Menu

Reviewing My Password Manager Database To Make Me More Secure

I did a review of my password manager entries to see if there were any issues. As a result, I’ve been able to make myself more secure.

I use Bitwarden as my password manager, and I realised the other day that I hadn’t done a review of my password entries for quite some time. Over time I end up using the occasional duplicate password – usually when I quickly sign up for an account and later add it to Bitwarden.

Data breaches are also announced regularly, so it’s good to check if my accounts have been involved in any breaches. If they have, I will then change those passwords to something secure.

Assessing My Accounts

The first thing I did was to assess my accounts. Lucky for me, Bitwarden has some really useful tools to do this. These include:

  • Reused password report.
  • Exposed password report.
  • Weak password report.

Reused Passwords

First thing to check was if I had any duplicate passwords in my password manager.

Bitwarded reused passwords report

Crap!

Exposed Passwords

Next I had a look at any exposed passwords, I believe Bitwarden uses the Have I Been Pwned breach API for this.

I have more than one email address that I use for accounts, so I checked them all. Lucky for me, they all came back clean except 1 email address. This didn’t really shock me as it’s an email I’ve used for years across a lot of accounts.

Double crap!

Weak Passwords

Finally, it’s time to run the weak passwords report to see how things are looking there. I wasn’t expecting there to be any weak passwords within my password manager as I use good practices for generating my passwords.

Lucky for me, I was right:

Bitwarden weak passwords report.

Fixing The Issues

Now I have an idea of what the issues are with my accounts, it’s time to fix them.

Remove Unused Items

There was over 150 items in my password database, some of which I was sure were not being used. So the first thing I did was to review every item in Bitwarden to see if I still needed it.

If I didn’t, I headed to the website, deleted my account, then deleted the item from Bitwarden.

By doing this audit of all my accounts, I was able to delete around 30 accounts from my database, reducing my risk footprint significantly.

Reset Duplicate Passwords

Next it was time to review any remaining duplicated passwords. There were still a few, so I hopped onto those accounts and reset the passwords to something secure.

Bitwarden no reused passwords

That’s the thing with password managers; because you never actually know what your passwords are, it’s easy for duplicate or insecure passwords to remain in your database for long periods.

Conclusion

After a couple of hours work, I was able to remove a number of duplicated passwords from my password manager ensuring my account are more secure.

I’ve also been able reduce the amount of accounts I have lying around the Internet, which is always a good thing.

Overall, I’m very happy with what I have been able to accomplish. Having a password manager continues to prove its worth time and again.

This post is day 20 of my #100DaysToOffload challenge. Visit https://100daystooffload.com to get more info, or to get involved.

Subscribe for more!

You will receive monthly emails with updates and previews of upcoming posts. To find out more, click here.

Please enter a valid email address.
That email address is already subscribed.
The security code entered was incorrect
Thanks for signing up!

«

»


Comments

Please read my commenting guidelines before posting a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *