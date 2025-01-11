We at XDA are big proponents of using a password manager. It increases personal security by requiring you to use unique passwords for every service you sign up for. After all, yearly reports show just how bad we really are at choosing our own passwords. That might mean you're already using one of our favorites, like Bitwarden, but are you using all the security features it offers?

Generating random, long passwords is a good start, but these other features can make your digital life safer and easier to manage. Here are some of the features of Bitwarden that you might not be using already but should check out.

5 Passkey storage

The best password is one you don't ever have to type

Long, randomly generated unique passwords are a good step towards keeping online accounts safe. The length is the most important part, and we suggest setting Bitwarden to 20 digits or more if the service you're signing up to supports it. That's because password crackers can brute-force shorter passwords in a matter of minutes, especially with the graphics cards used for cracking getting more powerful every generation.

But long passwords can't protect you against bad data storage practices or against hacks or leaks from the services you're using. What can protect you is by using passkeys wherever possible and storing half of the passkey in your Bitwarden account. That way, even if a service gets hacked, the hacker only gets a partial credential in that half of the passkey, and can't get into your account without also having access to your password manager's vault.

It's one of the safest ways to handle credentials currently, and it also protects your online accounts against hackers who try to access them by reusing common passwords or using password-stuffing attacks. Simply set Bitwarden as your passkey provider in your device's menu or in the Chrome extension, and generate passkeys wherever you can.

4 Secure note storage

Keep your important notes safely encrypted with zero-trust

Password managers like Bitwarden can store more than just passkeys and passwords. You might already be using your password manager to store credit card details securely, so that you don't have to type in your details when checking out online. You can also store identities in Bitwarden, which includes personal data that might not be associated with an individual account, like name details, physical addresses, and more.

But the feature you might not be using is Bitwarden's secure notes function. Many people use their mobile devices to jot down notes for future use, but those notes are usually saved insecurely, which could become a security issue. By saving these notes in Bitwarden, they are encrypted and locked behind the biometrics of your mobile device, so only you can access them. That's important if you were to misplace your phone or if someone stole it and went looking for any information that might have value. Free users can only add notes,

It's important to note that Bitwarden encrypts all information in your vault, not just passwords. That means anyone who gains access to your vault without the master password won't be able to see usernames, URLs, secure notes, credit card details, personal information, or anything else. The whole architecture is built on zero trust, and that's fantastic to see from a password manager.

3 Emergency access and sharing

Give other users access to specific credentials with stipulations

If you ever have to share credentials with someone else, you might be tempted to pick up a Post-it note and write it down. But that's a terribly insecure way of doing things, and we don't recommend it. Bitwarden has two ways of sharing credentials with someone else that make the process easy and secure. The first is Bitwarden Send, which shares the credentials as an encrypted link. You can make the process even more secure by setting an expiry date on the link, a deletion date, and even a maximum access limit so you know that other users with the link won't be able to access the account.

That's all you need for occasional sharing, but if you have accounts that you want someone to have access to more often, you can set up an Organization. Then, you invite the user to that Organization, create a Collection for shared credentials, and invite the user to that as well. This is useful for setting up family-shared accounts or tools used in the workplace while still retaining full control over who has access.

2 Self-hosting

Don't trust the cloud? Host your own password vault at home