Password Manager Review: Bitwarden
Websites and services are constantly under siege. Attacks are a daily occurrence and data leaks can prove disastrous for you and your privacy. One of the protective measures many have begun to adopt is the use of password managers, services that let you create a master key that (alone) grants access to an impregnable, digitally encrypted vault containing all of your passwords and sensitive data. One of the newest faces in the password manager game is Bitwarden.
What Is Bitwarden?
Bitwarden is an open-source password manager developed by 8bit Solutions LLC and available for Windows, Mac, Linux, Android, iOS, and a wide range of browsers. The service was first introduced to the market as a mobile app in 2016, with standalone software for desktop computers bing released in 2018. As such, Bitwarden is something of a newcomer among password managers. However, we're confident that it can keep up with its more experienced competitors. Check out our review below to find out why!
Pros and Cons
Excellent user-friendly applications
Robust, externally-tested security
Offers decent support
Disappointing autofill functionality
Some basic features hidden behind paywalls
Bitwarden is available for many platforms. When starting out, the first step is to choose the appropriate installation file from the download section of the provider's website. It is possible to create a free account on either the website or in the desktop client. As with most password managers, you'll then have to create a master password which serves as the combination to your digital password vault. The app will tell you how secure your password is and lets you add a hint in case you need help remembering it.
Upon registering, you'll be taken to the dashboard, which is split up into three vertical columns. In the column on the left, you'll find the main menu, shortcuts, types of data sets, and folders. The middle column displays your data set entries and features a search function. Finally, the column on the right presents additional information relating to the entries you've selected. New entries can be created by clicking on the plus symbol. Bitwarden follows tried and tested designs, and it shows. The simple and clear interface is easy to use, and you won't need long to find whatever features it is you're looking for.
The only exception to this is the import function, which is somewhat hidden away. Data can only be imported using your Web Vault, the browser version of your vault. We were able to successfully import a LastPass .csv file. Usernames and passwords were correctly imported, with LastPass categories displayed as folders in Bitwarden's main menu.
The browser extension is not automatically installed, and as such, needs to be added manually. This is easy enough to do via the Bitwarden website and only takes a few seconds. Bitwarden's developers seem to have drawn inspiration from some of the service's competitors, with the browser extension being (essentially) a mini version of the desktop app. It does come with a few more features than the browser extensions of its competitors do, such as the ability to create new entries or access your entire vault. We also liked how Bitwarden allows users to open the extension in a separate window.
Bitwarden might be new to the password manager game but it has certainly been paying close attention to its more experienced competitors, incorporating the elements that work into its design. Its apps are all intuitive to use, its features don't need lengthy explanations, and even newcomers should be able to get started quickly.
Score: 4.7 / 5
User Interface & Ease of Use
Bitwarden provides three components, namely, the Web Vault, the desktop app, and the browser extension.
Your Web Vault provides access to more specialized features that come to use less frequently, such as the aforementioned import function as well reports about the security of your passwords. Unfortunately, these reports are reserved for premium users.
To keep its desktop app svelte, Bitwarden moved features that are used less frequently to the Web Vault. While we can appreciate this, it would be nice if it were easier to switch between the desktop app and the Web Vault.
Using the desktop app, it's possible to exercise greater control over your data sets, creating new entries manually if need be. It's nice to see that this feature isn't behind a paywall. The desktop app's dashboard offers a straightforward no-frills user experience.
As mentioned above, Bitwarden's browser extension comes equipped with a wider range of features than those of similar apps. We really liked how easy and uncomplicated it was to manually create new datasets, as well as the ability to open the extension in a separate window. Taken together, this means that users won't have to bother much with the main app since nearly all features can be found in the powerful extension.
Bitwarden doesn't do distractions. Its app is simple by design with the spotlight clearly on the password manager's core features. While perhaps controversial, the assignment of less commonly used features to the Web Vault helps keep the desktop app and browser extension free of clutter. In our opinion, this gamble pays off, since it means anyone can use Bitwarden effectively out of the box. Whatever problems you might encounter can be quickly (and easily) rectified.
Score: 5 / 5
Bitwarden doesn't serve up super-sophisticated features, sticking instead with no-fuss simplicity and a package of features that provides all of the functionality needed. Naturally, this entails a password generator that lets you create secure passwords and passphrases, using basic character settings.
In the settings, it's also possible to set a PIN that you can use to unlock your Bitwarden account instead of the master password. You can change the app's design at any time thanks to the many themes on offer.
