Does anyone use this feature? I think it’s a critical component of a password manager, but the Bitwarden implementation seems very clunky. Curious whether this is generally used?

Full disclosure - we are an MSP looking to roll out to our client base and it seems like the way the generator is implemented would make it unlikely that users would use this - so I thought I would with the community whether you routinely use the password generator feature.

I've looked at XKCD's correcthorse comic which discusses entropy. Even further I really like these two videos (1 and 2) that Computerphile made about strong passwords and how passwords are cracked. Even still I don't think I know enough about the two options to definitively say which is the superior option.

On one hand I love the introduction of special characters as well as the protection against dictionary attacks, on the other it's so many more characters which adds to the complexity by probably billions in orders of magnitude from a brute force angle.

I have heard that we should never generate passwords online as the websites may save the password we generated. In that regard, is the Bitwarden password generator present in their app a 100% safe? Is their any way through which the password we generated in Bitwarden may be leaked? Also how does their password generator actually work and how does it ensure that it generates a unique password every single time? What if it is giving users the same or similar string of characters?

I screwed up using the password generator - lightly screwed, now recovered. I generated a new password and used it to change an online password. Then I spent about a minute looking for a button to transfer the new password to the now-changed account; I couldn't find a button, and by that time (one minute) my clipboard cleared. So there I was with a changed password that I didn't know. (Later I found the Password History, which would have saved me a little work.)

I recovered okay, but that leads me to ask, "What is the best way to use the password generator?" Unless there's a better idea, the next time I'll copy it to the notes section, then copy the old password down there, too, then copy the new one to the password box. That way I'll have both in case I forget to save something.

What's a better way to do this?

New guy question. I had a bit of a security scare with this scam. Which after a bit of a panic I realized that back in 2016 Linkedin had a leak, and that's probably where the scammers got my email and password.

The reason it scared me so though is that it was a password that I have used a few times and still am using in some places (ouch yes, not smart) so I decided to get a bit more secure to say the least and have begun the process of changing the password to all the accounts and things I actively use and vaulting them with Bitwarden (heard good things). Now I'm just wondering what do you guys use when generating your passwords. The password generator, or the passphrase generator? Thanks!

TL;DR: What is the more secure option to be using when generating my passwords with Bitwarden, Password or Passphrase?

Follow up question. Whatever method you use, what options do you use when generating (IE: how many words, what separator. Or length of password, special character or not... etc)

I'm migrating from Lastpass.

I've been using it just for storing passwords that I created myself. Most of them are not unique. I do use different and stronger passwords for important accounts though.

I'm thinking if I should use the password generator tool in Bitwarden to create random passwords, but my concern is that I might not be able to log in if (1) I get locked out of Bitwarden, or (2) I need to log in from other devices that don't have Bitwarden.

I have a lot of passwords in my memory (and nowhere else) and I decided to give BW a try. I downloaded both the BW desktop app and BW chrome extension. Now I would like to change all my passwords (as the passwords generated by BW are obviously much safer) and save them to my new BW account. What is the fastest/easiest way to do this?

EDIT: Thanks to everyone for your suggestions. During the past few days, I managed to add 206 entries to my BW vault. It was a very exhausting process and I hope I won't need to do something like this ever again. However, I feel very good now when I don't need to remember all those (almost pairwise unique) passwords!

I don’t use a password manager, but I use the password generator that Bitwarden provides. I don’t understand the point of having a master password if the passwords that are getting leaked are the websites passwords. I worry about the “all eggs in one basket” scenario, that’s why I don’t use a password manager, but I use a password generator that any password manager provides for use, in this case being Bitwarden.

Anyone else do this? Or instead uses another way to manage passwords, such as a password physical book for having track of the online accounts? Does anyone else use any other means of managing online accounts instead of a password manager?

I use a physical password book instead of a password manager.

I'm learning to code and I'm making a password generator app. I want to compare it to Bitwardens now. They are open source correct? So where on Github can I find their sourcecode for the password generator?

Hello.

In your opinion, how many characters should a password have? Also, what do you think the "Minimum number" and "Minimum special" should be set to?

Hello everyone,

As the title said, I am questionning potential security concerns about the password generator : indeed, I've been using Bitwarden for a year I think, and always used this feature.

However, as I've mainly used it in passphrase mode, I'm wondering if the dictionary & the passphrase layouts used by Bitwarden can be used by hackers to easily bruteforce passwords.

1. Is there any limit on how many unique password can be generated ?

2. If i go to (https://bitwarden.com/password-generator/) without logging into account, is there any possibility that it will generate the same password twice ?

N.B. : Didn't face any issue with it. This question just popped up in my head.

Newbie here, have been in the background just seeing posts here and there. Not really replying but I think I am ready to start using bitwarden BUT I’m not sure if I trust it enough to input my information for financial stuff, 401k login, bank etc.

Is anyone using this for that? I get if you don’t want to answer (I get it OPSEC)..but also when do you know if and when to trust it?

Other programs which have had breaches just makes me so hesitant

That seems like a real pain. I have a password format where 8 characters are different for every web site I'm on. That way I can always figure out my password when I need to. I'm going to use Bitwarden (using LastPass now) to store them just in case i screw something up which has happened. And honestly, when I'm on my phone its easier to cut and paste from an app then to enter a 12 character phrase every time. The random password generation scares me to death. If Bitwarden ever got hacked and shut down, you'd be locked out of everything.