Bitwarden password manager review
-
Inga Valiaugaitė
Writer
If you're looking for a secure solution to store all your passwords, Bitwarden might be a good choice. This password manager is open-source, it keeps all your credentials in an encrypted vault, protected by a master password. It also offers apps for desktop and mobile, including web and command-line interfaces.
Even though it's built with zero-knowledge encryption architecture and has some good features, it might not be the best password manager out there. Simply put, Bitwarden's auto-filling feature is not user-friendly and is inconvenient. Plus, the data is stored in a country that belongs to a data surveillance alliance. Therefore, after our thorough testing, Bitwarden seems to fall behind our top-class password managers and lacks some user-focused functionalities as well as privacy.
Alternatively, there are plenty of other high-quality password managers, such as NordPass, that ensure effortless auto-filling as well as top-class data protection, security, and privacy.
However, can Bitwarden be a valid replacement for some of the best password managers out there?
Continue reading to find out. In this Bitwarden review, we’ll find out by going through its features to reveal the good and point out areas this tool could improve to come closer to the competition.
| ⭐ Rating: | |
| 🥇 Overall rank: | #10 out of #15 |
| 💵 Price: | From $0.83/month |
| ✂️ Free version: | Yes |
| 🌐 Browser extensions: | Chrome, Firefox, Edge, Opera |
| 🔥 Coupons: | Bitwarden Coupon 53% OFF |
Bitwarden pros and cons
What is Bitwarden?
Bitwarden is an open-source password management tool that lets you generate, sync, manage, consolidate, and share all of your passwords in one place. It implements the industry-leading security – strong AES-256 encryption, 2FA, zero-knowledge architecture, and its security is regularly audited by third-party firms and researchers.
This password manager is known to be a solid password manager with a free version and can be either cloud-hosted or self-hosted. It securely syncs passwords across all of the platforms – Windows, macOS, Linux, Android, iOS, command line, web, as well as all the major browsers.
Is Bitwarden safe?
Yes, Bitwarden is safe. This open-source password manager uses the industry standard encrypted vault that implements AES-256 encryption to store all your passwords, which is protected by a single long master password. Bitwarden’s software security is regularly audited by third-party security firms and independent researchers. On top of that, Bitwarden implements zero-knowledge architecture, two-factor authentication, and a master password, which only the user can decrypt.
Bitwarden’s servers only receive already hashed versions of your email and password, which are hashed again when the data is transmitted and only then stored on their safe databases. The process is repeated every time you’re logging in.
The hash functions are one-way only, meaning no one at Bitwarden could reverse-engineer them into your actual master password. These data pieces would also be virtually useless to hackers should anyone breach Microsoft Azure servers.
Bitwarden’s source code is available online, which means it gets reviewed by lots of developers. The scrutiny helps Bitwarden patch security holes, making this one of the safest password managers. For example, their open-source nature helped Bitwarden remove unconstrained third-party JavaScripts that were a serious vulnerability.
Bitwarden encryption
Your other passwords stored in the vault are encrypted on the device with the military-grade AES-256 cipher. The encryption key is derived from your master password, which is held on Bitwarden's servers in a (heavily) hashed form. Encrypted data in the vault includes login, card, identity information, and more. Even folder names are encrypted.
Because the data is end-to-end encrypted, it is incomprehensible even to Bitwarden employees. In the unlikely event of a data breach, the information would also be useless to hackers because it would be impossible to reverse-engineer stored passwords from the cryptographic hashes.
When you're authenticating with the Bitwarden cloud (or your self-hosted server), a copy of the encrypted data is downloaded and stored on your device. The data is only decrypted when in use and stored in RAM only. The service never stores any plaintext data on their servers or even on your local devices, showing just how safe Bitwarden is.
Only certain bits of your information aren't encrypted. This includes your name (if you provided it), organization, billing email, and the like.
Have a look at our guide on how password managers work to learn about other password encryption methods that are being employed by other services.
Bitwarden third-party security audits
In November 2018, Bitwarden passed a thorough third-party security audit and cryptographic analysis by Cure53. All findings were carefully considered and Bitwarden officially listed the actions they had taken or were planning to take to solve any identified security vulnerabilities. The assessment included not only Bitwarden applications but also their backend server systems.
Bitwarden also completed a security assessment and penetration test by the Insight Risk Consulting auditing firm. The audit identified no major security issues. There were some moderate issues, but they were also patched out in one of the Bitwarden server security updates.
Aside from established agencies, Bitwarden is constantly audited by willing developers, because their software is open-source and available for everyone to inspect on GitHub. As a matter of fact, the company has a public bug bounty profile on HackerOne.
Adding all these things together, I can say that Bitwarden is one of the most transparent cybersecurity companies out there. They have a great business privacy and security approach. An open-source password manager with a couple of known issues is certainly much better than a closed-source one with loads of problems, just waiting for some hacker to find them before everyone else does.
Data compliance
As stated in their Terms of Service page, Bitwarden Inc. is located in the United States of America – not a privacy friendly jurisdiction. The recent changes to the Patriot Act don't bode well either.
However, as we've established, even if Bitwarden handed over the data stored on their servers, no one could decrypt it. There's no meaningful data they hold on you. Plus, most password managers developers are located in the US, with only a few exceptions, such as Enpass or NordPass.