Sharing passwords works a little differently with Bitwarden. In the app's Web Vault, you can create so-called "Organizations". In these, you'll insert data sets that are intended to be used by multiple users. Unfortunately, this additional feature isn't free. Other providers offer this as a basic feature and free of charge. Administrators can create an organization for free but are only able to add two other users to the organization, having to pay for anyone beyond that. The fee for this starts at $1 per month.
Regrettably, security features aren't part of Bitwarden's free version. Only premium users can access these via the Web Vault. Paying customers can look forward to reports about compromised, weak, or reused passwords. Only the theft report is provided to all users.
Bitwarden's regular login autofill feature made a good impression on us. The browser extension filled in forms correctly on all of the websites we tested it on. With that said, this only applied to logins. Bank data, for example, needed to be copied and pasted from the vault into the correct form box.
Bitwarden's autosave feature leaves a lot to be desired. Typically, a password manager's browser extension would open a small pop-up, asking the user whether the login information should be saved, however, in Bitwarden, that feature needs to be activated in the app's settings, and even then, doesn't always appear automatically.
For this reason, we recommend exercising caution when changing passwords. Should the autosave feature not work properly, you'll need to manually copy the passwords into your data set to prevent losing them. In this area, other password managers are much more reliable.
At first glance, Bitwarden covers the essential features but not everything that glitters is gold. Some features will cost you even if you're already a premium user, and saving passwords automatically is such a crucial feature for a password manager that it should work flawlessly and reliably. Instead, Bitwarden still has a few bugs to work out in automatically recognizing login fields.
Score: 3.3 / 5
Bitwarden makes use of AES 256, which is considered to be uncrackable. Due to the Zero-Knowledge principle, only you know your master password and not even Bitwarden has access to it.
The app also comes with two-factor authentication. Users of the free version can use authenticator apps such as Google Authenticator and Authy or verify a login via email. Premium users have additional options such as Yubikey and Duo Security.
At the end of 2018, Bitwarden underwent an external security audit by Cure53, which ascertained no significant threats or vulnerabilities. Bitwarden's willingness to undergo such an audit shows that the developer doesn't take its users' security and privacy lightly.
Score: 4.7 / 5
Bitwarden's mobile app is very similar to its desktop client. On your main display, the vault, you'll find your data sets, folders, and collections. Through the menu, you can access the password generator and settings.
Bitwarden's mobile app doesn't come with a dedicated browser, so data sets will open automatically in your default browser. Autofill wasn't all too reliable in the browser either, and the Bitwarden logo didn't appear where it was supposed to. In other apps, the autofill feature worked without any hiccups.
Should you want to avoid constantly typing in your master password, you can unlock your mobile vault via PIN or fingerprint.
All things considered, the Bitwarden app does everything one might expect from such a service even though the autofill feature was a bit wonky.
Score: 4.3 / 5
Bitwarden's help center provides answers to most FAQs users might have. More specific questions can be posted to the service's forum. If you want to contact the developer directly, you can only do so via email and will have to make do without a ticket system or live chat.
We sent Bitwarden some queries via email and received an answer quicker than we'd expected: 11 hours on a Saturday. Our customer service staffer was quick and helpful, but, overall, Bitwarden's support system was a bit underwhelming.
Score: 3.7 / 5
Bitwarden is definitely affordable. Its premium version, which provides users with access to additional security features, data storage, and better support costs less per year than what some password managers charge per month. You should expect extra costs if you intend to use the app's sharing (Organizations) feature.
Businesses can take advantage of special rates. The table below provides a detailed look at Bitwarden's current pricing structure:
|Price per Month||$0.00||$0.83||$1.00|
|Price per User||-||-||-|
|Contract Period (month)||0||12||12|
|Number of Users||2||2||5|
|Number of Passwords||unlimited||unlimited||unlimited|
|Number of Devices||unlimited||unlimited||unlimited|
|Sync Multiple Devices|
|Only Local Storage|
|Two Factor Auth|
Cloud / SaaS
Cloud / SaaS
Cloud / SaaS
Some apps do a lot of things right, with the differences between them being matters of taste or even nit-picking. With Bitwarden, our main points of criticism are its autofill and autosave features, which simply aren't as reliable as those of its competitors. Apart from that, we really enjoyed the app and found its interface easy to use. Bitwarden is secure, fast, and intuitive, but its shortcomings can lead to frustrations in the long run.
However, we should also keep in mind that Bitwarden is a fairly young app, especially its desktop version, and as such, that its issues can and likely will be ironed out in the near future. We hope that 8bit Solutions LLC spends some time on them as they offer a very good product as is, and one that has the potential to grow into a real powerhouse in the market.
How We Test
Bitwarden's browser extension was tested in Google Chrome and Microsoft Edge. The mobile application was assessed on an Android device (version 8.1.0).