Bitwarden Review

Bitwarden might be the best free password manager around, with great usability and decent features. However, paying users can do better elsewhere, as you can read in our full Bitwarden review.

By Jacob RoachWriter
— Last Updated:
2020-03-30T19:30:52+00:00
Starts from $ 083 per month
Free plan available (All Plans)
bitwarden-slider1
bitwarden-slider2
bitwarden-slider3
bitwarden-slider4
bitwarden-slider5

Bitwarden is a free, open-source password manager that made the cut in our best password manager guide. With top-notch security and an interface that’s easy to use, Bitwarden stands above most paid password managers. As a free password manager, it’s unbeatable, though paying users can get more features elsewhere. 

In this Bitwarden review, we’re going to share our experience after spending some time with this popular open-source application. From security to features to price, we’re going to cover everything Bitwarden has to offer, all before giving our verdict. 

For users who are looking for a highly secure, free password management tool, it’s tough to beat Bitwarden. That said, it’s missing a few features, mainly when it comes to sharing with multiple users and storing nontraditional information. Even so, Bitwarden offers an awful lot for very little, making it a fine choice.

Strengths & Weaknesses

Pros:

  • Open source
  • Multi-device sync on free plan
  • Business plans available
  • Inexpensive
  • Easy to use
  • Self-hosting capabilities
  • Browser & desktop apps

Cons:

  • Limited entry types
  • Missing settings on desktop app
  • No live chat or phone support

Alternatives for Bitwarden

  1. 1
    • 2FA
    • Zero-knowledge
    • Multi-device sync
    • Android, iOS Mobile apps
    • Free plan
  2. 2
    • 2FA
    • Zero-knowledge
    • Multi-device sync
    • Mobile apps
    • Free plan
  3. 3
    • 2FA
    • Zero-knowledge
    • Multi-device sync
    • Mobile apps
    • Free plan
  4. 4
    • 2FA
    • Zero-knowledge
    • Multi-device sync
    • Mobile apps
    • Free plan
  5. 5
    • 2FA
    • Zero-knowledge
    • Multi-device sync
    • Android/iOS Mobile apps
    • Free plan

Features

80 % – Good

Bitwarden is a focused password manager, foregoing extraneous features on its free plan to provide core functionality. That includes self-hosting, multi-device sync, unlimited storage and more, all without users spending a dime. Although the free plan isn’t too exciting in terms of extras, the base functionality is there. 

If features are what you’re after, an upgrade to Premium is worth it. Although not as robust as Dashlane or RoboForm, Bitwarden beats out other commercial password managers (read our RoboForm review). 

With Premium, you’re granted advanced two-factor authentication options, authenticator key storage for the best two-factor authentication apps and 1GB of encrypted file storage. 

Sharing is also supported, though restricted. Free users are limited to sharing with just one other user, while those who subscribe to a family plan can share logins with up to five users. Unfortunately, five is the limit for personal use. If you need more users, you’re forced to pay for a business plan, even if it’s for personal use.

Bitwarden Reports

One of the reasons to upgrade to Bitwarden Premium are the reports (more on that in the next section). Inside the web vault, you can view six different reports, five of which are reserved for paying subscribers. Those range from exposed and reused passwords to unsecured websites. 

All users have access to the data breach report, though, which scans for recently discovered data breaches that correspond to your account email addresses and usernames. This isn’t an automated process — you’ll have to enter the specific username or email you want to check — but it’s still a nice feature to have. 

bitwarden-breach-report

Although we like the reports, it’d be nice to see Bitwarden combine them into a single area. Having a security dashboard where you can see exposed, reused and weak passwords makes it easy to see which accounts you need to update. Given Bitwarden’s open-source nature, an optional automatic password changer extension would be nice, too. 

Self-Hosting Your Passwords

No matter if you’re paying our not, you can choose to host your own passwords. Unlike Password Depot, which — as you can read in our Password Depot review — integrates with cloud storage services, Bitwarden provides code for setting up your own password server. It supports just about every major operating system, too.

Instead of just providing the source code, Bitwarden allows you to easily host your own passwords using Docker. With Docker, you can host Bitwarden’s infrastructure stack on Linux, macOS or Windows. Furthermore, there’s an extensive tutorial for setting up your own server, detailing the automated process with Docker’s tools and manual installation.

bitwarden-self-host-tutorial

You need some basic knowledge of networking to get started, but Bitwarden’s welcome hand holding means even novices can experiment with hosting their own passwords. There are a few reasons you may want to host your own passwords, the most prominent of which is security. By setting up your own server, you’re in control of its security. 

Self-hosting is an optional feature across all plans, which is great to see. Even though we like the inclusion of Bitwarden’s cloud on the free plan, some users may be more comfortable keeping their logins close to home. Thankfully, you’re given the flexibility to choose.

Bitwarden Features Overview

  • Security

    • 2FA
    • AES-256 Encryption
    • Zero-knowledge
    • 2FA keys
    • Security analysis
    • Multi-device sync
    • Backup and recovery
    • Android, iOS Mobile apps
    • Password changer
    • Password generator
    • Browser extension
    • Autofill
    • Form auto-fill
    • Browser UI
    • Desktop UI
    • Email
    • Live chat
    • Phone
    • Help center
    • Forums
    • 24/7 support
  • More

    • Free plan

Pricing

95 % – Excellent

Bitwarden is the cheapest password manager we’ve reviewed. Rivaling even LastPass (read our Bitwarden vs LastPass piece), it offers one of the most robust free plans we’ve seen, fit with multi-device sync and unlimited storage without users spending a dime. An upgrade to Premium is cheap, too, though it seems more like a “support the developers” plan than anything else.

Free
  • Unlimited storage,Multi-device sync,2FA Details
Premium
  • 1GB of encrypted file storage,Additional 2FA options,Password health reports,Priority customer service Details
1-year plan $ 0.83/ month
$10.00 billed every year

Let’s start with the free plan, as it’s the most prevalent on Bitwarden’s site. Instead of offering bells and whistles on the free version, such as YubiKey support and TOTP key storage, Bitwarden focuses on the essentials. You get unlimited storage as well as multi-device sync, meaning you can access your passwords from anywhere. 

That alone shot Bitwarden to the top of our best free password manager rankings, outclassing the limited free plans from Kaspersky Password Manager and McAfee True Key (read our True Key review). Unlike those free plans, which feel like a trial more than anything else, you could use Bitwarden Free without noticing much of a difference. 

As a consequence, though, Premium feels less, well, premium. It’s dirt cheap at only $10 per year, but it adds little in the way of features. There are additional two-factor authentication options and vault health reports, but not much else. The great draw is 1GB of encrypted file storage, which, although nice to see, isn’t much compared to our best cloud storage services. 

Premium seems like an option to support the developers, which we can get behind. Rather than simply asking for donations, Bitwarden offers a few additional features for a modest fee. 

We’d be content paying $10 per year for the free plan alone, so any additional features are worth the price. That’s especially true when compared to costly password managers like Dashlane (read our Dashlane review).

Bitwarden Family and Business Pricing

It seems Bitwarden makes most of its money from multi-user plans. For personal use, there are the Free and Families plans, the former of which comes with all the features of the free version and sharing between two users. Families runs $1 per month, putting 1Password’s family plan to shame, and includes all the features of Premium and support for up to five users. 

The business plans are just as inexpensive. Teams, which includes five users, is only $5 per month when billed annually, and you can add additional users for $2 per month per user. Essentially, Teams is the same as Families in terms of features, though it’s not limited to five users. 

Enterprise is why Bitwarden made our best password manager for small business list, though. It’s a more traditional business plan, charging $3 per user per month with no base fee. 

It comes with advanced business features, though, including user groups, event logs and Active Directory integration. Given the price, Bitwarden even rivals Zoho Vault when it comes to business password management.

