🛡️ 10 Smart Ways to Protect Yourself Online

Plus: How Biometrics, Password Managers & Privacy Tools Can Make You Safer Introduction In today’s digital world, online safety is no longer optional—it’s essential. From banking to shopping, chatting with loved ones to managing your health, we’re constantly sharing personal data online. But are we doing enough to protect it? This guide will not only give you practical online safety tips, but…

ŞİFRE DEĞİL, SİSTEM KUR: PAROLALARINI KAFADA TAŞIMA

2025’e geldik, hâlâ “123456” mi? Hâlâ doğum tarihini şifre yapıp sonra “Benim niye Facebook’um çalındı?” diye dert yananları mı konuşacağız? 🎯 Dijital Hayat = Şifre Labirenti Gmail, Instagram, Netflix, e-Devlet, bankalar, Steam, bir ara açtığın forum hesabı, 4 yıl önceki bir online market üyeliği… Hepsi birer anahtar istiyor.Ama sen ne yapıyorsun?Hepsine aynı anahtarı veriyorsun. Evine 20 kapı…

Lazywarden - Automatic Bitwarden Backup

Secure, Automated, and Multi-Cloud Bitwarden Backup and Import System Lazywarden is a Python automation tool designed to Backup and Restore data from your vault, including Bitwarden attachments. It allows you to upload backups to multiple cloud storage services and receive notifications across multiple platforms. It also offers AES encrypted backups and uses key derivation with Argon2, ensuring…

Some Boring IT 💻Stuff

It feels like my account got hacked. I shall be taking the necessary steps of precaution. And here I was, thinking 🤔 that the e-mail 📧 message was just a part of an annoying routine. 🙄

Please use free and open source password 🔑 managers like Bitwarden (with EU servers, not US ones, and the choice is clearly given — no thank you, US Cloud Act, EU's GDPR is much more protective), or better still, Proton Pass from Switzerland 🇨🇭 created by (ex?) CERN employees. The one advantage that Bitwarden has is in its easy to use complicated password 🔑 generator.

No longer do I use either Apple's or Google's password managers. It's an entrapment.

Text by Razz © Raziël Rufus 2025

Bitwarden vs Proton Pass: Une comparaison détaillée des gestionnaires de mots de passe open source

Si vous recherchez un gestionnaire de mots de passe open source, deux noms figureront sans aucun doute en tête de votre liste : Bitwarden et Proton Pass. Les deux sont bien notés et proposent des plans d’abonnement abordables et d’excellentes versions gratuites. Le seul défi est la difficulté de choisir quel est le meilleur gestionnaire de mots de passe. J’ai récemment examiné Proton Pass Plus et…

فوائد استخدام Bitwarden التي استفدتُ منها لتخزين كلمات السر بأمان

إدارة كلمات السر بشكل آمن هي واحدة من أهم المُمارسات للحفاظ على بياناتك الشخصية وحساباتك على الإنترنت. استخدام كلمة سر قوية ومُختلفة لكل حساب قد يكون صعبًا، خاصةً مع تزايد عدد مواقع الويب والتطبيقات التي نتعامل معها يوميًا. لسنوات عديدة، كنت مُستخدمًا سعيدًا لتطبيق LastPass، حيث كنت أحافظ على كلمات السر الخاصة بي آمنة عبر العديد من المواقع الإلكترونية دون إعادة استخدامها. وعندما أجبرتني الظروف على البحث عن بديل، اخترت Bitwarden. يُعتبر Bitwarden مدير كلمات سر مفتوح المصدر يُقدم حلاً آمنًا ومُريحًا لتخزين وإدارة كلمات السر المُتعددة. بفضل ميزاته المُتقدمة مثل التشفير القوي وسهولة الوص��ل عبر الأجهزة المُختلفة، يُوفر Bitwarden طريقة آمنة لتنظيم معلومات تسجيل الدخول الخاصة بك. تحقق من هل يجب أن تختار Bitwarden أم 1Password كمُدير كلمات السر: أيهما أفضل؟ <a rel="dofollow" href="https://www.dztechy.com/reasons-why-use-bitwarden-password-manager/" data-sce-target="_blank">فوائد استخدام Bitwarden التي استفدتُ منها لتخزين كلمات السر بأمان</a> Read the full article

Another good password manager is KeePassXC

It is also open-source, but it's 100% free for all features, including TOTP (those one-time codes you need for 2FA). Also consider: Bitwarden stores all your passwords on their cloud servers, and while that's plenty safe, it also means that if you don't have internet access, you don't have your passwords! (Or even if you have internet, but Bitwarden has server maintenance problems? Good luck.) With KeePassXC, you data is offline, as secure and hidden as you want it to be, and it's still pretty easy to sync it between your devices if you want to.

