Free password managers usually have important limitations that power you to improve to a paid tier. Bitwarden, in contrast, is an open-source password supervisor with a free plan that is beneficiant sufficient for many customers. For no value in any respect, it consists of username information breach monitoring and superior multi-factor authentication choices along with extra commonplace password supervisor duties. That mentioned, in our newest spherical of testing, Bitwarden’s browser extension failed our web site form-filling assessments, and competing providers have improved significantly, main us to decrease the right five-star rating from our earlier analysis to a still-excellent 4. Proton Go edges previous Bitwarden with smoother kind filling and extra options like e mail alias creation to earn our Editors’ Alternative award without spending a dime password managers.
How A lot Does Bitwarden Price?
Bitwarden’s free plan consists of assist for as much as two folks. Because of this along with the core features of a password supervisor, you additionally get passkey and password storage throughout limitless units on a number of platforms, username information breach scanning, and the choice to run a Bitwarden server software in your community.
That mentioned, Bitwarden’s once-stellar free tier is rather less spectacular than a few of the competitors now, and that is primarily as a result of rivals stepped as much as the problem. For instance, a free Proton Go plan now consists of useful options similar to in-app e mail alias creation, credential hygiene monitoring, and superior multi-factor authentication choices.
Shrinking free tiers seems to be an trade development, as different password managers whittle away at their free service menus or eschew free providers altogether in favor of prolonged free trials. Keeper is an instance of the latter, because it provides you 30 days to strive its sturdy assortment of Premium providers without spending a dime. NordPass now limits free prospects to at least one account on a single system with out information breach scanning or password hygiene alerts, making Bitwarden’s free tier appear beneficiant.
Although the free account is not as enticing because it as soon as was, a Bitwarden Premium plan remains to be a superb worth at $10 yearly. Premium provides file storage (as much as 1GB), emergency entry, password hygiene studies, and expanded sharing choices. A Household account prices $40 per yr and consists of all of the Free and Premium options whereas including assist for as much as six folks. It’s also possible to create limitless Organizations for simple information sharing between accounts.
Different password managers cost considerably extra for his or her premium providers than Bitwarden’s $10-per-year plan. For instance, Keeper is $34.99 per yr, and 1Password and Proton Go are $35.88 per yr.
Getting Began With Bitwarden
(Credit score: Bitwarden/PCMag)
Bitwarden is obtainable as Android and iOS apps, and there are desktop apps for Linux, macOS, and Home windows. Bitwarden gives extensions for all kinds of browsers: Courageous, Chrome, DuckDuckGo, Edge, Firefox, Opera, Safari, Tor, and Vivaldi. It is the longest record of supported browsers I’ve seen whereas testing password managers, which is spectacular. Not one of the plans restrict you to a sure quantity or sort of platform.
You may join an account by visiting the web site, getting into your e mail deal with, and creating a robust grasp password when prompted. After creating an account, I like to recommend downloading one among Bitwarden’s browser extensions as a result of the touchdown web page for every one features a brief tutorial that will help you import your passwords and familiarize your self with the password supervisor’s internet vault.
(Credit score: Bitwarden/PCMag)
After exploring the browser extension and internet vault, it’s possible you’ll wish to tweak the browser extension’s auto-filling settings. Citing safety considerations, Bitwarden doesn’t autofill credentials on web page load for each browser or each web site. You will must manually allow this sort of auto-filling by visiting the Settings menu within the browser extension. Relying on the browser, it’s possible you’ll must additionally go to the browser’s settings menu to show off the built-in password supervisor in order that it does not override Bitwarden.
When you’re completed establishing your browser extension, it is time to import passwords out of your outdated password supervisor or browser to your new Bitwarden vault. Bitwarden imports information from many apps, however the very lengthy record consists of lots of defunct apps. For instance, Myki, a free password supervisor, shut down in March of 2022, but it’s nonetheless on Bitwarden’s importing record. If you cannot discover your outdated password supervisor, add your credentials as a .csv file.
