Bitwarden has a lot to offer for a free and open-source password manager. It’s an application that delivers the best in core password manager functionality, but not without a few caveats. We’ll take a look at the ups and downs of this password manager in this Bitwarden review.
- Unlike other password managers, Bitwarden publicly displays all of its open-source code online.
- Bitwarden is free, but you can purchase a premium subscription for less than one dollar per month.
- Because Bitwarden is a zero-knowledge password manager, the company doesn’t have access to any of your passwords in an unencrypted format.
- The full Bitwarden application is available on both the desktop app and the browser extension.
Other password managers aspire to go beyond mere password storage and throw in plenty of extra features. Those feature-rich password managers are certainly useful in their own right, but the Bitwarden password manager is focused on the essentials.
It leaves users wanting very little, even in the free version, but you can upgrade your subscription to a premium plan in case you need a few more tools in your toolkit.
Bitwarden is also unique among major password managers for being created with open-source code, which provides plenty of security and accessibility benefits. We’ll evaluate Bitwarden’s features, ease of use, pricing plans and support resources in detail below.
05/20/2022 Facts checked
Rewrote this review with new information about pricing and features.
Bitwarden is famous for being one of the few password managers made with publicly available open-source code, which has been audited by independent security researchers. Bitwarden is a secure password manager with a good track record of protecting its users, but you can also host your own password server if you want to be in charge of your passwords.
So far, Bitwarden has not fallen victim to a cyberattack or security breach.
The LastPass developers limited the features in their app’s free plan as of March 2021, making it far less useful than it used to be. We prefer Bitwarden’s free plan over LastPass.
Yes, Bitwarden is a fully featured password manager with a free version and a premium version. Bitwarden also provides a premium plan for less than one dollar per month.
Bitwarden Review: Alternatives
Bitwarden: Strengths & Weaknesses
- Open-source code
- Browser extension, mobile app & CLI tools
- Two-factor authentication on premium plan
- Lacks advanced features
- Premium plan doesn’t offer much
Bitwarden is a no-nonsense password manager that sticks to the basics. The free version will let you create and store passwords in an encrypted password vault with unlimited storage, secured with AES-256 bit encryption and your master password. Other features include multi-device sync, sharing, self-hosting and a password generator.
Bitwarden Premium throws in a few extra features for the low price of $10 per year, although it’s nothing extraordinary. The Premium plan lets you secure your accounts with more two-factor authentication (2FA) controls than the free version and throws in authenticator key storage and 1GB of encrypted storage space.
Two-factor authentication on the free version is limited to authentication via email and web apps, whereas Bitwarden Premium provides authentication through Duo, SMS, phone calls and security keys like YubiKey. Businesses can deploy 2FA measures across their whole organization.
Password sharing is included in the free version but it’s limited in its scope. You can share data from your free Bitwarden account with one other person before you have to pay for a Premium account. A Premium subscription will enable password sharing with up to five people; any more than that requires a business subscription.
Bitwarden offers its users more than enough capabilities for secure password storage and creation. It works well for password storage on its own, but its major drawback is its lack of advanced features. If you need more security tools, then we suggest reading our Dashlane review for a password manager that acts more like a full security suite.
Bitwarden Vault Health Reports
Your passwords will do you no good if they get stolen in a data breach. Bitwarden Reports is one of the few features beyond basic password manager functionality that will let you know if any of your passwords have been compromised.
Bitwarden’s reports relating to password compromise include reports on reused or weak passwords, or reports on unsecured websites that have suffered from a security breach. The breach report is the only one available on the free version. You will have to upgrade to the Premium plan if you want to know more about your weak or compromised passwords.
Password Manager Self-Hosting
Hosting your own password server is one of the best ways to keep all your passwords secure. Security-conscious internet users may not trust Bitwarden or any other company to keep their passwords secure from data breaches and hackers, which is an all too common occurrence today.
Creating a server on an extra piece of hardware or on the cloud means you’re completely in charge of your own password security. Even if Bitwarden’s servers go down, you can still access your passwords whenever you need them.
Bitwarden’s open-source code gives users the flexibility they need to set up their own password storage servers. That may sound like an intimidating task, but Bitwarden makes things easy with Docker.
Bitwarden provides tutorials that will help users with no networking experience get a password storage server up and running in no time with this tool, whether you’re using Windows, Mac or Linux.
If you know what you’re doing, you can skip Docker altogether and create your own infrastructure with Bitwarden’s code — the choice is yours. Best of all, the self-hosting option is included in the free version of Bitwarden.
Bitwarden Features Overview
|Backup and recovery|
|Mobile apps||Android, iOS|
Bitwarden has made its name on its fully featured free version, which occupies the top spot on our best free password managers list. It comes with the essential features outlined above, like unlimited password storage and multi-device sync. Of all free password managers, Bitwarden is our favorite because the free plans from other password managers are much more limited.
The Premium version, at $10 per year, doesn’t have much else to add aside from a few extra features, but subscribers are at least helping out the developers. The main bonuses are more options for two-factor authentication and the remaining five types of Bitwarden reports. Premium subscribers also get 1GB of encrypted file storage, but you could just as easily sign up for a cloud storage service instead.
Storing passwords securely is the main duty of a password manager, but sending them securely is an extra feature included in Bitwarden. Bitwarden Send is an information-sharing feature that can send passwords, messages, documents and other data through an encrypted connection.
Marketed toward businesses that need to securely share sensitive data among their employees and clients, Bitwarden Send was designed to comply with several major data regulations, including the GDPR, HIPAA, CCPA and the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.
