Password Manager Review: Bitwarden
Websites are under fire: Attacks on the online services you use are daily occurrences and privacy mishaps can prove dangerous for you and your accounts. One of the protective measures many people take are password managers, services that let you use one single powerful password for all your online accounts that is then encrypted and stored away securely. One of the newest additions to the password manager market is Bitwarden.
What is Bitwarden?
Bitwarden is an open-source password manager developed by 8bit Solutions LLC and available for Windows, Mac, Linux, Android, iOS and various browsers. The service was first introduced to the market as a mobile app in 2016; standalone software for desktop computers was introduced in 2018. Bitwarden is therefore more of a newcomer among password managers. But it can definitely keep up with its more experienced competitors. Read our review to learn why.
Pros and Cons
excellent and user-friendly applications
offers great and externally tested security
disappointing autofill performance
some basic features are behind a paywall
Bitwarden is available for many platforms. The first step is to choose the appropriate installation file in the download section of the website. You can set up a free account on the website or the desktop client. As is usual with password managers, you then have to create a master password which acts as the key to all your other passwords. The app will tell you how secure your password is and lets you add a hint in case you need help remembering it.
After registering, you'll be led to your dashboard which is split up in three vertical columns. In the column on the left, you'll find the main menu and shortcuts, types of datasets, and folders. The middle column provides you with your dataset entries as well as a search function. The column on the right will show further information oft selected entries. New entries can be created by clicking the plus symbol. Bitwarden clearly follows tried and tested designs and it works: The simple and clear interface is easy to use, and you'll never look for features for too long.
Only the import function is hidden away a bit. You can only import data using your Web Vault, the browser version of your vault. We were able to successfully import a LastPass .csv file. Usernames and passwords were correctly ingested; LastPass categories were displayed as folders in Bitwarden's main menu.
The browser extension is not installed automatically and needs to be added manually. That can be done on the Bitwarden website and takes mere seconds. Bitwarden takes inspiration from other proven methods here as well, and the browser extension is like a mini version of the desktop app. Bitwarden, however, equips it with more features than its competitors do. Via the extension, you can create new entries and have access to your entire vault. We like how Bitwarden lets users open the extension in a separate window.
Bitwarden might be new to the password manager market but it has learned from its more experienced competitors and incorporated the right things into its designs. Its apps are all intuitive to use, its features don't need any explanations, and even newcomers should be able to get started quickly.
Score: 4.7 / 5
User Interface & Ease of Use
There are three sections your password hub is divided into: the Web Vault, the desktop app, and the browser extension.
You'll need your Web Vault if you're looking for more specialized features you only need every now and then. This is where you'll find the aforementioned import function as well reports about the security of your passwords. Those features are reserved for premium users. Bitwarden slims down the dashboard of its desktop app by relegating some features to the Web Vault. It would be nice if there were a shortcut for easy switching between app and Web Vault.
Via the desktop app, you can manage your datasets and create new entries. It's nice to see that this feature isn't behind a paywall; the premium features are somewhere else anyway. The dashboard offers a straightforward no-frills user experience.
As we mentioned before, Bitwarden's browser extension comes with a bigger range of features than those of other apps. We really like how easy and uncomplicated it is to manually create new datasets. The ability to open the extension in a separate window is convenient as well. Users don't even have to open up the main app because almost every feature can be fond in its powerful mini version.
Bitwarden doesn't do distractions: Using its app is purposefully simple and nothing will distract from the password manager's core features. To guarantee that simplicity, some features are only available within the Web Vault. Users who use those features frequently might not like that. But the concept works: You will be able to use Bitwarden almost instantly. You won't be facing many problems and if you do, it doesn't take long to solve them.
Score: 5 / 5
Bitwarden doesn't deliver super-sophisticated features. The provider commits to its own core principle, no-fuss simplicity, with a feature package that provides the necessary basic abilities. Naturally, this entails a password generator that lets you create secure passwords and pass phrases and has the basic character settings.
In the settings, you can also set a PIN you can unlock your Bitwarden account with instead of a master password. You can also change the app's design with one of its many themes.
Sharing passwords works a little differently with Bitwarden. In the app's Web Vault, you can create so-called "Organizations"; in those shared vaults, you can deposit datasets that can be used together. Unfortunately, this additional feature isn't free. Other providers offer this standard feature free of charge. As administrator, you can create an organization for free, but you're limited to two users. Other options come with a monthly fee, starting at one US dollar per month.