Every time it is time to transfer on from Bitwarden, the app gives three choices for exporting your vault: JSON, JSON (encrypted), and CSV. The encrypted choice makes use of the identical encryption as your vault, which suggests that you must use the identical key to decrypt it if you import it once more.
Out of your internet vault, you may create Collections, which let you separate your credentials and different vault gadgets. For instance, if you wish to hold your work and private credentials separate, you’d create a Assortment simply in your work-related logins and different information and provides it a Work label.
Easy Methods to Bear in mind Insanely Safe Passwords
Bitwarden on Knowledge Privateness
Earlier than I evaluation and check a password supervisor, I ship a listing of inquiries to the corporate to inquire about its privateness and safety practices. Customers must have loads of details about the businesses dealing with their information. I’ve included Bitwarden’s responses to my questions beneath.
Has your organization ever had a safety breach?
No, Bitwarden has not had a safety breach.
What unencrypted info does the password supervisor retailer in buyer vaults?
All info sorts inside consumer vaults, together with usernames, passwords, URLs, and safe notes, are encrypted. Bitwarden employs zero-knowledge end-to-end encryption, such that the corporate can’t see nor entry any saved info inside particular person or enterprise vaults. This ensures that every one delicate information is protected upon entry to any Bitwarden shopper. There isn’t any unencrypted vault information.
What’s the firm’s coverage concerning grasp passwords?
Customers ought to select a robust and distinctive predominant password and make sure it’s memorable or saved in a protected place. Bitwarden can’t entry prospects’ vault information as a consequence of end-to-end encryption, nor can the corporate assist a person recuperate the contents of their vault in the event that they lose their predominant password.
Enterprise directors might activate the primary password necessities coverage, which can implement a configurable set of minimal necessities for customers’ predominant password energy, similar to complexity, size, and character sorts. Turning on the account restoration administration coverage permits house owners and admins to reset the primary password of enrolled customers.
For particular person customers, Bitwarden strongly urges {that a} predominant password be:
-
Distinctive, that means it’s not used for another account.
-
Memorable or written down the place it may be solely discovered by the consumer.
-
Utilizing a passphrase is one widespread answer. Sturdy and sophisticated, with 14+ random characters.
What’s the firm’s coverage concerning consumer information assortment and information gross sales?
Bitwarden minimizes the information required to run its service and doesn’t promote customers’ personal info. Bitwarden focuses on safety with a privacy-friendly strategy and doesn’t depend on customers to be an viewers for promoting. The Bitwarden enterprise mannequin focuses on paid Groups and Enterprise enterprise plans.
How does your organization defend buyer information?
To guard consumer information, Bitwarden makes use of end-to-end AES-CBC 256 bit encryption, salted hashing, and zero-knowledge encryption, that means Bitwarden can’t see customers’ vault contents. Bitwarden makes use of two key-derivation features, PBKDF2 SHA-256 in addition to Argon2 for unlocking encrypted vaults. Bitwarden additional protects all buyer information within the cloud with multifactor encryption. Bitwarden additionally undergoes common third-party audits and complies with AICPA SOC2 Kind 2 / Privateness Defend, GDPR, and CCPA laws.
How does your organization reply to requests for consumer info from governments and legislation enforcement?
Bitwarden is unable to entry to customers’ vaults in an unencrypted state
What sort of buyer assist choices does your organization supply and the way straightforward is it to cancel a subscription / delete a consumer account?
All paying Bitwarden prospects obtain precedence assist
The Bitwarden app and web site characteristic a strong Assist Middle with intensive documentation. Customers can also submit inquiries to the shopper success staff through bitwarden.com/assist or leverage the Bitwarden neighborhood discussion board. All MSPs obtain precedence assist from the 24/7 buyer assist staff.
Private and group subscriptions might be canceled within the internet app at any time. Deleting a Bitwarden account or group completely deletes the account or group and all information that’s related to it. Bitwarden doesn’t “comfortable delete” any information.
After reviewing Bitwarden’s privateness coverage, I did not discover main inconsistencies with the solutions offered above by the corporate. The privateness coverage states that Bitwarden will adjust to legislation enforcement requests for private info as a result of it is info prospects present after they join the service. The information categorized as “private info” differs out of your vault information, which the corporate can’t entry.