I've seen you say a few times that it's a good idea to have a password manager; could you explain why? I always feel like I'm missing something when it's mentioned because it's phrased as if there's an obvious danger that password managers protect you from, but I'm honestly not sure how they help keep passwords secure.

The obvious danger is human nature. Humans are bad at creating passwords; your passwords are almost certainly easy to guess, repeated across different accounts, or both, because that is just how the vast VAST majority of people create passwords, because humans are bad at creating passwords. Everybody knows "the rules" for creating passwords (don't use the same password on multiple websites, don't include personal details in your passwords, don't use very common words or letter or number sequences in your passwords, don't tell other people your password) and people break all of those rules anyway.

A standalone (not in-browser like firefox or chrome password manager, though those are better than nothing) password manager stores your passwords, generates complex passwords for you, and can also be used for things like storing notes on passwords (like "did I put my MFA on my email or my cellphone or an app for this password?" or "here are the made-up answers to the security questions I used for this website because I definitely didn't use real answers or answers I'd used on previous websites" or "these are the bills associated with this credit card").

With the way the current security landscape works, there are two things that are extremely important when you are creating a password:

Uniqueness

Complexity

The overwhelmingly prevalent way that people get "hacked" these days is through credential stuffing.

Let's say that your private data was revealed in the Experian breach a decade ago. It revealed your name, email address, and phone number. Now let's also say that your private data was revealed in one of the many breaches from social media sites; that one revealed your name, email address, phone number, password, and security questions.

If someone wants to try to gain access to one of your accounts - let's say your bank account - if they have your name and phone number (usually extremely easy to find online), they can cross-reference that information with data that has been revealed in previous breaches - now they've got your name and your email address (which you probably used to sign up for your online banking and have ABSOLUTELY used as your login for accounts all over the place) and at least one password that you've used somewhere.

But the thing is, they don't have one password. They have every password associated with that email address that has ever been revealed in a breach. If you go to the site haveibeenpwned.com you can enter your email and see how many times your email address has appeared in a breach. You can compare that with the number of passwords that were revealed in those breaches and you can ask yourself "what did those passwords have in common?"

Because I can tell you, my Tumblr password from 2013, my Kickstarter password from 2014, and my Disqus password from 2017 (all revealed in various breaches) probably had a lot in common.

So, now the hacker has: your name, your email (which is probably your username), and various passwords they can try to use to log in. Did you use the same password for Facebook and Twitter eight years ago? Did you use parts of that password for creating your bank password? If you heard that twitter passwords were exposed in a breach you probably changed that password, but did you change the bank password that you built on the same structure? Probably not.

So what people will do is gather up all of this information and guess. They'll try your 2017 Disqus password to see if it will get access to your bank account. They'll try your 2020 Gravatar password. They'll try your 2024 Internet Archive Password.

And the reason they do this is because it works.

And the reason that it works is because we are all fucking garbage at remembering unique, complex passwords so instead of creating actually unique, complex passwords most people pick one memorable word or phrase, one memorable number, one unusual character, and *MAYBE* one feature of the site they're creating the login for and they use that template forever (1988Tumblrmacabre!, 1988Facebookmacabre!, 1988Ticketmastermacabre!) OR they create one password that they think is complex enough and use it across multiple sites with minor tweaks ($n0h0mi$hRu13z, sn0h0mishRul13z!, $n0h0mi$hWA) as needed for the sites' password requirements.

So most of what password managers do that is a drastic security improvement over people creating and memorizing passwords is that they create passwords that are functionally impossible to guess and functionally impossible to memorize. The problem with memorizing passwords (which is what you're doing if you're creating a bunch of passwords that you type in all the time) is that you can't actually remember all that many passwords so you'll repeat those passwords. The problem with creating passwords on your own is that passwords that humans create are pretty guessable. Even if you're doing a passphrase that's a long string of words you're probably working with common words ("correct horse battery staple" as opposed to "truculent zygote onomatopoeia frangible") and your password is more guessable than you'd really want it to be. Password managers don't do that, they generate gibberish.

Perhaps you are that rare person who gets out a set of dice and a notepad and rolls up every character for your password and memorizes it and never repeats, and if that's you, you could still benefit from a password manager because a password manager makes it easier to change that unique complex password when it is inevitably revealed in a breach.

So, okay, let's check in with where we're at:

Password managers mean that you don't have to memorize your password, which means that you don't need a password that is easy to memorize, which means that they can create passwords that are extremely complex and are therefore very difficult to guess. This protects you from crackers who will try to brute force your password.

