10/3/2023 0 Comments Bitwarden vsThat is why you absolutely MUST have an emergency kit. If I forget the masterkey, then all my passwords are lost. I use bitwarden and am pretty happy with it. I know nothing about protonpass, from what I've heard it's a good company that values privacy and security, they've probably done a good job at it. It's not perfect, you have to subscribe to a premium account, you have to know someone with a bitwarden account (i'm not sure if they need premium too), and you have to wait a few days / weeks to get access again, but it's a pretty safe option, any attempt to abuse it while you still control your account would mean you can deny access easily. If you keep a copy of your master password in your vault, you can get it back from them and be able to log in again. If you want to disallow access you can just click a link in the e-mail, if after a configurable period of time you haven't denied access, they can then access your vault. They request access, and you get sent an e-mail automatically. Basically you nominate someone else who has a bitwarden account to have emergency access to your account. With bitwarden premium there's a feature called emergency access. Then there are other ways of regaining access to your vault. ), there's risks in that but given it's encrypted it's probably fine, just remember that if you loose all your devices and your master password then you might not be able to access your cloud at all. Leave a USB (encrypted) in a safe place at a friends / family member's house, or even put it in the cloud (googled drive / dropbox /. Having one on your computer is no use if your hard drive dies or your computer is stolen. Remember that you should have multiple copies of your backup. Or you can keep it unencrypted, at which point you risk it being stolen, you can mitigate that risk by putting it in a safe, or a safety deposit box. You can keep it encrypted, which won't help you if you forget your master password. Then you can and should keep a backup of your vault. Some people who are in danger for corporate espionage or being persecuted by their government may need to reconsider this, but for most people it's fine. It's a security risk, but it's not a high risk for most people. I have a waterproof wallet thing where I keep important documents, like my passport, and some 2FA backup codes, etc. I also leave a copy of the password at home in a safe place. I've also got 2FA set up so even with my password some random opportunist that steals / finds my wallet isn't going to be able to get in, nor will they know my e-mail address. I don't write that it's my bitwarden password, if I loose my wallet then nobody is going to know what that piece of paper means. I like to keep a copy in my wallet for a couple of months. You should also write it down at first, and keep it somewhere safe. After a few weeks / months you can up the timeouts a bit so you don't have to constantly re-enter your password. Having to enter your password 4 or 5 times a day really helps you build the muscle memory so that you don't forget it. Personally when I change my master password / set up a new account I set the timeouts to be pretty short, like 15 minutes. Some people like to leave their bitwarden logged in for hours or only ever unlock it using a fingerprint or a pin rather than their password. Now you can make it easier for yourself to not forget your password by using it more often. Look into your options and set them up in a sensible manner. There are various options all of which have downsides, but the downside of loosing access is pretty high. E-mail providers have ways to regain access to your e-mail account if you forget your password. HOWEVER you won't be able to reset your e-mail password without knowing your old one. It's also usually something that we tend to leave logged in on all our devices forever, loosing your e-mail password would still let you recover all your other accounts, unless you also loose access to all your devices. If worst comes to worst as long as you have access to your e-mail then you can slowly get back control of everything. You can reset bank account logins by a phone call / visiting the branch, etc. You can gain access to most accounts (not bitwarden) by doing a password reset as long as you have access to your e-mail. There are ways around it, but every way to access an account that's not via your password is another way an attacker could also breach your security. You are right to worry about this, getting locked out of everything is a risk. If it were not the case then it would mean that if someone hacked bitwarden's servers they could potentially access your data.Īlso how is this different to your spreadsheet? If you forget the password to that then you loose access. I was gonna start using Bitwarden but then found out that if I forget the masterkey, then all my passwords are lost
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |