Bitwarden has in recent years firmly established itself as a leading password manager, one which is noticeably very safe, secure, reliable and easy to use making it a great alternative to the industries big names including Dashlane, 1Password and LastPass.
One of the most notable features of Bitwarden is that the software produced is free and open source (including the Bitwarden server software should you want to run the service on your own hardware). This means not only are the Bitwarden password manager apps subject to the highest standards of security and scrutiny, but also form a great choice for anyone seeking a low-cost way to manage their own passwords or those of a team or small business.
I previously reviewed Bitwarden back in 2020 and was very impressed with the overall password manager service which was on offer. Not only is Bitwarden very easy to configure and use, but the numerous security features which are built into the service and the open-source software all combine to help to make this a very reassuring and reliable password manager for a multitude of different use cases.
Time to check out the latest version of Bitwarden for myself and see how it fares in 2023, vamos!
Are you looking for help and advice on choosing the best password manager? If so, then be sure to check out our guide to the Top 10 Password Managers which includes our top 10 list of password managers alongside other useful information to look for!
- Well designed, easy to use software and apps
- Secure zero-knowledge AES 256-bit encryption
- Open-source software and apps
- Unlimited vault items (on both free & premium plans)
- Plugins available for all major web browsers
- Desktop applications for Windows, macOS and Linux
- iOS and Android smartphone apps
- Automatic cloud synchronisation (free & premium)
- Multifactor authentication / 2FA (inc. YubiKey & FIDO2 support)
- Automatic password generator & website logins
- Store passwords, secure notes, payment cards etc.
- Emergency account access (premium)
- Bitwarden authenticator (premium)
- Premium with 1GB cloud storage – only $10 / year!
In this section of my review, I will be making use of the Bitwarden service in order to assess how well it performs as a password manager. This will involve signing-up for the Bitwarden service for myself, installing both the desktop software and smartphone apps before then adding some logins to the service and seeing how well it performs overall.
NB – This work begins via the official Bitwarden website where all new users to the service can sign up for a free Bitwarden account. This 100% free to use account offers, amongst other things, the ability to add unlimited passwords and personal devices to a Bitwarden cloud vault!
Bitwarden Free vs Premium
Before signing up to Bitwarden for myself, one of the first things to address in this review is the Bitwarden managed service offering and, specifically, the differences between the free and premium plans.
NB – Bitwarden also offer users the ability to install and self-host their own Bitwarden service upon their own server hardware! Since this is a very specialist use of the service (and only relevant to a small number of users) I will not be covering this particular Bitwarden setup any further in my review!
The Bitwarden Free account will for many be the ideal solution to password management. This is not only because it is 100% open-source and free to use, but also thanks to Bitwarden offering free cloud synchronisation of the password vault between an unlimited number of personal devices plus the ability to store an unlimited number of passwords (a very generous quota for a free to use password manager).
Moving on past this free to use account and Bitdefender also offer their individual users the option of subscribing to a premium version of the same service for an additional $10 per year (very good value if you ask me). Once on the Bitwarden premium plan (for individuals), accounts will be upgraded to include an additional 1GB of secure cloud storage (which is synchronised between connected devices), use of the Bitwarden authenticator service, advanced 2FA options, emergency access, premium support plus advanced security reporting amongst other useful benefits.
Also available from Bitwarden are multiple other account options for families, businesses and teams which offer additional business / sharing facilities including SSO (single sign on), configuration of user groups plus advanced sharing and collaboration features amongst various other useful capabilities.
NB – It needs to be stressed how generous the Bitwarden free account is here, many competing password managers with a free account will usually have some limitations including limiting the number of passwords being stored or the number of devices able to synchronise. Providing you can live without the 1GB of secure cloud storage, advanced multifactor authentication options plus a couple of other small premium additions, Bitwarden remains one of the best free password managers available!
Signing up to Bitwarden
Signing up to Bitwarden begins at the official Bitwarden website where the Bitwarden Free account is available to all new users of the service. Singing up in my case took only a few moments and the password vault will be ready to use, straight away, after the initial sign in to the service.
NB – Be aware that Bitwarden is a zero-knowledge service! This means Bitwarden themselves will have no access to the contents of your vault and no way of helping to recover data in the case of a lost or forgotten password!
Once registration with Bitwarden is complete, the secure password vault will be ready and usable straight afterwards. Whilst the web interface is indeed very useful (and I will be looking at it in more detail alter on), I will continue this subsection of the review by next installing the Bitwarden Windows desktop software which can be downloaded from the “Get the apps” page found under the main account menu.
In my case I will be downloading the Bitwarden desktop software for Windows, but also available is desktop software for both macOS and Linux devices as well. The download itself was very quick at just 715KB in my case and, once running, the installer takes just a few clicks to get everything installed and ready to use on the device in question.
Upon opening this desktop client software for the first time, we will be asked to log in to the password vault service or create a new Bitwarden account if we don’t yet have one. Bitwarden require only an email address and a master password at a minimum which is great to see as this helps keep users’ data as private and secure as is possible.
Finally, once logged in with our new account, we will be greeted by the main Bitwarden application home screen. From within this home page, we have full access to the free version of the service and any other devices using this account will also be automatically synchronised with any changes made here.
In addition to the desktop software which was just installed, Bitwarden also offer smartphone apps and browser extensions for all major web browsers thus providing enhanced access to the service. I will have a look at the smartphone app a little later on in my review, but for now I will have a look at the Firefox browser extension which can be installed directly via the Firefox add-on store:
As is the case with most Firefox extensions, the installation of the Bitwarden plugin is quick and easy taking only a few moments to complete via the official Firefox addons installer. Once installed, we can login using the Bitwarden account we created a little earlier on and the synchronisation with the Bitwarden service will happen automatically in the background.
One of the best things about the Bitwarden browser plugins is that they not only provide access to all items stored within our vault, but also the possibility to have login forms filled out automatically when visiting any supported websites. I will have a look at using the auto website login filling functionality and the Bitwarden browser plugin itself in more depth a little later on.
NB – Bitwarden have web browser plugins available for Chrome, Safari and Firefox as well as lesser used browsers including Brave, Opera and Vivaldi!
Types of Data Stored by Bitwarden
As is the case with most password managers today, not only does Bitwarden allow the storing of simple passwords, but also plenty of other useful information types such as secure notes, payment card numbers, PIN codes, tax numbers plus any other secure personal notes you might want to keep safe within the encrypted password vault.
Should you take out the Bitwarden premium subscription (at $10 / year) you will also be able to upload and synchronise files and photographs across all of your connected devices thanks to the 1GB of secure cloud storage which is included within this premium account. This makes for a very useful way to keep copies of bank cards, personal IDs plus other important documents which you might need to securely access whilst on the go!
Making use of Bitwarden
Once Bitwarden is up and running, one of the easiest ways of adding a new login to the Bitwarden password vault is via one of the supported the web browser plugins. Of course, any Bitwarden app can be used for adding a new login to the vault, but only the web browser plugins will automatically recognise any new website login attempts and offer to save these new logins directly into your Bitwarden vault (a very convenient feature and a great time saver versus entering new logins manually).
In the case of creating a new account for a website or service, Bitwarden also makes easy the process of creating a new account in two main ways.
Firstly, Bitwarden contains an easy-to-use password generator which will generate a secure and unique password as and when it might be required for signing up to new accounts. Secondly, Bitwarden will (in many cases) via the web browser plugins, also recognise when a new account is being set up and automatically offer to remember the new account details (a process which is as simple as clicking the save button, seen below, to confirm you do want the new account to be saved).
NB – The secure password generator found within the Bitwarden software and apps supports setting the length and complexity of any new passwords which are generated. This includes being able to specify the number of numeric digits, capitalised letters and special symbols in use to satisfy the password complexity requirements of the service you might be signing up for!
Moving past the creation and addition of new accounts into the password vault and we can now focus on the using of said accounts. As with the saving of new and existing accounts into the vault, Bitwarden also offers multiple ways of making use of any saved logins via its apps and web browser plugins.
As can be seen above, going back to the web browser extensions is a great place to start here as these tools will automatically recognise many website login forms and, if set to do so, populate the username and password forms automatically. In certain circumstances where more than one login is available for a website, Bitwarden also makes easy the process of choosing between the available login choices via the browser plugins menu interface (which is as simple as choosing the correct choice form a list of available entries).
Moving across to the Bitwarden smartphone app and the autofill service, which is compatible with both iOS and Android devices, is also available for logging into both smartphone web pages and apps. Once enabled, as can be seen above, the app autofill service will allow any existing login within the vault to be selected whilst logging into an app without the need to waste time copying and pasting information between apps.
NB – Before being able to use the iOS and Android app autofill service, the Bitwarden app must be installed on the same device, logged in and the autofill service enabled on the device (something the app itself will guide users through depending upon the device currently in use).
Importing and Exporting Passwords
Unless you are completely new to using a password manger service (and Bitwarden is a great first choice if you are new), most users will most likely be migrating from an existing password manager when they switch to Bitwarden. In cases where migration is taking place, it is great to see Bitwarden have available a very useful and reliable import system supporting multiple different formats including those used by many commonly used alternatives (including LastPass and 1Password amongst many others).
As can be seen above, when logged into the Bitwarden web interface, we then have access to the specialist data import tool. The dropdown menu shows some for the many popular password manager export formats which are currently supported and the process for importing itself begins by simply selecting the service being migrated from and then uploading the export file just below.
NB – the export process will naturally differ depending upon which service you are migrating from. All services will almost certainly produce a single file at the end of their export process, this file should be treated very carefully and, as per good practices, deleted once the import into the new password manager is confirmed as having worked for additional security!
Also available from within Bitwarden is a vault export tool as well. This tool allows the entire Bitwarden vault, including all passwords, secure notes, payment card plus any other entries to be exported and stored within a single file (a file which will be ready for importing into another password manager should you ever want to move away from Bitwarden or simply as a form of backup).
As can be seen above, exporting passwords from the Bitwarden vault is a very simple affair with the resulting file containing all relevant information ready for storing safely or importing into another password manager service (so be sure to keep it very safe until it is required).
NB – The Bitwarden import process currently relies on use of the web vault to perform the necessary file uploads and processing. Exporting data from the service can be done from within the desktop software as well as the web-based vault!
Bitwarden applies strong zero-knowledge encryption (using AES 256-bit technology) to ensure all vault data is encrypted locally on the device in use before any synchronization to the Bitwarden cloud service takes place. In addition to the use of strong end-to-end encryption, Bitwarden also offers the ability to use multi-factor authentication for additional account level protection on both free and premium accounts.
NB – Bitwarden offer the use of multifactor authentication apps and email based 2FA on the free account. Users of the Bitwarden premium account can extend these multifactor authentication options to also include YubiKeys and WebAuthn amongst other advanced multifactor authentication choices!
Another important aspect to the Bitwarden software is that it is fully open-source and thus the code of the product itself is available for the IT security community to review. This means that the workings of the software are fully transparent and that security researchers can easily verify that the software is as secure as the company producing it (Bitwarden) says it is!
NB – Bitwarden also send “new device” warning emails whenever a new device is signed in from and connected to a vault. This service (which is available on both free and premium accounts) ensures an additional layer of security for the vault plus the reassurance that whilst no new devices are attached to the account or logins are made, the integrity of the information within the vault will remain intact.