Sometimes you might have an emergency where you need someone else to access one of your accounts. The Bitwarden emergency contacts feature allows users to designate trusted contacts to have access to the user’s password vault when an emergency situation arises.
Depending on how much you trust your emergency contacts, you can grant permission to access a read-only version of your list of passwords, or you can grant access to change your account’s master password. Emergency contacts must either have a Bitwarden account or create one when they need to access the password vault.
Bitwarden Family and Two-Person Org
Bitwarden has four options for multiple users: the free, two-person Org plan, Teams Organization, Enterprise Organization and Families Organization. The two-person Org plan is free and lets two users securely share data with one another. The Family plan is the same as the Premium plan but supports up to six users for $3.33 per month.
The Teams plan comes at the price of $3 per month per user. It’s just like the Premium plan, but for multiple users. At $5 per user per month, the Enterprise Organization plan is the most fully featured Bitwarden plan of all.
Some of its exclusive features include SSO integration, enterprise policies, active directory integration and much more. Subscribers of this plan get complimentary family plans for all of their users.
One of the Enterprise plan’s major benefits is its single sign-on (SSO) solution, eliminating the need to authenticate for every one of your organization’s systems. Organizations can use their existing identity providers to authenticate users via the SAML 2.0 or OpenID Connect (OIDC) protocols.
Administrators have the flexibility to set and enforce enterprise policies on this plan and even sync their existing directory of users with everyone on their Bitwarden plan.
Subscribing organizations also get access to Bitwarden’s public and private APIs, which are compliant with the OpenAPI Specification (OAS3). You can use the APIs in combination with the Bitwarden command-line interface (CLI) to have greater control over managing your enterprise’s users, groups and policies.
Ease of Use
Bitwarden’s desktop application is simple and clean in every respect. Instead of overwhelming users with loads of buttons and menus, Bitwarden displays a simple list of your logins, folders and login types in the sidebar, and a place on the right to view the contents of each entry.
At the bottom of the window is a bar containing a plus sign. This button lets you create a new entry that will appear in the panel on the right. In this panel you can store your password in the Bitwarden vault and specify the password type, your username, the website’s URL and an authenticator key.
The available password types are login, card, identity and secure note. At the bottom is a notepad and an area where you can assign the entry to a folder.
As you can see, Bitwarden values simplicity above all. It’s easy to use even for password manager novices, although it would be nice if Bitwarden offered custom categories for password types instead of just the four preset choices.
Bitwarden Browser Extension
You don’t have to download the desktop or mobile apps to use Bitwarden as long as your device has a browser. Bitwarden makes browser extensions for Chrome and a selection of Chromium-based browsers, in addition to Firefox and Safari.
Bitwarden leaves nothing out of the extension that’s included in the desktop app, so you don’t have to use the desktop application at all. In fact, it may be simpler to use the browser extension, as you can access your passwords from any device without installing a full application.
The extension even includes a feature not available on desktop. The “excluded domains” feature will stop Bitwarden from asking you to save your credentials on any website you type in.
In addition to the desktop app and extension, there are Bitwarden mobile apps available for Android and iOS. You can get the mobile app from the Google Play Store, the Apple Store and the F-Droid store for free and open-source apps. Bitwarden also offers command-line tools for executing your own scripts on your own installation, plus a web vault you can access from any browser.
You don’t have to take Bitwarden at its word regarding its security. It’s one of the most secure password managers on the market and the open-source code is publicly available on GitHub for all to see.
The Benefits of Open-Source Code for Password Managers
The development team encourages security researchers to inspect the code for security weaknesses, which is what Cure53 did when they audited Bitwarden’s code with a favorable security assessment. The open-source nature of Bitwarden also means users can modify their own installation and contribute to the Bitwarden code.
Your passwords are secured in an encrypted password vault with AES-256 encryption and your master password. Only encrypted passwords are stored on Bitwarden’s servers, so there’s no way for the company to access any of your credentials. Hackers would only get a useless string of numbers and letters if they managed to steal your encrypted passwords.
Bitwarden uses your master password to derive an encrypted PBKDF2 key hashed with SHA-256 when you log in. As covered above, Bitwarden provides the tools needed to set up your own password server if you don’t trust the company to keep your passwords safe, encrypted though they may be.
Bitwarden’s users have plenty of support resources to help them out when something goes wrong. The Bitwarden help center contains a broad library of detailed articles on every aspect of the application, including troubleshooting articles for common problems, security advice, business resources and much more. Bitwarden doesn’t leave its users in the dark with such a wide library of support information.
If you can’t find your solution in Bitwarden’s support articles, then you can ask the Bitwarden community in the forums. The forums are very active, with Bitwarden users willing to help out other users when something goes awry.
Before posting, you can search for keywords related to your problem in the forum’s search bar to see if someone else has already encountered the same problem.
Filling out a support form in the contact page is the main way to get in touch with the Bitwarden team. Enter your name and email address, select a topic and write your message for general inquiries. The contact page leaves a link to a page with a separate support form for business use of Bitwarden. There is no phone number for contacting the support team.
Usually you’ll have to sacrifice something essential when using a free application, but Bitwarden makes no compromises. The free version is an excellent basic password management app that stands toe to toe with its paid competitors.
Bitwarden narrows its focus to basic password management features (and does so remarkably well). This means it lacks the advanced functionality of paid programs like Dashlane, the most feature-rich password manager out there.
Dashlane comes with several extra security features such as a free VPN, and 1Password is a better deal for families and businesses. Nevertheless, we recommend Bitwarden highly.
What do you think of Bitwarden? Do you think it’s the best free password manager, or is there a better free application we’ve overlooked? Let us know your thoughts in the comments below, and as always, thank you for reading.