User Friendliness

85 % – Very Good

Bitwarden is surprisingly easy to use given that it’s open-source software. There are multiple buttons on the website pointing you toward the download screen, as well as installers for browsers and mobile. If you prefer a command-line installation, there’s CLI documentation, too.

bitwarden-downloads

The download process isn’t just easy for open-source software, but easy in general. Bitwarden’s approach to options presented in an easily digestible manner puts even the most established password managers to shame. That continues into the signup process. Once downloaded, you can create an account directly in the Biwarden app. 

bitwarden-sign-up

After that’s done, there’s no email confirmation or anything of the sort. You’re simply redirected to the login screen where you can enter your credentials. Like downloading, we wish other password managers had this simple of a signup process. Bitwarden gets out of your way, and during our time with it, there was never a point where we felt at odds with the software. 

Using Bitwarden on Desktop

Although not as attractive as, say, Keeper, Bitwarden’s desktop application is very easy to use. More than that, though, it provides a lot of options. Unlike Password Depot, which goes overboard with settings that overwhelm the user to the point of hair pulling, Bitwarden simply offers flexibility.

bitwarden-desktop

For instance, when adding a new password, you need to specify what URL that password is tied to. The process is simple enough as is, though you can customize it if you feel the need. In addition to adding new URLs for the login, you can specify if Bitwarden recognizes the domain based on an exact match, the host name or some combination of other factors. You can even set up ignored domains, which is helpful for bypassing phishing attempts.

bitwarden-domain-entry

There are a few other things you can do on the password creation page, including adding attachments, creating custom fields and sorting logins into folders. Other than that, the desktop app is fairly straightforward. There are a few settings to tweak pertaining to lock-out times, but otherwise the app is bare. The most you can do is change the theme. 

bitwarden-new-theme

From a usability standpoint, everything is sound (better than that, even). However, there’s one critical oversight. Bitwarden supports logins, credit cards, notes and address information, but nothing else. 

Those are the most prominent entries you should have in a password manager, but even so, we would’ve liked to see support for custom categories, especially with how flexible Bitwarden is in other areas.

The Web App and Browser Extension

Although we like the local app, you don’t have to use it. In fact, you can access Bitwarden from anywhere that has a browser. The web app is actually more robust than the local one, offering easy access to reports, two-factor authentication options and organization sharing. Options like creating a new organization aren’t actually present in the local application. 

bitwarden-web-app

Because of that, it’s a better idea to start with the web vault from the get-go. You’re given all of the functionality of the desktop app, along with additional account settings. Accessibility is also a huge plus. Using the Bitwarden website, you can log in to your account from any machine, no matter if Bitwarden is installed locally or not. 

In addition to the web vault, Bitwarden also has a browser extension, which is available for Chrome, Firefox, Safari, Vivaldi, Opera, Brave, Edge and the Tor Browser. The extension more closely resembles the desktop app, though with easier access to the password generator. You can also undock the extension to view it in a separate browser window. 

bitwarden-extension

The strength of Bitwarden’s usability comes from the fact that you can use any of the applications on their own. Technically, the web vault is the most robust. However, you can use the local app, extension or web app on their own without giving up much, providing you with options over how you manage your passwords.

Security

95 % – Excellent

Bitwarden is one of the most secure password managers around, which is thanks to the fact that its codebase is available for anyone to sift through. Because of this model, Bitwarden has been publicly audited by Cure53, which is the same security analysis firm that took a look at RememBear (read our RememBear review). 

Before getting to the perks that come along with having an open-code base, let’s talk about the basics. Bitwarden secures your vault with AES-256, which is the best when it comes to protecting your data, as you can read in our description of encryption. This encryption is paired with a zero-knowledge model, meaning your passwords are only accessible by you. 

Like other password managers, you must set a master password for your vault. Bitwarden doesn’t ever see your master password, though. Instead, it’s used to derive a key using PBKDF2, which is further hashed with SHA-256. The end result is a bunch of gibberish that’s unusable to a hacker. 

It’s important to remember that this is all considering that you’re using Bitwarden’s servers. If you’re concerned about security and authentication, you can host your own passwords, which cuts out any risk of a data breach on Bitwarden’s end. 

You don’t have to take any of this information at face value, either. Bitwarden is confident enough in its security to make its source code available and, furthermore, invite security researchers to test its limits. 