The security features aren't part of Bitwarden's free versions, either. Only premium users have access to various password and account security features via the Web Vault. Paying customers receive reports about compromised, weak or reused passwords. Only the theft report is accessible to all users.
Bitwarden's regular login autofill feature leaves a good impression. The browser extension filled in the forms correctly on all tested websites. But that only applies to logins; bank data, for example, needs to be copy-and-paste'd from the vault into the correct form box. Bitwarden's autosave feature leaves a lot to be desired as well. Usually, a password manager's browser extension would throw up a small pop-up, asking whether the login information is to be saved. With Bitwarden, that feature has to be activated in the app's settings but even that didn't always help. The autosave feature just didn't really want to work on the websites we tested.
This is why you need to be careful when changing passwords: If the autosave feature doesn't work properly, you'll need to copy the passwords manually into your datasets so you don't lose them. In this regard, other passwords managers are much more reliable.
At first glance, Bitwarden covers the essential features but not everything that glitters is gold. Some features will cost you money even if you're already a premium user, and saving passwords automatically is such a crucial feature for a password manager that it should work flawlessly and reliably.
Score: 3.3 / 5
Bitwarden uses the AES 256-bit encryption standard which is considered to be uncrackable. Due to the Zero Knowledge principle, only you know your master password and not even Bitwarden has access to it.
The app also comes with two-factor authentication. Users of the free version can use authenticator apps such as Google Authenticator and Authy or verify a login via e-mail. Premium users have more options such as Yubikey and Duo Security.
At the end of 2018, Bitwarden was subject of an external security review by Cure53. No significant threats were found. Bitwarden's willingness to undergo such an audit shows that the developer doesn't take its users' security and privacy lightly.
Score: 4.7 / 5
Bitwarden's mobile app is very similar to its desktop client. On your main display, the vault, you'll find your datasets, folders and collections. You can switch to the password generator and settings via the menu.
Bitwarden doesn't offer an internal browser; datasets are opened in your regular browser. The autofill wasn't all too reliable on the browser, and the Bitwarden logo doesn't always show up where it's supposed to. In other apps, the autofill feature worked without any hiccups.
If you want to avoid constantly typing in your master password, you can unlock your mobile vault via PIN or fingerprint.
All things considered, the Bitwarden app does everything one might expect from their mobile companion even though the autofill feature doesn't always do what it's supposed to do.
Score: 4.3 / 5
If you need help in languages other than English, you're out of luck. Bitwarden's help center answers most FAQs; specific questions can also be asked in their forum. If you want to contact the developer directly, you can only do so via e-mail. There's no ticket system or live chat.
We sent Bitwarden some queries via e-mail and received an answer quicker than we'd expected. 11 hours on a Saturday, to be precise. Our customer service rep was quick and helpful, but, overall, Bitwarden's support system is a bit limited.
Score: 3.7 / 5
Bitwarden is very cheap: Its premium version which gives users access to additional security features, data storage and better support is cheaper in a year than what some password managers charge in a month. You do have to expect monthly costs if you want to use the app's sharing features. Businesses can use the app's special plans. The following table lists Bitwarden's current prices:
|Price per Month||$0.00||$0.83||$1.00|
|Price per User||-||-||-|
|Contract Period (month)||0||12||12|
|Number of Users||2||2||5|
|Number of Passwords||unlimited||unlimited||unlimited|
|Number of Devices||unlimited||unlimited||unlimited|
|Sync Multiple Devices|
|Only Local Storage|
|Two Factor Auth|
Cloud / SaaS
Cloud / SaaS
Cloud / SaaS
Some apps do a lot of things right. So much so that potential deal breakers feel even more egregious. It might not be a deal breaker per se, but Bitwarden's autofill and autosave features just aren't as reliable as and can't compete with the rest of the app's excellent functions. We really enjoyed the app and its easy-to-use interface. Bitwarden is secure, fast and intuitive, but its shortcomings can lead to frustrations in the long run.
The app is still quite young, especially its desktop versions, and current shortcomings might be fixed in future patches. We hope 8bit Solutions LLC spends some time on them because Bitwarden offers a very solid password manager at a low price.
How We Test
Bitwarden's browser extension was tested on Google Chrome and Microsoft Edge. The mobile application was tested on an Android device (version 8.1.0).