Password managers mean that you don't have to remember extremely complex passwords for every account, which means that you are less likely to repeat your password in whole or in part across multiple accounts. This protects you from credential stuffers, who will try to use your password from one account that was revealed in a breach to open other accounts that were not.

Because password managers can generate and store complex passwords essentially instantly, you can replace passwords nearly effortlessly when there is a breach (no need to 'come up with' a new password, no issues with learning or memorizing it).

There are, however, advantages beyond that.

One major, MAJOR advantage of a properly-used standalone password manager is that it makes you safer from various kinds of phishing attempts and link hijacking. When you are setting up a password in your password manager (PWM from here on), you should be on the website that you want to log in to. The PWM will give you the option to save the domain that you're logging in to. That means the PWM will remember the correct URL for your Tumblr login so when you go to the tumblr login screen in the future, it will offer to fill those fields. What it will NOT do is offer to fill those fields if someone sends you an email that spoofs tumblr support and wants you to log in at "tumblr.co" or "tumblr-support.com." Knowing this, and knowing that you should be putting your credentials in through the PWM fill option rather than copy/paste, is a GREAT way to protect against phishing that is often overlooked and definitely under-discussed.

Another advantage is that a standalone PWM will let you store secure notes with your passwords so that you can do things like keep track of recovery codes for the website, or generate gibberish answers to security questions. Security questions and answers are often revealed in breaches, can't be reset by the user as easily as a password, are repeated across websites MUCH more than passwords, and can be used to take over an account and reset the password. You shouldn't be giving real security answers, or even fake-but-repeated security answers; you should treat each of those like a password that needs to be complex and unique, which means that they need to be stored someplace (like a password manager).

I also personally use my password manager to store my car insurance information, my driver's license info, and payment details for easy entry, making it convenient for a lot of thing beyond password storage. (Bitwarden. My password manager is bitwarden. I recommend Bitwarden. go to ms-demeanor.com and search "bitwarden" to learn more.)

As to how they keep your passwords safe, aside from ensuring that you don't enter your credentials into a skimming site, a good password manager is well encrypted. Your password safe should be functionally impossible to crack and what people tend to not realize is that a proper password manager (like bitwarden) doesn't keep all your passwords in one encrypted safe, each one of your passwords is in its own encrypted safe. If someone hacks Bitwarden it's not like using a huge amount of effort breaking into a bank vault and finding a big pile of money, it's like using a huge amount of effort breaking into a bank vault and finding a big pile of bank vaults. Each password within your vault requires decryption that is functionally impossible to crack (at least with a good password manager, like bitwarden, the password manager I recommend and think that people should use).

Additionally, just as, like, a side note: password managers never accidentally leave caps lock on or forget which characters are capital or lower case and don't require the use of two hands and focused attention on the keyboard. You're never going to mistype your password if the password manager is filling it, and you would not believe the number of people we support at work who require password resets because they are typing their password wrong and don't realize it.

TL;DR:

Password managers make better passwords than you can and they make it possible to instantly create, store, and enter complex passwords, which prevents password cracking and makes people less likely to reuse passwords. They are heavily encrypted and should be functionally impossible to access, and each individual password within the manager should also be encrypted if you use a good password manager. Password managers also prevent people from entering their credentials on scam sites by only filling on matched domains. Standalone password managers (not browser password managers) also allow users to create and store unique security questions and account details to prevent bad actors from gaining access with stolen security answers. The password manager I recommend is Bitwarden.

If people used password managers to create, store, and use unique and complex passwords, and if they did regular backups of their system I think that probably about half of the InfoSec field would be out of a job.

Please use a password manager!

Google lance le partage de mots de passe dans les groupes familiaux via Google Password Manager

Google a récemment introduit une nouvelle fonctionnalité de partage de mots de passe au sein de son application Google Password Manager. Cette fonctionnalité permet aux utilisateurs de partager de façon sécurisée leurs mots de passe enregistrés avec les membres de leur groupe familial Google. Annoncée en février 2024, cette fonctionnalité est actuellement disponible sur les smartphones Android.

Google lance le partage de mots de passe dans les groupes familiaux via Google Password Manager - LaRevueGeek.com

Kyle Spearrin had never developed a mobile app or browser extension when he started building Bitwarden as a fun side project in 2015.

Nearly nine years later, Spearrin’s humble attempt at a free, open-source password manager has become one of the most popular ways to keep online accounts secure. Wirecutter, PCWorld, PCMag, and others say it’s the best free password manager, and CNet even calls it the best password manager overall. Bitwarden says it now has 8.5 million users, and it uses that audience to grow its enterprise subscription business. Bitwarden’s business side has tens of thousands of customers and helped fuel nearly 100% revenue growth last year, and the company now has roughly 200 employees.