Finally, unlike a lot of other password managers, Bitwarden also give their users the ability to configure some of the more advanced aspects of securing their password vault. This includes being able to set automatic vault locking and log-outs after set periods of inactivity, automatically rotate account encryption keys (for additional security) as well as alter the KDF algorithm and the number of KDF iterations for any advanced uses who wish to further control how their vault is encrypted (although this is probably best left alone for the vast majority of regular users I would suggest).
Bitwarden have a very useful knowledge base and Q&A section which is available on their website, one which is well ordered and should provide the answers to most common questions which might arise whilst using the service. Should you require any additional support, Bitwarden also provide 24/7 online messaging support in addition to priority support options for premium plan members.
Bitwarden provide all users with a free to use account plus the option of upgrading to a premium account option which is currently priced at $10 per year (for the Individual plan).
Additional features of the Bitwarden premium plan include:
- 1GB of secure cloud storage
- Advanced multifactor authentication / 2FA (inc. YubiKey & FIDO2 support)
- Emergency vault access provisions
- Use of the Bitwarden authenticator (2FA) service
- Advanced security reports
- Priority technical support
NB – Bitwarden also allow premium account holders to purchase additional secure cloud storage over and above the included 1GB allocation at a cost of $4 per year, per additional GB!
Bitwarden also offer more specialised Business and Team accounts which provide additional sharing and security options for those who might require them.
Yes, Bitwarden provide strong security to any data stored within the password vault via the use of strong, zero-knowledge encryption. This end-to-end encrypted approach makes use of very strong AES 256-bit encryption technology to secure any data and sees all data is encrypted locally on a user’s device before being synchronised with the Bitwarden service.
Additionally, Bitwarden provide additional layers of security to their service via good set of multifactor authentication options (including the use of YubiKeys on premium accounts) plus other advanced options which see users able to set the automatic timeout values for their account.
No, Bitwarden do provide an authenticator service however, this is only available on the premium plan offerings which start at $10 per year for individuals (with other team and business options also available).
All Bitwarden apps (including the browser extensions) which are already authenticated to the service can be use in an offline mode in the case that the Bitwarden service is unavailable or that internet access is not available locally. This means that any existing passwords which are stored in the vault can still be read offline however, it also means that Bitwarden will not allow items to be edited nor new items added to the vault until access to the service is restored.
Yes, included within all Bitwarden accounts is access to a very useful and secure password generator tool. Not only will the Bitwarden password generator generate a strong and unique password, but by being a highly customisable tool, Bitwarden users can also specify exactly how they want their new password to be composed (this includes being able to specify the total length of the password as well as various other characteristics such as the number of numerical digits, special symbol and whether or not to use capital letters).
Yes, however this is limited to just a single user when making use of the free or individual premium accounts. Users of the Bitwarden Families account can share passwords with up to 6 other people as can users of the Bitwarden Enterprise Organisation accounts as well.
Yes, all data sent to Bitwarden is subject to highly secure, zero-knowledge encryption before it is sent to the Bitwarden cloud for safe storage! This means all data, including sensitive bank account and payment card details will be securely encrypted using strong AES 256-bit encryption before they leave a user’s device and will remain encrypted until recalled.
In this section of my review, I will be looking at some good alternative choices for the Bitwarden password manager service. This includes similar cloud-based password manager services which share many of the same key features as Bitwarden including secure end-to-end cloud synchronisation of password vaults, useful desktop software, smartphone apps plus good importing and exporting abilities amongst many other related features.
Remember, any ratings and opinions given below reflect my own personal views and should be treated only as a guide! When purchasing any form of password manager service, always be sure to carefully check the details of the offering out for yourself first and try and to make use of any free trials or free accounts, whenever possible, to help ensure the solution is right before committing to a purchase.
LastPass is without doubt one of the most popular password managers available as of today! It is a service which is not only well trusted and easy to use, but by providing some of the highest levels of zero-trust security it is also a service which ensures all data stored within it remains as safe as possible.
