4.6 out of 5 with 36 ratings

Bitwarden Reviews

A much better choice than Lastpass, but not the best choice overall

about Bitwarden · · Helpful Not helpful 58 Helpful Report as spam

Updated review: 2018-05-18


Bitwarden is, overall, the hands down best all-round password manager I know that will suit most people. Open source, fully-encryped (unlike LastPass), free or cheap, works on all OSes, supports 2-factor authentication, with a responsive developer. You just don't get that anywhere else. It's simply one of the best apps you can use to help you stay safe online.

(Disclosure: I don't have any affiliation with Bitwarden. I don't even know anyone involved. I just know how it works, what it does and how it can help the average user.)

The full version:

Password managers are essential and come in many different shapes and sizes. The best advice is to go with something that is open source, which the "big players" like LastPass, 1Password and Dashlane aren't. Open source software ensures a higher level of trust, and enables security flaws to be found much more quickly.

The Good:

BitWarden is open source, which is good for security and trustworthiness. However, like its closed-source competitors mentioned above, it syncs an encrypted version of your password library to a central server, so that your logins are available wherever you are. All you have to do is install a browser plugin, desktop app or phone app (Android and iOS). Additionally, it offers 2-factor authentication via mobile (or Yubikey for the paid version). One of the major advantages of BitWarden is that it encrypts your URLs (web addresses) whereas Lastpass does not (and I think 1Passwords doesn't either). If you use LastPass, this should alarm you profoundly: they can read which websites you have accounts with, how often you visit them, and that means this data can be subpoenad and used to profile you, which would be a violation of your privacy. (Remember: privacy and security aren't the same thing.)

Recent versions of Bitwarden have enabled the storage of credit card data, notes and - for the paid version - up to 1GB of attachments.

The Bad.

BitWarden is based in Florida, which puts it under US legal jurisdiction, which is far from ideal. Although it's open source, the data - in it's unreadable, encrypted format - is stored on Microsoft's "Azure" servers. That means the servers are probably well managed and secure, but if the data was asked for by federal agencies under National Security Letter or FISA laws, they would probably hand it over and tell you nothing about it. It would be encrypted, but they would still have a copy to attack in the future, if they wanted. If you're not a techie, it means this: your secrets would be protected by the best mathematics int the world ever, against the best minds the US government can buy today. Go figure. Ultimately, it's not a bad bet.

The fact that Bitwarden (and Lastpass, etc) store your data on a central server (whoever it belongs to), means there is a high-value target servers somewhere for hackers to target. This has been LastPass's perennial problem, and in the case of OneLogin, another related servers, an attack seems recently to have succeeded.

My advice

My advice for using password managers varies based on who my audience is:

  • If you are "all thumbs" at technology, or want something very simple, go for Encryptr. It will keep your passwords safe, sync them and it has an extremely easy interface that looks the same, whether you use Mac, Windows or Linux.

  • If you are "average" at technology, I think BitWarden is for you. It's every bit as easy to use (easier even, perhaps) than LastPass, more secure, more trustworthy and cheaper. What's not to like?

  • If you are a "techie", then it depends. If you want something super convenient, Bitwarden's service is the best option I've found to date (2018-05-18). If you're ultra-conscious about your security and privacy, then use a local database that you sync yourself (e.g. KeePassXC, which works with browser plugins on Windows, Mac and Linux). If this is you, then there's probably you can learn from me. But two tips: 1) KeepassXC is the best Keepass-compatible cross-platform client I've seen so far; 2) if you do sync your own database, I'd recommend against assuming you're safe from Dropbox, Google Drive, etc. just because your database is encrypted. It's still obvious (to them) that this is what you're syncing. Consider Cryptomator, Tresorit, Spideroak, Sync.com, or any other end-to-end encrypted service.

The remaining option is to host an instance of Bitwarden yourself. About that I have little to say, except: clearly, you will have to know what you're doing. But, if you think that an encrypted database is safe because it's encrypted (a successful hacker can't use it), then why not have it on MS Azure with Bitwarden's service? If you want to run it on your own server, then fine. But then you'll know, of course, that bots exist to knock on all the Raspberry Pi doors online, seeing what might be pried open. Up to you. I'll just say I'm glad that this option exists; you can't exactly run LastPass instances on your own, can you?

In all cases, avoid LastPass and 1Password like the plague. They will make your passwords more secure only up to a point, and your internet habits much less private.

2017-06-25 update: I have been testing BitWarden for the past couple of weeks. I am impressed by how much of the functionality of LastPass it can offer for such a young project. The developer is also responsive and has fixed a GUI bug I reported. He predicts addtitional features in the summer of 2017, including Yubikey for paying customers (same price as LastPass: $1/month). I would like to see Bitcoin as a payment option, but about this he says he is undecided.

Last update: 2018-05-18

[Edited by JohnFastman, May 18]


please update your review regarding the selfhostoption on bitwarden.

Yes, I'd also like clarification on this. BitWarden appears to offer self-hosting setup options now (and at no cost). Your insights on both BitWarden and KeePass have proven invaluable and I'd really appreciate your input here. Does BW still save an encrypted copy elsewhere? I'm curious to hear if the latest BW changes anything for you.

By popular request, I have updated my review.

May I ask you to review Myki Password manager?
I'm quite curious what you think of it.

about Bitwarden · · Helpful Not helpful 5 Helpful Report as spam

Bitwarden is simply better than Lastpass. It just feels easier to use, more accurate and far less fussy. I'd been using Lastpass for years until this came along. Plus, it's never been hacked like Lastpass had (repeatedly!) and it's Open Source which lends a confidence that Lastpass' closed source just can't match.

