The 2 most important apps you all should be using

And those are: an Authenticator app which means you’re using Multi Factor Authentication to log into accounts AND a decent Password Manager to remember and safely store all these accounts you’ve got. You simply can’t go onto the web safely anymore these days without any of these. In this blog I’ll discuss Microsofts Authenticator app and the Bitwarden Password Manager.

If you don’t know yet what Multi Factor Authentication actually is or does and WHY you SHOULD definitely enable it everywhere: I’ve written an extensive blog about that some years ago, which also discusses the Password Manager and why you should use that. In this blog I will give you just a new Password Manager endorsement and a quick how to get started with both.

Microsoft Authenticator

I you haven’t setup Two Factor (or Multi Factor, in short: 2FA or MFA) Authentication on your online accounts yet, then NOW would be the right time to do so!  But before you do, you’ll need this app, so read on below.

But first this: Think you aren’t a target? Think again… Here’s the sign-in activity log from my personal Microsoft account:

I can assure you that I am based in the Netherlands and that the last successful entry on top was actually the only one from myself…

Well, why do I recommend Microsofts Authenticator app? Simply because it is well known, works with any type of account (so you can also use it for your Instagram, Facebook, Tiktok, Gmail, etc. which you should!) ánd because the alternatives are Google and a bunch of small unknowns (always verify publisher in your app stores btw!), and it’s only about your security, eh? Anyway, let’s go:

Get it here:

Microsoft Authenticator
Microsoft Authenticator

And here:

After you’ve installed the app and opened it, I recommend you skip all the wizards about adding an account until the app settles down on the home screen (so we make sure to add accounts in the right place). Now simply tap the + symbol in the top right corner and pick your type of account from the three choices: Microsoft Personal account, Microsoft Work&School account and at the bottom -basically- everything else. Tap your choice and the barcode scanner will open to scan the QR code that appears in the MFA setup screen on your PC (See the service’s settings you want to add, on where (Security tab usually) and how to setup Multi Factor Authentication).
On your phone the account will immediately be added to the Authenticator and on your PC screen the MFA setup will proceed with sending a test message after which the setup is completed.

Two good to knows:

  1. The Microsoft Authenticator app itself has an option to backup all accounts to Onedrive (so you can recover them after a phone change). This does however only work with a personal Microsft account (MFA accounts that merely display the code in the app are recovered from a backup, others will need to be reauthenticated).
  2. Make sure that said online account also has your phone number, which is your way out if something would happen to your phone (hence your Authenticator).

Bitwarden

In my previous blog (Secure on the web: use MFA and a Password Manager!) I endorsed the Enpass Password Manager, which I still stand by if you don’t mind paying a subscription each year. But there’s a very good Open Source ánd free alternative available in Bitwarden.
Enpass does offer some nicer apps and your own choice of cloud to synch the Vault, but they’re getting expensive, so I started exploring Bitwarden and was pleasantly surprised with its ease of use, but mostly its easy importing of Passwords from other managers ánd from your browsers.

Create account

Bitwarden has its database (where your Vault with passwords resides) in the cloud (a Microsoft Azure Stack to be precise), which means the first thing we have to do is create an(other) online account. You do this at Bitwarden Web vault right here and choose “Create new account“.

Note: I have linked the EU server here so my EU readers will be covered by EU GDPR. Choose what’s appropriate for you under ‘server’:

Make sure you’ve created a strong (loooong) Master Password/Passphrase you can remember easily too (cause behind this one will only be all your other passwords ) and that you’ve payed attention to filling out the other information.

Add your passwords

That’s it: you are now logged into Bitwarden Web. You can easily continue right here, or you can choose to download the dedicated apps for your platform here and continue there after you’ve logged the app in.
Either way; you’ll have to start filling it with your passwords now. You can do that by hand of course by creating new cards with the New button (a biiig button with a + icon, at the bottom), but most of you already do have at least one source of stored passwords: your browser most likely. And this is where Bitwarden shines: it has import format templates for almost any other source (any browser and dozens of other Password Managers).

Import password data

First you’ll need an export of your source. Please refer to the documentation of your source on how to export the stored passwords. In the Microsoft Edge browser this would looks something likes this:

Make sure you export as a .CSV file, which is basically some sort of excel, so not password protected anymore! SO, make sure to destroy the file after you’ve imported it not Bitwarden!

If you already use another password manager and want to migrate to Bitwarden, there’s tons of guides here on the Bitwarden support site to your PWM. Main thing is that you need that .CSV export of the data.

Now the next step is importing that file into Bitwarden, so open Bitwarden by entering your master password for it en go to: \File \Import data. In the next screen that pops up you’ll point the importer to where your file is located and then you set the most important part: the data format of your import. Make sure to choose the right template, so the import will be able to match correct data to the right fields.

Now click”on “Import data, and after that you should have something like this:

Start using Bitwarden

One of the main advantages of using a Password Manager (after being a securely encrypted password vault) is usually their ability to synch the wallets to different devices. Like your phone for instance: the one thing you’ve always got with you…com’on admit it

So don’t forget to get the mobile app on your phone so you’ll never be without your passwords. Here’s the app store links for Android and Apple. A link to all possible desktop variants was already mentioned above.

Bitwarden Password Manager
Bitwarden Password Manager
‎Bitwarden Password Manager
‎Bitwarden Password Manager

And stay safe on the web people!

 

….PS: Bitwarden offers an Authenticator app too…