One of the first key points to note about LastPass is that, much like Bitwarden, they offer both a limited free to use account alongside a premium account offering which has more features available. In the case of LastPass, we do see unlimited passwords allowed on both the free and premium services, however, the free account is limited in that is can only be used on a single device type (e.g., smartphones) as well as omitting various other premium features including emergency access, advanced 2FA options, advanced sharing plus dark web monitoring (all of which are available on the premium plan).
Security wise and LastPass provide strong protection of their accounts via the use of zero-knowledge (zero-trust) encryption to ensure all data is encrypted at the client’s device before being transmitted to and stored upon LastPass servers. LastPass also make provisions for also applying advanced multifactor authentication options (including support for advanced 2FA options such as YubiKeys on premium plans) to help further protect the account.
LastPass is priced form just $3 per month for the premium individual plan with a 6-person family premium plan also available for just $4 per month. Also available is the LastPass free to use account, business focused plans plus a 30-day free trial of the premium service– more information on all of which can be found via the official LastPass website.
2) pCloud Pass
PCloud Pass is a relatively new password manager service form the same company behind the leading cloud storage service, pCloud.
Despite being a relatively new password manager service overall, pCloud Pass brings many useful functions to the table. Some available functions include a secure password generator, multifactor authentication, password autofill services, the ability to save secure notes and payment card details as well as the ability to easily search the unlimited number of passwords which can be stored on both the free and premium plans.
Security wise and pCloud Pass provides a very safe and secure service via the use of strong zero-knowledge encryption which is applied at the client’s device to ensure all data remains encrypted within the service at all times. Other security features including multifactor authentication (2FA) help to provide an additional layer of protection for the entire account.
pCloud Pass is available from just $29 per year for the premium individual account with a lifetime pricing option of $149 also available. Other plans available at time of writing include the family plan covering 5 users for just $49 per year (or $253 on the lifetime plan) alongside the free to use account – more information on all accounts is available via the official pCloud Pass website.
1Password is well known as a highly functional password manager service, one which combines a great set of features and password management functionality alongside very good security and a privacy-first lead approach to keeping data safe.
Some of the key features of the 1Password service include support for the adding of unlimited passwords across unlimited personal devices, highly usable auto-fill and auto-capture tools, good password sharing options, 1GB of secure cloud storage plus the ability to store multiple entry types within the vault (including logins, payment cards, ID documents etc.).
Security wise and 1Password makes use of strong zero-knowledge encryption (using AES 256-bit encryption) technology to ensure that any data stored upon the service remains secure and visible by only the account holder and no one else. Additional security features include support for multifactor authentication for the entire account plus use of the 1Password Watchtower service which will automatically monitor logins and warn users if their credentials have been exposed at any point.
1Password is priced form just $2.99 / month for their Individual premium plan with other account options including a Family plan and business orientated plans also available. A 14-day free trial of the service is also available, more information on which can be found via the official 1Passsword website.
Bitwarden Review Summary
Bitwarden is without doubt a top choice in the password manager space, one which is highly usable and nicely designed yet still containing a great set of features and configuration options making it an ideal choice for users of all abilities and requirements.
Security is also an important consideration for any password manager and it is clear that Bitwarden have done a good job in making his product a leader in this regard. Strong zero-knowledge encryption of all password vault data is applied as standard alongside many other security features including open-source code, advanced multifactor authentication plus the ability to fine tune aspects how the vault is secured all help to add additional layers of protection to any Bitwarden account.
Premium accounts are very reasonably priced at just $10 per year for individuals (amongst other options) and bring with them 1GB of secure cloud storage, additional multifactor authentication options (including support for YubiKeys), use of the Bitwarden authenticator tool plus advanced security reporting amongst various other features.
Overall, Bitwarden is without doubt my top choice in the password manger space, it is here which a great set of features, great apps and top-notch security all combine to make for an excellent password manager overall!
Are you looking for help and advice on choosing the best password manager? If so, then be sure to check out our guide to the Top 10 Password Managers which includes our top 10 list of password managers alongside other useful information to look for!