It's aslo ridiculously easy to switch across, FYI.

[Edited by Uraael, May 05]


about Bitwarden · · Helpful Not helpful 5 Helpful Report as spam

Great open-source alternative, especially with bitwarden-ruby for self-hosting.


about Bitwarden · · Helpful Not helpful 4 Helpful Report as spam

Cheap and a good alternative to 1Password or LastPass


  • development speed (rarely new features)
  • ugly user interface (reminds me of some 1999 software)
  • desktop client is just a wrapper of the limited web client (e.g. drag'n drop not supported)
  • lacks basic features, e.g. setting custom icons is missing
  • not possible to see active sessions
  • No encrypted backup possible. All Bitwardens offers is an export in plain text.

I am currently in the process of migrating from 1PW to Bitwarden, even paid for the pro account almost a year ago since I wanted to support the 1 guy project Bitwarden (who doesn't trust a pilot?)
but reading their latest blog post https://blog.bitwarden.com/bitwarden-in-2020-410d9149e3d5 .... it makes it sound like Kyle has no more full control. So I doubt I will stay with Bitwarden and probably - with tears in my eyes - switch back to 1Password (also known as the app who has more support and marketing employees than customers) :-(

[Edited by JustSomeUser, February 22]


about Bitwarden · · Helpful Not helpful 4 Helpful Report as spam

Easy to use, clean design, open source and cheaper than competitors. It can also be installed on many different platforms.


about Bitwarden · · Helpful Not helpful 5 Helpful Report as spam

Used tons of password managers. A few Keepass versions, Enpass, SafeInCloud, Lastpass etc. but Bitwarden is my favorite.

The pricing (if needed) is also very attractive and affordable.

The only thing I am missing is a feature in the mobile and desktop app to clear the clipboard after xy seconds. But all in all I can not say anything bad about this service. I also contacted the support / dev a few times and always got an friendly answer within one day.

I can recommend it.

[Edited by 520_604ncyqg8p91, March 14]
Edit// The latest update on the desktop version includes a feature for clearing the clipboard after xy seconds. Still using it and are still very satisfied with it.


about Bitwarden · · Helpful Not helpful 5 Helpful Report as spam

I have premium accounts on both. "Which one is more trustworthy?" Lastpass is the most popular, and LogMeIn is behind it, which as a well established company, they care about their reputation and customers, so they won't try to take away your trust.

Bitwarden is a new company, made by one guy. The big difference is that Bitwarden is Open Source, so anyone can check and audit the code. Not only that, you can take such software and implement it on your local server at not cost. Since they're a new company, they also don't want to loss your trust, they depend on their initial customer base.

Both have my trust. I believe both try their best to keep my data safe. But if you're talking about security issues, I think Bitwarden is better. I know for sure that Lastpass devs are either lazy or don't have enough resources to update their software. The plugins feel outdated, they're slow, and they have a lot of bugs. As you mention, they already had some security problems. I think it has to be expected, because the popularity of the platform. Also consider that these vulnerabilities, while allowed hackers to get data from lastpass accounts, they couldn't do much with it, because the data was encrypted.

Bitwarden, in the other hand, is Open Source, so anyone can check for bugs, report them, and the development is more transparent. The developer seems to be more active, and the software feels faster, well made, and stable.

So, my bet is for Bitwarden. Give it a try, the premium features are nice (like getting two-factor-authentication directly on your Bitwarden plugin) and is cheaper.

Source : https://www.reddit.com/r/Android/comments/7mex7b/lastpass_android_authenticator_app_is_not_secure/


about Bitwarden · · Helpful Not helpful 3 Helpful Report as spam

Bitwarden is just awesome compared to any paid alternative, and most probably the best pass-manager in 2019. You get encrypted logins, notes, IDs, Cards, a powerful pass-generator, option to auto-fill, browser and Android integration... all them for free. However, i donĀ“t think they really needed to ask users to be premium for including attachments in their vaults (for example), which as a Keepass former user i consider a basic function, and nothing compared to the rest of benefits of upgrading to premium. Anyway, Bitwarden is yest one the very best pass-managers out there.


about Bitwarden · · Helpful Not helpful 3 Helpful Report as spam

It's open-source (unlike LastPass) and offers better UX than KeePass.


about Bitwarden · · 1 Helpful Report as spam

Has the same ease of use and functionality of LastPass while also being open source!


about Bitwarden · · Helpful Not helpful 1 Helpful Report as spam

Open Source, Linux desktop app and reliable.


about Bitwarden · · Helpful Not helpful 1 Helpful Report as spam

best for passwords
on iOS, chrome, firefox


about Bitwarden · · Helpful Not helpful 1 Helpful Report as spam

Works well, is cross-platform, integrates with all the browsers I use and generally is pretty good. I moved from 1Password when they started pushing their subscription service and have been pretty happy.

The main reason it only gets 4 stars from me is that I don't like that I have to sync with a central server. I much prefer being about to use iCloud or Dropbox, like I could with 1Password.

A couple of grumps:

  • It's quite slow opening up compared to 1Password
  • It doesn't support attachments in the free version (fair enough)

Overall great value, good features, and the best option available I know of.


about Bitwarden · · Helpful Not helpful 1 Helpful Report as spam

Free, Open Source, Safe. It's a lifesaver, like Lastpass. Easy to import passwords from there as well as to save them. I didn't switch to keepass because I prefer my passwords to be in the cloud rather than stored on local devices. The passwords on this are encrypted before they leave the device. Recomend for people who are privacy conscience who are making the switch from Lastpass.