but not my gaming account and password if i dont want lets say that or a instagram account in there can i take it out without it deleting my account. Is it easy to basically import export One password at a time not all of them. So i can basically add only what i want.
Jason I noticed in the create login example you created an Alias but not a login to a web site. On your example you needed to click create login from your note.
According to ChatGPT this is only applicable if you're self-hosting. If you're using BitWardens cloud storage (default way of using BitWarden), then changing the KDF settings and selecting Argon2id does nothing because you're relying on BitWardens hashing. So unless you're self-hosting, it makes no difference which method you pick Argon2id or SHA-256. If I'm wrong on this then please someone correct me.
What pisses me off about this pricing is if it’s just you, it’s one price, but like more than half the people buying these apps, it is usually you and your spouse. Now you can’t have a spouse on your account without her being considered a family. So these people are forcing a retired couple to pay much more because they are not a couple but a family. I have never in my life ever shown up at a function with my wife, and had all the people there refer to us as a family. But when people or services want to charge extra for a family plan, whether it’s you, and your wife, or you and your wife and ten kids it’s all the same. But we as stupid consumers, they think, we will never catch on. Money, it’s money that everything is based on, but if you have a great product, you shouldn’t need these, extra fees, especially fees that would call your wife a family
A couple of questions if I may. I've read some talk on the auto-fill feature having some security flaws/issues, and shouldn't be used. Is this still true? Also I noticed a favicon for a website account I've added doesn't seem to populate. The website is Kraken. Anything I can do to fix this? All my other websites populate favicons next to their entry in BitWarden, but not Kraken. This really stris up my OCD, hah.
This is quite frustrating. I've tried to add passkeys managed by my Google account, as well as Hello Windows, and when it asks for my device PIN it always rejects it.
Thanks buddy. FUkin Google Smart Lock stopped working after update to ios 18. Didn' tell me they stop using Smart Lock and switched over to pass keys. FYI.. if using Yubi Key Manager to reset smart key best to uninstalled older Yubi Manager and then install latest version. Don' installed new version without uninstalling older version it will delete the uninstall code on older version. Then ur stuck. I had to system restore my PC to fix.
THIS IS THE WORST ADVICE EVER 1. Affordability Offline $0.00. Online $25 to $50 a year. 2. Simple Networking makes passwords available everywhere use system scheduler and Free file sync to automate. DON'T TRUST YOU MOST IMPORTANT DATA TO BE STORED ON THEIR COMPUTER. Only an idiot would make only one USB backup. His next video tellsabout online password manager being hacked LOL Here is a another great solution ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-boj9q26gadE.html
I clicked for a "tutorial", and got a "lengthy sales pitch" first. People looking for a TUTORIAL shouldn't have to waste thir time on a lengthy sales pitch. Booo.
So far I haven't been able to set it up at all. It is amazing the clutter these tech companies fail to cover the most basic functions at all, like setting up the password manager to work at all.
I dont have that screen after clicking create passkey. It just asks me to type a number then says its the wrong number. Google absolutely stinks. Always asking for verification, haphazard non-intuitive email, and rigged search algorithms makes google a horrible time wasting experience all round. If I could avoid this fascist organization I would. No help at all by the way.
Found this very good and the first tutorial I understood. Yes a bit fast at talking but great summary and intro to something I’ve had for a year and couldn’t get to use as didn’t understand it. Now I’m back into using again. Thx and well done.
it would be good to folow the process of changing passwords in conjunction with a web site..Seeing th flow would be good..................Possible next time!
I hardly ever use my phone for Google anything. My desktop and Chromebook are my usual go-to email devices, but neither has face recognition or fingerprint scanning. So what do passkeys actually bring, assuming I'd have to use a password on those devices anyway?
Thank you for the info. Do you have two Yubikeys, one as primary and one as a back up when login into sites that don't support passkeys but do support Yubikeys?
My Google Account still saves my password, so I could still sign in with my password if necessary. I thought passkeys enhance security because they are useless if somehow they are stolen, which is of-course not the case with passwords. My question is how do passkeys enhance security, given that passwords can still be used to sign in, as is the case with my Google account?
Passkeys are new and it will take time before they are extensively rolled out. There will be a long period of time during which both will be used. Even so, passkeys are still more secure if you opt to use it instead of your password whenever possible. You’re reducing the attack surface. I do have some passkeys set up, though ironically not yet for my Google Account. But it’s worth watching a few videos and reading some stuff before taking the plunge. It takes a while to get your head around this stuff.
Hey mate, am I able to clarify something with you on the whole Bitwarden/passkeys feature? When first using the passkey option on a site (say Microsoft for example), the Bitwarden pop up will appear saying, “Save passkey as new login”. Now as far as I am aware, this is different from using a YubiKey for the passkey where it is stored on the YubiKey only. When using the Bitwarden option to have the passkey stored in your vault, where is the private key being generated and where else is it being stored? Or is it only being stored in the bitwarden vault? I was thinking that there may potentially be a risk with this if the private key is stored on your machine locally as well as your vault should your PC get hacked etc. This might not be as big of an issue as I think though so interested to hear your thoughts. Also, on this topic, what are your recommended settings for Bitwarden and security/2fa etc? I currently use a master password with my Yubikey as the Webauthn 2FA for Bitwarden. I guess this along with passkeys for whatever accounts support it is as good as it gets? Just want to know whether the difference between keeping passkeys in your vault or on the Yubikey are worth thinking about? Thanks!
I tried this on Windows, with both Bitwarden and Windows Hello. The latter does not sync to other devices, but it could use other devices (Android) to store the Passkey. Assuming Bitwarden allows syncing across devices (did not try, but this is the point, otherwise, it's next to useless).