I encourage you to learn the privateness insurance policies earlier than putting in new apps to be taught extra about how firms accumulate, promote, or retailer their information. Solely you may resolve how snug you might be with information assortment and the way firms use your information.
Bitwarden’s Authentication Choices and Safety Options
(Credit score: Bitwarden/PCMag)
Subsequent, let’s focus on your multi-factor authentication (MFA) methodology with Bitwarden. By enabling the passwordless login characteristic, you may log into your vault with out a password. The characteristic, which was in beta on the time of evaluation, requires utilizing a {hardware} safety key or biometrics as a substitute of a username and password mixture.
What Is Two-Issue Authentication?
To arrange MFA, go to the Two-Step Login part of your Bitwarden account settings menu and select to authenticate your id every time you log in utilizing a trusted e mail deal with, an authenticator app, or your units’ biometrics. Organising Bitwarden’s MFA with an authenticator app is easy; simply snap the QR code along with your authenticator app of alternative, and also you’re able to go. Premium accounts can authenticate utilizing Duo Safety or Yubikey {hardware} safety keys.
Like Enpass, Bitwarden’s paid plans enable the password supervisor to function an authenticator, producing the required TOTP and routinely filling it in when wanted. To set it up, paste the MFA authentication code right into a password entry’s Authenticator Key (TOTP) part.
Safety Options
(Credit score: Bitwarden/PCMag)
As talked about above, you want a Premium account to examine your vault’s password hygiene, which isn’t true for different free password managers. Avira Password Supervisor and Proton Go enable free prospects to entry credential well being info, whereas information breach alerts are restricted to paying prospects. Bitwarden is the other since you may examine particular person emails and usernames for information breach exercise without spending a dime, which is useful. Bitwarden’s breach monitor supplies details about when the breach occurred and what information was compromised in every incident. Bitwarden Premium and Households accounts can examine their credentials to seek out and alter reused or weak passwords in vaults.
Bitwarden’s password hygiene monitoring characteristic can generate six studies: Uncovered Passwords, Reused Passwords, Weak Passwords, Unsecured Web sites, Inactive 2FA, and Knowledge Breaches. Uncovered passwords are these which have been uncovered in identified information breaches. Reused and weak passwords are self-explanatory. Bitwarden treats any linked URLs in your vault that do not use TLS/SSL encryption as unsecured. The Inactive 2FA report identifies websites in your vault that assist multi-factor authentication however for which you haven’t linked a TOTP code in Bitwarden.
Fingers On With Bitwarden
I examined Bitwarden utilizing the Android app, Chrome and Edge browser extensions, internet vault, and Home windows app.
Net Vault and Home windows App
(Credit score: Bitwarden/PCMag)
Bitwarden’s shopper for Home windows has a easy blue-and-white vault interface. Alongside the left rail, you may entry 4 totally different information sorts: Login, Card, Id, and Safe Observe. Login is the place your passwords reside, bank cards are within the Card part, Id is for addresses and cellphone numbers you generally enter across the internet, and Safe Observe is for textual content information you wish to hold personal.
The Bitwarden internet vault appears much like the Home windows shopper. Nonetheless, many extra choices alongside the left rail embrace alternatives to make use of options similar to Bitwarden Ship, entry password studies, and alter your account settings. To entry an internet site with the credentials you imported to your vault, click on on the merchandise, select Launch from the drop-down menu, and Bitwarden will take you to the web site to log in.
Browser Extensions
(Credit score: Bitwarden/PCMag)
The Bitwarden browser extensions lately acquired a welcome interface replace, modernizing the graphics and making the structure extra intuitive. Within the Look part, you may modify the extension window additional by enabling a compact model.
The extensions for Chrome and Edge labored as anticipated in testing. After tweaking the auto-fill settings and disabling Chrome’s built-in password supervisor, I may entry my passwords and log in to the check accounts with none issues. Capturing present logins I did not import into the vault additionally labored as anticipated.