Open Source Perks

The fact that Bitwarden is open source not only makes it more flexible, but also more secure. Anyone can view the source code on GitHub, meaning those with the know-how are free to view, audit or contribute to the code that makes up Bitwarden. Furthermore, the development team invites security analysis from researchers. 

It’s important to note that all of Bitwarden’s code is available, too. From the command line installer to the mobile app to the server infrastructure, the development team makes everything viewable. 

In addition to the transparency that comes from open-source software, the fact that you can view and contribute to Bitwarden’s code means greater flexibility in your implementation of the software. 

A Note About Privacy

Given that Bitwarden offers so much for free, we wanted to briefly touch on privacy. You’re required to sign up for an account, which consists of a master password and a valid email address (some features will be unavailable until you confirm your email address). That should throw up a red flag for anyone concerned with online privacy. 

Thankfully, Bitwarden says in its privacy statement that it does not “share, sell, rent, or trade User Personal Information with third parties for their commercial purposes.” Some aggregate information, which can’t identify a single user, is used and shared, noting things like how many Premium subscribers there are and total network bandwidth usage. 

It seems that Bitwarden isn’t making money off of user data, rather relying on its Premium membership and business subscriptions to drive revenue. We don’t know Bitwarden’s business model, so we can’t say with any certainty how money flows in. However, according to its privacy policy, selling user data isn’t how that happens.

Support

90 % – Excellent

Despite being free and open source, Bitwarden offers a lot in the way of support. Paying or not, anyone is free to contact support via email, though Premium subscribers receive priority. Thankfully, you shouldn’t have to email Bitwarden much. In addition to a dense knowledgebase, it has one of the strongest online communities we’ve seen. 

Starting with the help center, there’s an article for just about every topic. From import instructions to directory sync, Bitwarden provides thorough tutorials. Like the signup process, we have seen few other password managers would provide this level of attention to detail. Bitwarden covers everything and manages to do so in a digestible manner. 

bitwarden-knowledgebase

The forums are less impressive. Although very active, the layout could use some work. Bitwarden only provides two categories: “feature requests” and “user-to-user support,” the latter of which receives more topics each week. There aren’t any pinned topics or additional categories, though, leaving a lot of screen real estate unused.

bitwarden-forums

Still, the forums are helpful. Instead of just browsing the list of topics, there’s advanced search functionality. Using a keyword, you can filter posts based on when they were posted, what they’re tagged with, who they were posted by and more. With the powerful search integration, it’s easy to find relevant topics out of the pool of more than 2,000 posts. 

Although we would’ve liked live chat and phone support, it’s hard to complain given how much Bitwarden has to offer. Paying or not, you have multiple options for finding answers, all of which are helpful.

The Verdict

Bitwarden isn’t just one of the best free password managers around, it’s one of the best in general. It’s secure, easy to use, supports Android and iOS, comes with a lot of features and is cheap, to boot. If you’re looking for a password manager, it’s hard to beat Bitwarden on the free end of things. 

That said, if you’re willing to spend more, you can get more features. Dashlane offers identity theft protection in addition to password management, and LastPass comes with autofill for desktop applications. Bitwarden lacks these features, though it makes up for it with a low price tag. 

What do you think of Bitwarden? Are you going to give the free plan a shot? Let us know about your experience in the comments below. Thanks for reading this Bitwarden review.

Bitwarden FAQ

  • Is Bitwarden Secure?

    Yes, Bitwarden is secure. Because of the open-source nature of the software, users from the community have audited the source code for vulnerabilities. The basics are covered, too, with AES-256 encryption for your passwords and a zero-knowledge model.

  • Is Bitwarden a Good Password Manager?

    Bitwarden is one of the top password managers around. The free plan comes with unlimited storage and multi-device sync, meaning you can access your passwords across all your devices. It’s also highly secure, offering AES-256 encryption and self-hosting functionality.

  • How Is Bitwarden Free?

    Although Bitwarden offers a free plan, it has paid plans, too. Presumably, the paid plans fund the company and allow the free plan to exist. The business plans, for example, are competitive with other business password management tools in terms of features, while costing around the same price.

Was this post helpful?
Leave a Reply
Your email address will not be published. Required fields are marked *

Top