58 LXF260 March 2020 http://www.linuxformat.com
TUTORIALS Password manager
Add login to vault
Log into the Bitwarden browser extension if necessary and
then browse the web in the usual way. When you log into a
website, Bitwarden will pop up a message at the top of the
browser window offering to save the password – click Yes, Save
Now to do so. Click the Bitwarden icon, and after a short pause
you should see an entry appear under logins.
1
Update password
If the password is a weak one, navigate to your profile or
account settings and look for an option to update the password.
Open the Bitwarden add-on and select Generator to create a long
and random password (minimum 14 characters), then click Copy
Password. Right-click inside the new password box and choose
Paste. Update your password.
3
Log in quickly
When you next visit the site, look for a number 1 appearing
on the Bitwarden icon: click this and you should see your login
details appear (the number corresponds to how many entries you
have stored for that site, supporting multiple login profiles). Click
the correct entry and the login boxes should fill automatically,
saving you time and effort.
2
Edit passwords
Bitwarden should offer to update the password
automatically, but if it doesn’t, open the add-on and click the View
button next to the login. Click Edit and then paste your new
password into the Password field. Click Save and it’ll be updated.
Your previous password can be retrieved if necessary by clicking
the number next to Password history after saving.
4
MANAGE ONLINE PASSWORDS WITH BITWARDEN
address, name and supply a strong master password
(see the Quick Tip on the next page). This is the most
important password of all, and if you forget it your
passwords will be lost forever. With this in mind, you
may want to provide a master password hint, which can
be emailed to you if needed.
Once you’ve clicked Submit, your account will be
created and you’ll find yourself at the main vault screen.
If you’re running a self-hosted server and you plan to be
the only user, you can strengthen security by disabling
the registration of new users:
$ docker stop bitwarden
$ docker run -d --name bitwarden \
-e SIGNUPS_ALLOWED=false \
-e INVITATIONS_ALLOWED=false \
-v /bw-data/:/data/ \
-p 4000:80 \
bitwardenrs/server:latest
The browser-based web vault won’t be used much in
day-to-day use, but you will still need to log in to
perform certain functions. One of those is strengthening
security – navigate to Settings > Two-step login’ Start
Make sure server_name points to your subdomain (such
as bw.*) or dynamic hostname, while $upstream_
bitwarden should point to your Bitwarden server’s IP
address. Finally, alter the proxy_pass port number from
80 to 4000. Once done, save the file as bitwarden.
subdomain.conf into the same folder, then restart your
LetsEncrypt container:
$ sudo docker restart letsencrypt
Once it’s up and running again, configure your router
to forward ports 80 and 443 to the reverse proxy’s IP
address. Now open your browser and type in your
chosen subdomain or dynamic hostname, such as
bw.domain.com – no port number required. If
everything is working correctly, you should find that the
connection is automatically redirected to a secure
https:// one – click the padlock and verify that your
browser is happy the connection is secure. Your self-
hosted Bitwarden server is now up and running.
Whether you’ve set up your own server or are going
with Bitwarden’s own cloud servers via, the steps from
here on are virtually identical. Start by clicking Create
Account to set up your account. Enter your email
If you go down
the self-hosted
server route,
make sure you
back up the
/bw-data folder
somewhere safe
and secure. It
won’t be large
- no more than
10MB in most
cases – so it
can be stored
anywhere. If
you do back
it up to cloud
storage, be sure
to encrypt the
backup itself for
an additional
layer of security.
58 LXF260March 2020 5556March 20evl6s2e
TUTORIALS Password manager
Addlogintovault
LogintotheBitwardenbrowserextensionifnecessaryand
thenbrowsethewebintheusualway.Whenyoulogintoa
website,Bitwardenwillpopupamessageatthetopofthe
browserwindowofferingtosavethepassword–clickYes,Save
Nowtodoso.ClicktheBitwardenicon,andafterashortpause
youshouldseeanentryappearunderlogins.
1
Updatepassword
Ifthepasswordisaweakone,navigatetoyourprofileor
accountsettingsandlookforanoptiontoupdatethepassword.
OpentheBitwardenadd-onandselectGeneratortocreatealong
andrandompassword(minimum 14 characters),thenclickCopy
Password.Right-clickinsidethenewpasswordboxandchoose
Paste.Updateyourpassword.
3
Loginquickly
Whenyounextvisitthesite,lookforanumber 1 appearing
ontheBitwardenicon:clickthisandyoushouldseeyourlogin
detailsappear(thenumbercorrespondstohowmanyentriesyou
havestoredforthatsite,supportingmultipleloginprofiles).Click
thecorrectentryandtheloginboxesshouldfillautomatically,
savingyoutimeandeffort.
2
Editpasswords
Bitwardenshouldoffertoupdatethepassword
automatically,butifitdoesn’t,opentheadd-onandclicktheView
buttonnexttothelogin.ClickEditandthenpasteyournew
passwordintothePasswordfield.ClickSaveandit’llbeupdated.
Yourpreviouspasswordcanberetrievedifnecessarybyclicking
thenumbernexttoPasswordhistoryaftersaving.
4
MANAGE ONLINEPASSWORDSWITHBITWARDEN
address, name and supply a strong master password
(see the Quick Tip on the next page). This is the most
important password of all, and if you forget it your
passwords will be lost forever. With this in mind, you
may want to provide a master password hint, which can
be emailed to you if needed.
Once you’ve clicked Submit, your account will be
created and you’ll find yourself at the main vault screen.
If you’re running a self-hosted server and you plan to be
the only user, you can strengthen security by disabling
the registration of new users:
$ docker stop bitwarden
$ docker run -d --name bitwarden \
-e SIGNUPS_ALLOWED=false \
-e INVITATIONS_ALLOWED=false \
-v /bw-data/:/data/ \
-p 4000:80 \
bitwardenrs/server:latest
The browser-based web vault won’t be used much in
day-to-day use, but you will still need to log in to
perform certain functions. One of those is strengthening
security – navigate to Settings > Two-step login’ Start
Make sure server_name points to your subdomain (such
as bw.*) or dynamic hostname, while $upstream_
bitwarden should point to your Bitwarden server’s IP
address. Finally, alter the proxy_pass port number from
80 to 4000. Once done, save the file as bitwarden.
subdomain.conf into the same folder, then restart your
LetsEncrypt container:
$ sudo docker restart letsencrypt
Once it’s up and running again, configure your router
to forward ports 80 and 443 to the reverse proxy’s IP
address. Now open your browser and type in your
chosen subdomain or dynamic hostname, such as
bw.domain.com – no port number required. If
everything is working correctly, you should find that the
connection is automatically redirected to a secure
https:// one – click the padlock and verify that your
browser is happy the connection is secure. Your self-
hosted Bitwarden server is now up and running.
Whether you’ve set up your own server or are going
with Bitwarden’s own cloud servers via, the steps from
here on are virtually identical. Start by clicking Create
Account to set up your account. Enter your email
If yougodown
theself-hosted
serverroute,
makesureyou
backupthe
/bw-datafolder
somewheresafe
andsecure.It
won’tbelarge
- nomorethan
10MBinmost
cases– soit
canbestored
anywhere.If
youdoback
it uptocloud
storage,besure
toencryptthe
backupitselffor
anadditional
layerofsecurity.