You need to use a generated e mail alias to signal into accounts. The setup course of is much more sophisticated than the in-app e mail alias generator present in Proton Go, and you will must arrange an account with an exterior supplier like FastMail or SimpleLogin.
Password and Username Turbines
(Credit score: Bitwarden/PCMag)
By default, Bitwarden’s password generator creates passwords containing uppercase and lowercase letters and digits however not particular characters. I strongly advise checking the field so as to add particular characters since many websites require them.
The generator can generate passwords from 5 to 128 characters lengthy, nevertheless it defaults to 14. I counsel growing the size to twenty characters or extra. It’s also possible to create passphrases as much as 20 phrases in size. You may view your complete password historical past by visiting the View menu on the prime of the app window and clicking Password Historical past.
It’s also possible to use the username generator to create new usernames for social platforms similar to Reddit or X. When creating a brand new account, click on the Bitwarden image within the username textual content field, then select the choice to generate a username.
Kind-Filling Efficiency
(Credit score: Bitwarden/PCMag)
Bitwarden shops three varieties of private information gadgets: Playing cards, Identities, and Safe Notes. For every bank card, you file the cardboard quantity, cardholder title, expiration dates, and CCV. Every Id is a group of non-public information, together with your title, e mail, and cellphone quantity. It isn’t the cornucopia of knowledge saved by RoboForm, however you may create extra customized fields if you wish to save extra private info in your vault. It’s also possible to save textual content within the Safe Observe part of the vault. You give every be aware a reputation after which paste or sort your notes within the textual content area.
If you would like Bitwarden to fill out a kind, you ought to be capable of click on the extension button after which select the specified id or bank card. Whereas utilizing the extensions for Google Chrome and Microsoft Edge, I tried to fill in my Id information on two of the websites I take advantage of to check different password managers. Bitwarden did not fill within the applicable information varieties every time, which affected its rating.
Credential Sharing Choices
(Credit score: Bitwarden/PCMag)
If it’s a must to share credentials, you need the method to be easy and safe. Bitwarden gives two strategies: Bitwarden Ship and through Organizations. Of the accessible choices, Bitwarden Ship is way simpler to arrange and use.
With Bitwarden Ship, you may cross alongside an encrypted hyperlink to anybody (even individuals who don’t use Bitwarden) utilizing no matter communication methodology you like. Through the setup for a Ship, you may specify an expiration date, a deletion date, and a most entry restrict, plus arrange a password. Bitwarden Premium subscribers can share information and texts utilizing Bitwarden Ship. Free prospects can solely share textual content.
Organizations work slightly in another way. You do not use the Group sharing choices to share particular person credentials or textual content with different prospects immediately. As a substitute, you create an Group in your account, invite different folks to that Group, and share a Assortment with them. Bitwarden Households account holders can share credentials with as much as six different account members utilizing Organizations.
Free and Premium account holders can create two Collections. In the event you subscribe to the Household plan, you may create limitless Collections. The purpose of the Assortment system is to allow you to share totally different passwords with totally different group members. This sharing setup is finest for enterprise prospects, and it is organized in a really “company” method. There are three different ranges of entry inside an Group: the Admin, Supervisor, and Person, however these distinctions matter would matter extra in a enterprise setting. Suppose you are utilizing Organizations to share credentials with your loved ones. In that case, all that you must know is you could restrict every individual’s entry to particular Collections or set the credential entry to read-only. In the event you’re sharing with a associate, it is smart to present them full entry. If the share is extra one-sided, maybe with a baby, Person entry in read-only mode might be finest.
Emergency Entry Choices
(Credit score: Bitwarden/PCMag)
Bitwarden gives a manner for paid account holders handy over entry to their vaults in an emergency. The proprietor can approve entry manually or set a date for when the vault shall be accessible by the emergency contact. Notably, solely Premium prospects and better can ship emergency entry requests, however folks on the free plan might be designated recipients. Upon having access to the vault, Emergency entry contacts both get read-only entry or full management of the vault, relying on the settings.
Passkey Help
Bitwarden can create and handle passkeys. In the event you set Bitwarden as your passkey supplier in your system’s Settings menu, the app can generate and use passkeys. This perform works on cellular units and browsers.