“We really value that everyone should have access to a full-featured password management tool,” Spearrin says.

Very humble beginnings, and of course we’ve seen why tech giants like Apple, Google, etc embraced passkeys with such enthusiasm, as this would lock users into their ecosystem. Try using your Apple passkeys when migrating to say Android, or vice versa.

“If you are locked in with one vendor, you have a risk of being locked out of your account,” Magdanurov says. “Something can happen. Somebody can hack your account. Or their automated tools that block your account for violations can be triggered for some reason.”

So, whilst it is true many tech giants have been improving their offerings around password management, Bitwarden is managing to stay a step or two ahead of them with newer innovative features (some I did not even know about). And of course, one can self-host Bitwarden too.

A lot can also be learnt from buy-outs like LastPass went through. The ownership does dictate the philosophy, or changes to it.

Although I’m eyeing out Proton Pass’ rapid developments (I’m a paying Proton user) I’m still a paid tier user of Bitwarden as right now they’re doing their things right, and what I really like is that their paid tier is not expensive at all. I just feel that I am supporting what they do.

See https://www.fastcompany.com/91117788/how-bitwarden-is-fending-off-tech-giants

Güvenlik Her Şeyin Önünde.. En İyi Şifre Yöneticisi Programları

En iyi şifre yöneticileri: LastPass, Dashlane, 1Password, Bitwarden'in derinlemesine karşılaştırması.

Günümüz dijital dünyasında, güçlü ve benzersiz şifreler kullanmak hayati önem taşımaktadır. Şifre yöneticisi programları, bu ihtiyacı karşılamak için tasarlanmıştır. Aynı zamanda şifrelerinizin word, excel veya not defteri gibi uygulamalarda tutulması bilgisayarınıza bulaşabilecek basit bir virüs ile çalınmasına yol açacaktır. Bu makalede, kullanım kolaylığı, güvenlik özellikleri ve maliyet gibi…

View On WordPress

A Password Manager refers to a software application or service that helps individuals and organizations securely store, organize, and generate passwords for multiple online accounts and services. 

Weekly output: Bitwarden passkey support, 6G skittishness, kids vs. unwanted messages

SESIMBRA, Portugal–Web Summit starts in Lisbon Monday evening, but I elected to fly out Friday night so I could be less woozy from jet lag during the event. With conference organizers paying for my airfare but only covering lodging from Monday on, I jumped on a cheap off-season rate at a Marriott property here, a lengthy commute from Lisbon, to enjoy some low-key seaside scenery. If you come to…

View On WordPress

https://bit.ly/3Ea1zF8 - 🔒 Bitwarden has introduced 'Secrets Manager,' an end-to-end encrypted secrets manager designed for IT professionals, software developers, and the DevOps industry. It aims to offer a secure alternative to sharing critical data like API keys and certificates, rather than the risky practice of hard-coding or emailing these secrets. #Bitwarden #Encryption #Security 🚨 The release comes in response to widespread problems with exposed credentials. Last year, over 1,800 iOS apps were found to contain hard-coded AWS credentials. Even GitHub has taken measures to alert repository owners about exposed secrets. Bitwarden's new tool addresses this pervasive issue. #Cybersecurity #DataBreach 👩‍💻 The Secrets Manager, following Bitwarden's open-source approach, allows users to easily retrieve, share, and deploy secrets across teams, with support for granular permissions. It offers three tiers, including a free version. The 'Teams' and 'Enterprise' tiers provide enhanced features like FIDO2 authentication and more. #OpenSource #DevOps 🔄 Bitwarden Secrets Manager is currently integrated with GitHub Actions, with plans to extend support to Kubernetes, Terraform, and Ansible. More languages will be added to the SDK, and additional options for individual secret assignments are expected in future updates.

It seems like a good time to remind everyone that password managers rock, and having unique passwords attached to every login (and 2FA on your most important accounts) is really really good for your online safety.

هل يجب أن تختار Bitwarden أم 1Password كمُدير كلمات السر: أيهما أفضل؟

يُعد استخدام مدير كلمات السر أمرًا حيويًا للحفاظ على أمان حساباتك. وإلا كيف ستتذكر ثلاثين كلمة سر قوية وفريدة من نوعها لكل خدمة تستخدمها؟ يُعد Bitwarden و 1Password من أ��ضل تطبيقات إدارة كلمات السر تقييمًا، لذلك قمت باختبار كل منهما عمليًا لتحديد أي مدير كلمات سر أفضل وأيهما يجب عليك استخدامه للحفاظ على أمان حساباتك. تحقق من مقارنة بين Bitwarden و LastPass: ما هو أفضل مدير كلمات مرور لك؟ Read the full article