Bitwarden is an easy-to-use free password manager that is compatible with a wide range of web browsers, mobile apps, and networking sites. If you want maximum password security without straining your memory (or your wallet), then this free password manager is the right tool for you.
Having trouble remembering passwords? Well, you're not alone. Password security requires us to make uncrackable passwords, and when we forget these passwords, we are in deep trouble.
Some people use Google's password manager, but I have found that to be quite unsafe because anyone with access to my web browser can get access to see my passwords.
Then I switched to Bitwarden for safekeeping my passwords, and I'm enjoying their service a lot. It is the best free password manager because of the great features that it has for people who demand the tightest security on their apps and logins.
However, there are some drawbacks too. In this Bitwarden review, I'm going to talk all about it – the good and the bad.
Pros and Cons
- 100% free password manager with unlimited storage of unlimited logins
- Import passwords from other password managers
- Very easy to use due to being open source
- Provides MFA along with password security
- Maximum security is given to encrypted file storage
- A lot of additional features are available at a low cost
- User interface is not intuitive enough
- Security features only included on paid plans
- Not good with live customer support
- Vault doesn't allow customized items except for the built-in ones
- Desktop app doesn't have too many features on the free version
This is a premium open-source password manager that excels through the various features that it has. In this section, we're going into the details of said features to understand how exactly they will ease up your life.
Ease of Use
Many open-source applications are generally more complicated. They have a stiffer learning curve than apps with closed sources. However, Bitwarden stands out among other such open-source desktop apps through the usability and guidance that it provides to users.
You will be prompted to make a master password when you get started with Bitwarden. This password has to be unique so that it's difficult to guess even with the password hint that you assign to it.
Don't even dare to use weak or compromised passwords as the main password here, as that would create a security threat of paramount degrees.
The main password is the only one you need to remember in order to open all the apps and websites that you add to your Bitwarden password vault, so it's the central password, and forgetting this simply won't do!
You can change the password after you make it. Just go into the Web Vault of the Bitwarden app. Look at the navigation bar at the bottom, then choose Settings > Scroll down to Account > Change Master Password.
Caution: In order to change the master password, you need to insert your old password into the system. If you forget/lose your old password, then, unfortunately, it cannot be revived.
You have to delete your Bitwarden account and start a new one from scratch. You will be directed to the instructions for account deletion directly through the app.
Signing Up To Bitwarden
Signing up to Bitwarden is easy. This is the starting point of your journey with this password manager. You only have to follow a set of simple instructions.
There are three ways you can go. Login option is for users who already have an account, the sign up option is for brand new users.
And the enterprise sign-on option is for employees working together within an organization – in this case, you don't need to create a password of your own, but you have to acquire the password from your peers to get access to the enterprise vault.
Bitwarden will ask you to create a unique password (aka the main password). You cannot sign in through any other account.
Bitwarden has a standalone entrance, which gatekeeps your account and ensures that you can fully rely on this one password to log into all other sites, browsers, and apps that you add to your Bitwarden Vault.
Signing up with your phone is the easiest way to work with this password manager. Once you sign up with your email address and set a master password to create your Bitwarden, taking the app from your phone to your desktop becomes simple.
All you have to do is go into the inbox linked with the associated email address and click on the message you received from Bitwarden. From thereon, follow instructions to get the app on your desktop without any extra hassles. You're essentially just a few clicks away.
This is the email you will receive, just click on the blue login box, and you'll have the password manager active on your desktop.
For a more seamless user experience, please go into the app store, search for the Bitwarden extension and then add it to your browser. With the extension, you can get access to the password manager a lot more effortlessly.
In the desktop app, you will be provided with several forms that introduce you to the ways of the app. There will be information regarding the tie-ups between passwords and URLs/domains, etc.
Bitwarden has a filter for certain domain names that appear shady. To avoid phishing, Bitwarden lets you choose domains that it should avoid in order to keep your passwords and vaulted accounts safe.
If you go into Settings, you will see a fingerprint phrase. Click on it, and you will be given 5 random words that are hyphenated. These 5 words are permanently assigned to your account and will always appear in one specific order.