Bitwarden Cellular App Expertise
For cellular system testing, I used Bitwarden’s app on an Android system. The cellular app labored as anticipated and consists of the features discovered within the browser extensions.
(Credit score: Bitwarden/PCMag)
You need to use Bitwarden as an authenticator app to safe your on-line accounts with a second layer of encryption. As with the browser extensions, you will must fiddle with the auto-filling settings inside the app and in your system to get the app to fill in your credentials routinely. It is a problem I’ve encountered when testing different password supervisor apps, and simple to repair. To get to Bitwarden’s platform settings tutorials, head to the Settings menu, select ‘Auto-fill,’ then faucet ‘Password auto-fill’ to seek out directions for altering your system settings for optimum password supervisor efficiency.
Is Bitwarden Good for Enterprise?
Bitwarden’s password managers for groups and enterprise organizations are choices for small enterprise house owners searching for safe credential storage. The worth is $48 per yr per worker for a Groups subscription and $72 per yr for every account for an Enterprise subscription. The enterprise choices are dearer than NordPass’ related Groups plan, which is $23.88 per worker annually, or the Marketing strategy, which is $47.88 per account yearly.
Single sign-on (SSO) is obtainable and eliminates the necessity for a number of usernames and passwords, nevertheless it has dangers. If an attacker will get SSO credentials, they’ll entry all related purposes. Enterprise Bitwarden accounts embrace a passwordless login choice to stop these hacks. You may confirm your identification utilizing a passkey, the Duo Cellular app, SMS, a cellphone name, or a U2F safety key. When an worker leaves the group, Admin account holders can take away staff members from the enterprise vault.
Bitwarden makes it straightforward for workers to entry enterprise passwords by importing them right into a enterprise vault separate from their worker vault. As well as, you may create Collections of passwords to share with particular worker teams or your entire firm. Enterprise accounts embrace limitless sharing capabilities with the Collections characteristic.
Bitwarden’s Buyer Service Choices
Bitwarden doesn’t supply reside chat or cellphone assist. As a substitute, the corporate supplies troubleshooting help through the sturdy Assist Middle web page. In the event you need assistance from a human, you may fill out the contact kind. Paying prospects get precedence e mail assist.
Is It Straightforward to Delete Your Bitwarden Account?
(Credit score: Bitwarden/PCMag)
In the event you’re a paid subscriber and also you wish to downgrade to a free account, remember that you will lose the flexibility to authenticate your id utilizing a {hardware} safety key, Bitwarden’s 2FA code generator will cease working, you will not be capable of add file attachments (any beforehand saved information stay in your vault), and you’ll’t add any new emergency entry contacts. In contrast to Proton Go, Bitwarden doesn’t supply credit score for unused subscription time.
In testing, I had no bother deleting my Bitwarden account from the net app’s Settings menu. Uninstalling the apps and browser extensions from my units was additionally straightforward.
Verdict: Bitwarden Is a Cut price
Bitwarden works throughout platforms, permits limitless password storage, and gives passkey assist, username information breach monitoring, and superior multi-factor authentication. The open-source app is often audited by third-party safety researchers, which ought to carry you peace of thoughts when trusting the corporate along with your credentials. That mentioned, we have dropped Bitwarden’s beforehand good five-star rating to 4. However as a substitute of pondering of it as a drop, take into account this rating change a recalibration. Different firms stepped up their recreation, producing free and reasonably priced credential administration apps that function extra easily than Bitwarden. Proton Go is our Editors’ Alternative as a result of it gives complete free password administration with flawless performance and fascinating options similar to in-app e mail alias era, alias inboxes, complete darkish internet monitoring, and password hygiene reporting.
Like What You are Studying?
This text might include promoting, offers, or affiliate hyperlinks.
By clicking the button, you verify you might be 16+ and conform to our
Phrases of Use and
Privateness Coverage.
You might unsubscribe from the newsletters at any time.
About Kim Key
Senior Safety Analyst
Learn the most recent from Kim Key
