10 Hacks Every Bitwarden User Should Know

We may earn a commission from links on this page.

Credit: René Ramos/Lifehacker/Adobe Stock

Table of Contents

The built-in password managers from Google and Apple are quite good these days. But if you're switching between multiple devices and OSes, a dedicated cross-platform password manager like Bitwarden can really help. It's open-source, encrypted by default, and most of its features are free on all platforms. And you can even use it to sync passkeys and two-factor authentication codes between all your platforms. But just using the Bitwarden apps to store passwords and autofill them won't get you very far. Because you're dealing with extremely sensitive passwords and secure notes, you should take some extra steps to secure your data, and make the password management process a bit easier (without compromising your security).

Use a secondary authentication measure to protect your Bitwarden account

Your Bitwarden account is valuable, and protecting it should be your priority. While you should set a long, yet memory-friendly master password, it's best to add a second layer of security as well. Bitwarden supports multiple two-factor authentication methods for your vault. Go to Settings > Security > Two-step login to get started. While you can set a simple email authentication, it's better to use something more complex. If you want to use a software-based method, set up two-factor authentication with a separate authenticator app (like Google Authenticator). For the most secure protection, use a hardware key like YubiKey—if you have Bitwarden Premium anyway. While 2FA via an authenticator app is very secure, a hardware key ensures that only someone with physical access to the key can access your Bitwarden vault.

Use the Bitwarden button rather than autofill to boost your security

Autofill is incredibly convenient. When you have the Bitwarden extension or app installed, it will prompt you to fill passwords with just a tap. In fact, Bitwarden also offers a feature called "Autofill on page load" that will fill in your password details without even waiting for you. It's convenient, but a security risk, since anyone with access to your device could log into your accounts right away. Thankfully, this is not enabled by default. In case it happens to be enabled, you can turn it off by going to Settings > Autofill.

To beef up your account's security, disable autofill altogether by going to Settings > Autofill > Show autofill suggestions on form fields. Instead, you should use the Bitwarden button in the extension bar. When you open the Bitwarden vault using the extension, it will first show you the available autofill options for the current websites, which you can click to autofill manually. This is a more secure route because, as you'll see below, it's possible to lock the Bitwarden vault using a PIN or biometrics—balancing the convenience of autofill with some added security.

Shorten the timeout window for the Bitwarden extension on browsers to prevent snooping

Again, for convenience's sake, Bitwarden won't lock you out until you restart your browser or your PC, which can be on for weeks on end. However, there's an option that forces you to unlock your vault after a couple of minutes of inactivity (or with each use). Go to Settings > Account Security, and from the Session Timeout section, click the Timeout dropdown. Here, you can use the Immediately option to lock yourself out after each use, or 1 minute to give yourself a bit of breathing room. From the Timeout Action dropdown, you can choose between Lock and Logout. If you choose the Logout feature, you'll have to log in again with your master password. Lock is the better option for most, as it lets you unlock your vault with some easier (but safe) options.

Use biometrics to unlock your vault on trusted devices

Bitwarden's desktop and mobile apps support biometric authentication so you can unlock using Face ID or Touch ID on Apple devices, or via fingerprint authentication on Android and Windows. To set it up, open the Bitwarden app and go to Settings > Security. Then, enable this feature in the browser extension if you use it. Go to Settings > Account Security, and from the Unlock Options section, enable the "Unlock with Biometrics" feature to enable biometric scanning. If you want to go old school, you can also use "Unlock with Pin" to open the vault using a unique pin.

Make Bitwarden the default for autofilling passwords and passkeys on iOS and Android

Passkeys combine the convenience of passwords with the security of 2FA. These are cryptographically generated keys that are stored securely on your device or a passkey service. Authentication happens using your on-device biometrics, such as Face ID, Touch ID, or the fingerprint scanner. Traditionally, each device requires its own passkey and verification. But now, you can add a passkey to a service like Apple Passwords or Bitwarden, and the same key can be used across all your supported devices.

The next time you create a new account, use the Passkey option for authentication. As long as you're signed in to Bitwarden on your computer (with the app), you'll get an option to save passkeys to your vault. And Bitwarden supports native autofill for both iOS and Android. On iPhone, go to Settings > General > AutoFill and Passwords and make sure AutoFill Passwords and Passkeys is enabled. Then, enable the Bitwarden app and disable other autofill apps for a smoother experience. On Android, go to Settings > Autofill > Autofill services > Bitwarden.

Use Bitwarden for two-factor authentication codes and ditch your Authenticator app

If you use Bitwarden for password management, but something else for 2FA codes, you know it can be frustrating to log in to sites. Instead of two systems, you can add 2FA codes to the Bitwarden extension. This way, Bitwarden can generate and fill one-time passwords no matter where you are. This works in browsers and on desktops too. The setup for 2FA in Bitwarden is the same as any authentication service: scan the QR code or use the link to add the account to your Bitwarden vault. (The company has a detailed guide on it as well.)

Of course, by having everything in one system, you are compromising on security a bit. If someone has access to your Bitwarden vault, they now have access to your 2FA codes too. If you want to avoid putting all your eggs in one basket, you can also use Bitwarden's standalone Authenticator app, which doesn't actually require a login. It works similarly to Google Authenticator, is mobile-only, and won't be associated with your vault.

Sharing passwords in plaintext is downright risky. But sometimes, you need to share an account password with a friend or colleague who's working remotely. In this case, Bitwarden's Send feature can come in handy. You can share anything in plain text or upload a file (though this requires Bitwarden Premium). Go to the Send tab in the Bitwarden app or extension and click the New Send button to get started. Here, you can give the transfer a name and include additional details if you want. You can choose when to auto-delete the link and set up a password for it for extra security.

In case there's an emergency, and you can't access your own vault with all your secure notes, you can designate a trusted contact to do so on your behalf. Bitwarden's Emergency Access feature is highly customizable, and you can choose the level of access based on your personal needs. You can authorize trusted contacts to only view your data, or let them take over your entire account. To get started, head to Bitwarden's website, then go to Settings > Emergency Access.

Use autofill keyboard shortcuts to save time

Don't sleep on Bitwarden's keyboard shortcuts. By default, simply using Command/Control + Shift + L will open Bitwarden and will autofill the last used password for the website you're on. If you have 2FA enabled, Bitwarden will also copy the two-factor code to your clipboard. All you have to do is press Control/Command + V to paste it in the text box. Press Enter, and you're logged in. If you go to the Extensions Shortcuts page in Chrome, you can also assign dedicated shortcuts for locking the vault, generating a new random password, and opening the Bitwarden extension.

Force master password reprompt when accessing secure notes and bank account passwords for added security

It's great that you've enabled a PIN lock and Face ID scan. But for extremely sensitive features, like accessing secure notes and entering bank account passwords, you might want to go one step further. Bitwarden has a feature that forces you to enter your master password again to access your secure data. Even if someone gets access to your Bitwarden account when your device is unlocked, they still won't be able to access the truly important data. To set this up, go to any item (secure note or login), click Edit, scroll down, and enable Master password re-prompt.