A fingerprint phrase looks like this: table-lion-minister-bottle-violet
The password manager uses such phrases to amp up your security. It establishes a unique identity for your account. You might need to use it to verify your account while potentially security-compromising operations are underway. This extra measure masks your account against midway threats during activities like sharing.
It is safe enough to share your fingerprint phrase when prompted. In fact, you will be specifically asked for your fingerprint phrase when you are adding a user to a Bitwarden enterprise account. If it matches with the end user's, then you will be allowed to join.
The fingerprint phrase puts a tighter sensor for end-to-end encryption to happen without being tampered with in the pathway.
Wide Range for Compatibility
You will get Bitwarden in three versions — app, desktop, and browser version.
Among these, the easiest and the most convenient for use is the web app version. It has flexibility and far-reaching accessibility.
You don't need to install the app on your desktop to use the web version, yet you will have access to all of its features, including the 2FA, organizational tools, reports, etc.
On the other hand, there are the desktop version and the browser version. Both of these have key features like password generation, and password addition enabled.
Bitwarden works perfectly well with Windows, macOS, Android, and Linux operators. It also works with browsers like Opera, Chrome, ChromeOS, Firefox, Safari, Edge, Internet Explorer and Firefox.
Password management is the key feature of Bitwarden. So free and premium users both get to reap its full benefits. Here's how you do it.
You can add new items (accounts and passwords) into your Vault by using both the web version and the mobile app version of this password manager. On the top right corner of the interface, you will see a ➕. Click on that, and you will see a form like this. Fill it up with relevant information, and then save your input.
Add all your accounts to the Vault. You can also add other items here by clicking on the drop-down menu under ‘What type of item is this?‘ and add what you need. Your other options are – cards, identity, and secure notes.
Predictable, weak, and reused passwords are a high-risk liability. But with Bitwarden's help, you don't have to go through the enormous effort of coming up with a memorable master password. It requires zero effort to use the secure password generator to come up with strict passwords that are completely random.
To get access to the password generator, enter Bitwarden through your mobile app or browser extension. Click on Generator to create new passwords that are completely uncrackable due to their randomness.
Customizable options are the same with the paid password manager and its free version. Take advantage of those — change the default password length, use the toggle switches to enable/disable certain characters, do whatever you want.
And don't worry about remembering this crazy password you created because Bitwarden will save it in the Vault for you.
With Bitwarden, you don't just autofill passwords, but you can fill forms as well!
But let us first mention that although form filling is a free feature, it's not available on all versions of Bitwarden. You can utilize form fillings only through the browser extension of this app.
The happy news is that form filling will add even more convenience to your life because of how seamlessly it works. Make your online dealings much easier by using Bitwarden to log in information from your cards and identities when creating new accounts on new platforms, doing transactions, and so on.
Auto Filling Passwords
Enable your Autofill by going into the settings of your phone. Once it is enabled, Bitwarden will fill in your saved passwords for you. No typing is necessary as long as autofill is enabled on the browser extensions.
We love this feature because it makes our logins effortless. Try it out! It's one of the key features of this great password manager.
On your phone, go to Settings > Passwords > Autofill Passwords. Make sure that Autofill Passwords is enabled. Then click on Bitwarden to enable Bitwarden's Autofill to help you out. You will get a pop-up like this:
Security and Privacy
Most password managers use the same encryption for data and passwords. But Bitwarden password manager is different.
Zero Knowledge Architecture
In cryptography applications, zero-knowledge is one of the most sophisticated systems of security. It is used in a fascinating range in fields of nuclear science to the protection of transactions through blockchain networks.
It is an encryption method that basically makes sure that none of your service providers know what data is being stored or transferred through Bitwarden's servers. This creates a safe channel for all your sensitive information, thus making it impossible for hackers to gain control of your accounts.
However, this zero-knowledge password manager has one drawback — if you consider it so.
Since it doesn't allow any mid-level storage of your data, if you lose or forget your unique password once then, there is no way to recover it. You cannot gain access to your Vault in any way without the password. In the case that you forget this password, you will be locked out of your account and will need to delete it.
