Everyday Usage

Methods and Concepts for how I use this tool.

Vault Items

There are four different types of items that can be created in Bitwarden. These are Login, Card, Identity and Secure Note. They are somewhat self explanatory but I will cover them: Login is for a login (website); Card is for a credit card or debit card; Identity is for an identity, this may be good to use for kids or identities such as business entities; and Secure note is very plain in the sense that it has a name and a box for a note. Below are the four different types of items that can be added, note the different available text boxes for each type of element.

Adding a new Element (4 different kinds):

image-1624924395873.png

Adding a new Login:

image-1624924176480.png

Adding a new Card:

image-1624924568447.png

Adding a new Identity:

image-1624924498722.png

Adding a new Secure Note:

image-1624924534511.png

Editing an Item: the one thing to note when editing the item is to ensure you save it after you are done making changes. It is easy to get burned by clicking the X on the top right and then having to reset a password again.

image-1624924217445.png

 

 

 

 

Folders and Search

Folders are the essence of organization. They allow you to logically group items for organization. They are a great way to make vault items removed. See Bitwarden's Documentation on folders here for more.

Adding a folder (relatively easy):

image-1629762983441.png

image-1629762955232.png

 

Organizations and Collections

Organizations:

Bitwarden Organizations add a layer of collaboration and sharing to password management for your family, team, or enterprise, allowing you to securely share common information like office wifi passwords, online credentials, or shared company credit cards. Secure sharing of Organization-owned credentials is safe and easy. For more information on organizations checkout the upstream documentation.

Viewing organizations can be found on the right hand of the page.

image-1629763450830.png

Within the Organization View:

image-1629763424353.png

Something to note is that all organization passwords in your view will show up with a "shared" Icon:

image-1629763848909.png

Collections:

Collections are Similar to Folders in that they provide a way to logically group items for your organization. For more information on Collections, check out the upstream documentation.

Think of Collections as Organization-equivalents to the Folders used to organize a Personal Vault, with a few key differences:

- Organizations control access to Organization-owned items by assigning users or Groups to Collections.

- Organization-owned items must be included in at least one Collection.

Note in Compositional Enterprises Instances, the "Move to organization" button will show as "Share" as seen below:

image-1629764372189.png

image-1629764327603.png

Send

Bitwarden Send is a secure and ephemeral way to transmit sensitive information to anyone. Sends can include plaintext or file attachments up to 500 MB (100 MB if creating from Mobile). Every Send is assigned a randomly generated and secure link, which can be shared with anyone (including those who do not have Bitwarden accounts) via text, email, or whatever communication channel you prefer. Every Send is: End-to-End Encrypted, Dynamically Ephemeral, Customizably Private. Send documentation can be found here.

image-1629764936973.png

Below is an example of creating a send:

image-1629764716976.png

image-1629764741543.png

image-1629764794465.png

Tools

In the Bitwarden Tools section, features such as how your password gets generated, importing data, exporting your vault, and pulling reports are available for customizing your instance.

Password Manager

Password Generator does exactly as it says, it generates a password. It provides the ability to set length, minimum numbers and minimum special. It also provides the ability to generate passphrases with the options to set the number of words, setting a word separator, capitalizing the words, and the ability to add a number.

If you look closely, the clock on the bottom right of the page provides a password history of the most recently generated passwords from the password generator.

image-1627430586667.png

Adding an item from the plugin also provides the ability to generate a new password when signing up using the refresh button on the password field (right most button/link in the password field):

image-1627430702871.png

 

Import Data

An undervalued tool, only likely to be used one time, the Import Data functionality allows you to import from a host of providers including: Bitwarden (Json, csv), Last Pass, Chrome, Firefox, KeePass 2, 1Password, Dashlane and many others.

image-1627431045687.png

 

Export Vault

What goes in may need to come out. Exporting a Bitwarden vault is as easy as setting the File Format, inputting your Master Password, and Exporting your Vault. This can be helpful for migrating to a new instance of bitwarden. Note at Compositional Enterprises we take care of your data and upgrades. These can be held for offsite backups if needed or migrating to a different provider.

image-1627431178868.png

 

 

Reports

Reports are helpful for changing up passwords, cycling passwords, and updating anything that may be stale or exposed. Reports can be found under the Tools section of Bitwarden. For information on the reports available, see Bitwarden Password Reports.

image-1627431392453.png

A quick note on the Exposed Passwords Report from Upstream Documentation:

This report uses a trusted web service to search the first 5 digits of the hash of all your passwords in a database of known leaked passwords. The returned matching list of hashes is then locally compared with the full hash of your passwords. That comparison is only done locally to preserve your k-anonymity.

Why use the first 5 digits of password hashes?

If the report was performed with your actual passwords, it doesn’t matter if they were exposed or not, you would be voluntarily leaking it to the service. This report’s result may not mean your individual account has been compromised, rather that you are using a password that has been found in these databases of exposed passwords, however you should avoid using leaked and non-unique passwords.