Bitwarden is the easiest and safest way to store your logins and passwords across all of your devices (iOS, Android, Chrome, Firefox, Opera, Windows, Mac, Linux, and mor...
- Freemium • Open Source
- Password Manager
- Android Tablet
- Microsoft Edge
- Vivaldi Browser
- Google Chrome
- Microsoft SQL Server
- Tor Browser Bundle
- Apple Watch
What is Bitwarden?
Bitwarden is the easiest and safest way to store all of your logins and passwords while conveniently keeping them synced between all of your devices.
Password theft is a serious problem. The websites and apps that you use are under attack every day. Security breaches occur and your passwords are stolen. When you reuse the same passwords across apps and websites hackers can easily access your email, bank, and other important accounts.
Security experts recommend that you use a different, randomly generated password for every account that you create. But how do you manage all those passwords? Bitwarden makes it easy for you to create, store, and access your passwords.
Bitwarden stores all of your logins in an encrypted vault that syncs across all of your devices. Since it's fully encrypted before it ever leaves your device, only you have access to your data. Not even the team at Bitwarden can read your data, even if we wanted to. Your data is sealed with AES-256 bit encryption, salted hashing, and PBKDF2 SHA-256.
Bitwarden is 100% open source software. The source code for Bitwarden is hosted on GitHub and everyone is free to review, audit, and contribute to the Bitwarden codebase.
- Cloud Sync
- Two-factor Authentication
- Dark Mode
- FIDO U2F (2FA) support
- End-to-End Encryption
- Password Sharing
- Works Offline
- Biometric Authentication
- Browser integration
- Password encryption
- Password Generator
- Android Sync
- Security focused
- Multiplatform Export
- Team Collaboration
- Real-time sync
- Password Migration
- Authy integration
- On-premises software
- Microsoft Edge extension
- Team accounts
- Easy Measurements
- Opera extension
- Source code history
- AES Encryption
- Cross browser support
- Passwords stored in text-file
- Protected by Password
- Encrypted Notes
- Catalan; Valencian
- Norwegian Bokmål
- 4.66 avg rating
Comments and Reviews
- Password Manager
- Firefox Extension
- Google Chrome Extension
Updated review: 2018-05-18
Bitwarden is, overall, the hands down best all-round password manager I know that will suit most people. Open source, fully-encryped (unlike LastPass), free or cheap, works on all OSes, supports 2-factor authentication, with a responsive developer. You just don't get that anywhere else. It's simply one of the best apps you can use to help you stay safe online.
(Disclosure: I don't have any affiliation with Bitwarden. I don't even know anyone involved. I just know how it works, what it does and how it can help the average user.)
The full version:
Password managers are essential and come in many different shapes and sizes. The best advice is to go with something that is open source, which the "big players" like LastPass, 1Password and Dashlane aren't. Open source software ensures a higher level of trust, and enables security flaws to be found much more quickly.
BitWarden is open source, which is good for security and trustworthiness. However, like its closed-source competitors mentioned above, it syncs an encrypted version of your password library to a central server, so that your logins are available wherever you are. All you have to do is install a browser plugin, desktop app or phone app (Android and iOS). Additionally, it offers 2-factor authentication via mobile (or Yubikey for the paid version). One of the major advantages of BitWarden is that it encrypts your URLs (web addresses) whereas Lastpass does not (and I think 1Passwords doesn't either). If you use LastPass, this should alarm you profoundly: they can read which websites you have accounts with, how often you visit them, and that means this data can be subpoenad and used to profile you, which would be a violation of your privacy. (Remember: privacy and security aren't the same thing.)
Recent versions of Bitwarden have enabled the storage of credit card data, notes and - for the paid version - up to 1GB of attachments.
BitWarden is based in Florida, which puts it under US legal jurisdiction, which is far from ideal. Although it's open source, the data - in it's unreadable, encrypted format - is stored on Microsoft's "Azure" servers. That means the servers are probably well managed and secure, but if the data was asked for by federal agencies under National Security Letter or FISA laws, they would probably hand it over and tell you nothing about it. It would be encrypted, but they would still have a copy to attack in the future, if they wanted. If you're not a techie, it means this: your secrets would be protected by the best mathematics int the world ever, against the best minds the US government can buy today. Go figure. Ultimately, it's not a bad bet.