Every message you send and receive has a unique code. Hashing a password or code means scrambling it to make it completely random and illegible.
Bitwarden uses its encryption technology to scramble the code for every message/data so that it turns into a set of random digits and letters before being sent out into servers. There is no practical way to reverse the scrambled data without the master password.
Many people say that a brute force search can reveal possible combinations of the code and thus help to unscramble data. However, this is not possible with Bitwarden because of the robust AES-CBC and PBKDF2 SHA-256 encryption that guards its gates.
ENEE AES-CBC 256-bit Encryption
AES-CBC is considered to be unbreakable even for brute force searches. Bitwarden uses its technology to protect the information in the Vault. This is a standard cryptographic system used at government levels to secure the most endangered data.
The key length for AES is 256 bits. 14 rounds of transformation on 256 bits create a large range of practically impossible ciphertexts to guess. Thus, it becomes resistant to brute force as well.
In order to reverse the large transformation on the ciphertext and make the text legible to an end-user, a unique password is required. This is how this end-to-end encryption protects data during transit. While at rest, the data remains ciphered until a password is put in to open the lock for the text to be unscrambled.
PBKDF2 – Decrypts Encrypted Message by Using Your Master Password
Bitwarden uses one-way hash functions to secure the encrypted message a second time before storing it in the database. PBKDF2 then uses iterations from the receiver's end and meshes that with the iterations on Bitwarden servers in order to reveal the message via a unique organizational key that is shared via RSA 2048.
And due to the single-ended hash function on the message, they cannot be reversed or cracked by third-party software. There is no other way to decrypt the message through PBKDF2 except by using the unique password.
2FA or two-factor authentication is a recovery method that ensures the safety of your account even if your unique password gets leaked in some way.
Bitwarden gives you five choices in 2FA. Two of these options are available in Bitwarden's free tier – authenticator app and email verification. The other three are only available to premium users.
So, premium 2FA options are Yubikey OTP Security Key, Duo, and FIDO2 WebAuthn. To find these options go into the web version of Bitwarden. From there go to Settings > Two-Step Login and follow instructions.
We recommend that you enable 2FA because that will tighten up your security parameters.
The main function of Bitwarden is to protect your data and privacy. For Bitwarden to get clearance on asking and storing your data, it had to be compliant with some standard rules set by the industry.
GDPR compliance is one of the most important clearances that all password managers have to acquire before commencing operations. It is a set of legal structures that set guidelines on the act of collecting and processing such delicate data from people in the EU.
Bitwarden also has compliance with EU SCCs, which ensures that your data will be protected even when it leaves the EEA and from the jurisdiction of the GDPR. So basically, this means that they will protect your data in EU and non-EU countries simultaneously.
Along with GDPR compliance, Bitwarden also has HIPAA compliance, Privacy Shield with EU-U.S. and Swiss-U.S. Frameworks, and CCPA.
Several third-party users have audited their open-source network of Bitwarden in security and penetration tests, and there have been several security audits and cryptographic analysis as well.
All findings have indicated the safety of Bitwarden as a password manager, so you can rely on its use to transfer all your delicate information.
Sharing and Collaboration
For safe sharing and safe collaborations with your teams and other individuals, use Bitwarden Send. This feature is available in free versions of the app, but the paid versions will let you share passwords with a larger audience.
You can share password-protected files, billing information, and business documents without compromising their encryption. Another great advantage of Bitwarden Send is that you can customize its features to incorporate external parameters.
Moreover, you can control whether you want the shared files to be deleted, expired, or disabled after a certain period of time. You can also choose the number of people who will have access to the files you shared.
Additionally, you can put a brand new temporary password on selected files so that they don't become accessible to every member of the team.
If you are a Bitwarden client, then you can use Bitwarden Send to avail all its advantages. It's available on browser extensions, web vault, and through CLI as well.
Free vs Premium plan
There are two basic categories in account type. One is personal, and the other is professional. Within the personal category, there are two types – individual and family (shared) account. In the business category, there are three types of accounts – individual, teams, and enterprise.
You can get trial runs on most types of Bitwarden accounts but not on all of them. To learn in more detail, read below.
The key features of the tool are available for free users. You are going to get maximum security, that is for sure. Some other free features are unlimited logins, unlimited password storage, unlimited storage of identities, cards, notes, access to Bitwarden through other devices, and the very useful password generation tool.
Premium users, on the other hand, get much more. There are two types of premium user accounts – one is Premium Individual, and the other is for Families.
Both premium accounts will have the same features, but the only special aspect about a Families account is that it lets you share your data with 5 more members. In terms of features, you will get everything that free users will get, plus more. Additional benefits you will get are the safety of 2FA, TOTP, emergency access, and attachments for files in encrypted storage.
Both types of premium Bitwarden users will have to pay yearly.
Bitwarden Business is particularly made for professionals to use.
There are three types of Bitwarden Business accounts — free, teams, and enterprise.
Free Bitwarden Business
On this type of account, you will get the same benefits that free Bitwarden personal accounts get. But in order to make it work for your organization, an extra feature has been added so that you can share your data with one other person from your organization.
Team accounts aren't free. This is a premium account, and unsurprisingly, it will have all the features that a premium account has. The only difference is that it lets an unlimited number of Bitwarden users into one account where each user is charged separately.
Also, since it is a business account, it has special additions like an API for event management, and event logging in order to help with team management.
This type of account is exactly the same as a Bitwarden Teams account. It has some additional features for collaborating with enterprises, such as SSO Authentication, Policy enforcement, a self-hosting option, etc.
NB: On premium Bitwarden business accounts, the bill can be paid monthly or yearly.
One great thing about inputting Bitwarden's login credentials is that it automatically inherits the pre-enabled biometric logins of your device.
For example, suppose your phone has face recognition. In that case, Bitwarden will automatically sync it up with your master password so that you don't even have to type the master password the next time you enter your Bitwarden Vault.
The face recognition/fingerprint recognition that has synced with your master password will readily open the app for you.
Vault Health Reports
This is a very useful feature of Bitwarden that checks the status of your security. However, it's not for the free version; it's only available on the paid version.
In order to get the vault health report, go to the Vault > Tools > Reports.
You will get several kinds of reports here. Let's discuss them in detail.
Report on Exposed Passwords
This one will tell you whether your password got sold on the dark web or got exposed in any data breach.
Reused Passwords Report
Using the same password for multiple platforms can compromise the safety of your accounts. So, this report will inspect your passwords and tell you whether any password has been used multiple times or not.
Weak Passwords Alert
All your passwords will be checked. You will be notified if you have any compromised passwords in your Vault. If you do, you will be prompted to generate passwords from scratch and replace the weak passwords.
Report on Unsecured Websites
This will let you know if you're visiting, signing up, or logging into any unverified website.
This report will let you know whether the 2FA you have put in place is working properly.
Data Breach Report
This one is an overall check and will let you know if any of your data (passwords, files, identities, etc.) has been breached.
You can use Bitwarden Free for an unlimited amount of time. If you're satisfied with the limited features available, then you do you. However, you can upgrade at any time.
Before upgrading to the paid versions, you can actually go for a trial run on all premium accounts except with the premium individual account. So, the trial period is available for premium families, premium teams, and premium enterprises for a duration of 7 days in total.
|Features||Personal Free||Premium Single||Premium Families|
|Number of users||1 max||1 max||6 max|
|Safe Storage for Logins, Identities, Cards, Notes||Unlimited||Unlimited||Unlimited|
|2FA||Via apps/ emails||Via apps/ emails, Yubikey, FIDO2, Duo||Via apps/ emails, Yubikey, FIDO2, Duo|
|Duo for Organizations|
|Attachments for Encrypted Files||1 GB||1 GB for each user + 1 GB for sharing|
|Admin Password Reset|
|Features||Business Free||Premium Business (Teams)||Premium Business (Enterprise)|
|Number of users||2 max||1- unlimited||1 – unlimited|
|Safe Storage for Logins, Identities, Cards, Notes||Unlimited||Unlimited||Unlimited|
|2FA||Via apps/ emails, Yubikey, FIDO2||Via apps/ emails, Yubikey, FIDO2||Via apps/ emails, Yubikey, FIDO2|
|Duo for Organizations||Yes||Yes|
|Attachments for Encrypted Files||1 GB for each user + 1 GB for sharing||1 GB for each user + 1 GB for sharing|
|Admin Password Reset||Yes|
Will Bitwarden notify me in case of a data breach?