The fact that Bitwarden (and Lastpass, etc) store your data on a central server (whoever it belongs to), means there is a high-value target servers somewhere for hackers to target. This has been LastPass's perennial problem, and in the case of OneLogin, another related servers, an attack seems recently to have succeeded.
My advice for using password managers varies based on who my audience is:
If you are "all thumbs" at technology, or want something very simple, go for Encryptr. It will keep your passwords safe, sync them and it has an extremely easy interface that looks the same, whether you use Mac, Windows or Linux.
If you are "average" at technology, I think BitWarden is for you. It's every bit as easy to use (easier even, perhaps) than LastPass, more secure, more trustworthy and cheaper. What's not to like?
If you are a "techie", then it depends. If you want something super convenient, Bitwarden's service is the best option I've found to date (2018-05-18). If you're ultra-conscious about your security and privacy, then use a local database that you sync yourself (e.g. KeePassXC, which works with browser plugins on Windows, Mac and Linux). If this is you, then there's probably you can learn from me. But two tips: 1) KeepassXC is the best Keepass-compatible cross-platform client I've seen so far; 2) if you do sync your own database, I'd recommend against assuming you're safe from Dropbox, Google Drive, etc. just because your database is encrypted. It's still obvious (to them) that this is what you're syncing. Consider Cryptomator, Tresorit, Spideroak, Sync.com, or any other end-to-end encrypted service.
The remaining option is to host an instance of Bitwarden yourself. About that I have little to say, except: clearly, you will have to know what you're doing. But, if you think that an encrypted database is safe because it's encrypted (a successful hacker can't use it), then why not have it on MS Azure with Bitwarden's service? If you want to run it on your own server, then fine. But then you'll know, of course, that bots exist to knock on all the Raspberry Pi doors online, seeing what might be pried open. Up to you. I'll just say I'm glad that this option exists; you can't exactly run LastPass instances on your own, can you?
In all cases, avoid LastPass and 1Password like the plague. They will make your passwords more secure only up to a point, and your internet habits much less private.
2017-06-25 update: I have been testing BitWarden for the past couple of weeks. I am impressed by how much of the functionality of LastPass it can offer for such a young project. The developer is also responsive and has fixed a GUI bug I reported. He predicts addtitional features in the summer of 2017, including Yubikey for paying customers (same price as LastPass: $1/month). I would like to see Bitcoin as a payment option, but about this he says he is undecided.
Last update: 2018-05-18
[Edited by JohnFastman, May 18]
please update your review regarding the selfhostoption on bitwarden.
Reply written ago
Yes, I'd also like clarification on this. BitWarden appears to offer self-hosting setup options now (and at no cost). Your insights on both BitWarden and KeePass have proven invaluable and I'd really appreciate your input here. Does BW still save an encrypted copy elsewhere? I'm curious to hear if the latest BW changes anything for you.
Reply written ago
By popular request, I have updated my review.
Reply written ago
May I ask you to review Myki Password manager? I'm quite curious what you think of it.
Reply written ago
Bitwarden is simply better than Lastpass. It just feels easier to use, more accurate and far less fussy. I'd been using Lastpass for years until this came along. Plus, it's never been hacked like Lastpass had (repeatedly!) and it's Open Source which lends a confidence that Lastpass' closed source just can't match.
It's aslo ridiculously easy to switch across, FYI.
[Edited by Uraael, May 05]
Really glad I switched to Bitwarden before Lastpass records were hacked.
I'd really like Bitwarden to make it easier to sign in, I miss the one click on the icon to auto-fill. Granted I've not really looked into it since searching for a solution when I first switched over so maybe they've fixed that.
I also would like being able to create a folder or if I was them skip the whole "folder" categorisation and switch to a tagging system.
Best of them all
The best password manager you will ever use. Tried all the free ones there is no comparison and in terms of trust and security there is nothing that can beat Bitwarden.
Much preferred very useful to keep track of all my passwords really neat
Simply the best password manager currently—it surpasses its competitors on nearly every conceivable metric. I used to use 1Password 4 before they went to a subscription model so I tried swapping to KeePass, but it was so cumbersome to get set up with plugins/integration. I found then Bitwarden and it’s so good I’ve never even considered using anything else.