No, they won't notify you. But you can find this out for yourself by going into the Vault > Tools > Data breach report to check.
Are open-source software systems better than the closed source?
Yes, open-source software like Bitwarden is often under more scrutiny and checkups; thus, they end up with tighter security. Also, they can offer more flexibility for cheaper rates.
What authenticator apps does Bitwarden use for its MFA?
Bitwarden uses FreeOTP, Authy, and Google Authenticator.
How many passwords can I store in Bitwarden Free?
You can store unlimited passwords on unlimited devices. The only catch is that it only supports 1 user.
Which version of Bitwarden works more seamlessly for auto-filling?
The Bitwarden mobile app can detect and sync passwords more readily than both its web version and the browser extension.
Does Bitwarden free have the emergency access feature?
No, you cannot use the emergency feature if you have a free account. However, someone with a premium account can still add you as their emergency contact. You don't need to be a paid user in order to be an emergency contact.
Bitwarden is the best password manager in town for both free and paid tiers. You can generate new passwords and encrypt your old passwords very safely here. The cross-platform availability of this app makes it incredibly accessible to users all across the globe.
The paid version of the app gives you much more than password protection, but Bitwarden's free plan isn't too bad either. All the core features of Bitwarden are available in the free tier so that you can get the full benefits of its top-notch security.
It uses two different encryption methods to encrypt your password and data individually so as to maximize the safety of all your sensitive information.
With the password sharing and collaboration systems of Bitwarden, you can easily set up temporary passwords to important files and send them over. Your permanent passwords won't get compromised in this way, but password sharing and limiting will still be possible.
Whether you need to be safer on an individual level or on a professional level, Bitwarden will give you adequate support. So try out the app and get rid of all your online stresses for the long run.
Just balancing things
My experience with Bitwarden makes me write a review here. For one, it is very affordable. It also has a free plan. Then, it has lots of features that worth considering. My only concern here is that the security features are not included on a free plan. Furthermore, the free plan is only for a single user. It's customer support is another issue.
Bitwarden works very well from small to large enterprise. It's fully loaded with awesome features for your benefits. You are also100% protected when it comes to privacy and security, It's also very affordable. Why not try it, now and you'll definitely stick to it for a lifetime!
Bitwarden is fairly neutral considering the pros and cons. Out of the good things in Bitwarden, comes a poor customer support and the security features are only included on its paid plans. Another thing is that losing the master password makes it difficult to access the Bitwarden vault.
For me who's always in search of freebies and free plans, I love Bitwarden for being 100% free. The features that come along with it are actually beneficial for my needs. I can't say more about it. I simply love it and thanks Bitwarden for being free!
Not Exactly for My Business
I'm running a highly confidential business and Bitwarden is not just the right one for me. I love its price and having a free plan. Yes, it's not equipped with advanced features necessary for keeping highly secured information and privacy intact and free from risks.
- Dashlane – Plans https://www.dashlane.com/plans
- Dashlane – I can’t log in to my account https://support.dashlane.com/hc/en-us/articles/202698981-I-can-t-log-in-to-my-Dashlane-account-I-may-have-forgotten-my-Master-Password
- Introduction to the Emergency feature https://support.dashlane.com/hc/en-us/articles/360008918919-Introduction-to-the-Emergency-feature
- Dashlane – Dark Web Monitoring FAQ https://support.dashlane.com/hc/en-us/articles/360000230240-Dark-Web-Monitoring-FAQ
- Dashlane – Features https://www.dashlane.com/features