On their product page, Bitwarden also states that they meet GDPR, Privacy Shield, and CCPA regulations. This means that they assure you they're handling your data in compliance with these regulations.
Has Bitwarden been hacked?
No, there have been no Bitwarden security breaches or hacks. Even if someone hacks Bitwarden, your data will still be secure and useless to the hacker. Because of the one-way salted hashing and other cryptographic measures, your data would remain safely encrypted even if a hacker seized their server.
Of course, it's always possible to initiate a social engineering attack or install a keylogger to your PC through malware – no system is completely safe from human error. However, should a hacker attempt to find out your master password, if you have 2FA enabled, he would also need your 2FA code.
In short, there are too many hoops the attacker would have to jump through to make a successful attack on Bitwarden. As long as your master password is unique and strong enough, you can be calm about your passwords ending up in the wrong hands. It would be much more useful to attack services with worse security credentials.
How does Bitwarden work?
Bitwarden stores all the data in the Microsoft Azure Cloud. It uses AES-CBC 256-bit encryption for the vault data, and PBKDF2 SHA-256 to derive the encryption key.
Bitwarden always encrypts your data on your device before uploading and storing it in the cloud. The encryption is based on zero-knowledge which means that only the user is capable of decrypting his/her data.
Bitwarden also provides the option to encrypt and store files locally on your device. Decrypted data is stored in memory and never written to persistent storage.
And you also can store the data on your own server on Windows, MacOS, and Linux.
Self-hosted vs cloud-hosted
Self-hosted option in Bitwarden means that you are allowed to deploy the entire password manager system on your hardware. In other words, you use your own server.
Cloud-hosted is when you install and access it on a server over the Internet that is owned by a third party organization. If you want to self-host a software, you’ll need to put in quite a lot of effort and time - from setuping the server, maintaining it, making sure it is secure. All of this is automatically included in the cloud-hosting.
On the other hand, in self-hosting you have full control over the server, while in cloud-hosting you have limited control over the infrastructure. Speaking about security, technically, Bitwarden servers are more of a target for bad actors than your own server. But you must really know what you’re doing in order to make your server as safe as Bitwarden’s.
And in case public Bitwarden’s servers face a security breach, your server will be isolated and unaffected. Although, having in mind that everything is encrypted in Bitwarden, even in the case of hacking their cloud servers, your data would be safe, because only you have a capability to decrypt it.
Bitwarden features
BItwarden is a feature-packed password management tool that has most of the functionalities a single user needs to keep their passwords and all sorts of credentials safe. The free version of Bitwarden doesn’t restrict you to any numbers of entries of passwords or devices.
Premium plans offer more sophisticated features, such as TOTP (time-based one-time password) authenticator and generator. But let’s take a closer look at what features Bitwarden offers.
Vault health and security breach reports
Premium Bitwarden users' vaults have a variety of built-in monitoring tools. The tools range from generated reports to up-to-date information about the latest data breaches. The reports are always generated locally, so this is not a privacy threat.
Here are the types of reports that you could expect.
Password reusing report
If you use the same password/email combination on many accounts, you're digging yourself a hole. In cases of data breaches, such data can easily leak online. Hackers, using your trusty combination, could even get into the sites that have pretty solid security measures in place. So, it takes one site to become compromised to allow the hackers access to all your other accounts. This report will help you to identify cases of the same password reuse to avoid such cybersecurity catastrophes.
Password strength report
With the increasing processing power of computers, your weak passwords are a real security threat. Almost any modern device has enough force to brute force the weakest of them. Instances like "123456" and "password" are too common. They are among the most popular passwords. Pretty much all automated tools for password guessing will try to run the most popular passwords before generating all possible combinations. With Bitwarden's weak password reports, you'll be able to isolate all such examples in your vault.
Unsecure websites report
Although it's rare, there are still sites that are using HTTP instead of HTTPS. It's an older Hypertext Transfer Protocol used for transmitting data over a network. However, it's unencrypted, and if you're visiting such sites, this raises the risk that your connection might be intercepted or monitored by malicious individuals. Bitwarden's report will indicate whether you're using a safer protocol.
Breached databases report
The dark web is full of shady individuals selling and sharing accounts compromised during the data breaches. The goods news, these dealings are not above monitoring. This means that if one of the hacker forums would fill up with an offer to sell compromised accounts, you will be notified about the data breach before it gets on the news. You'll know as soon as the information gets out, that something isn't right. It allows you to take immediate action and change your password.
Bitwarden auto-fill
You can use Bitwarden to auto-fill your vault logins on the web or other apps. It will help to share your password across devices and will save you a lot of typing if you want to use unique and complex passwords.
If you're using browser extensions, the Bitwarden icon in the toolbar will display the count of login entries that match the site. It isn't limited to passwords. It can also include your ID, addresses, and other information that you could want to be filled in automatically.
However, auto-filling with Bitwarden is a bit inconvenient. It doesn’t suggest filling your login credentials straight into the login page. Instead, you have to open Bitwarden’s extension and choose credentials for the specific website.
If auto-filling from an extension seems like a burden, Keeper password manager provides a much more seamless auto-filling process. One click, and you’re logged in!
Try KeeperPassword generator
Bitwarden password generator allows you to generate not only passwords but usernames as well. You’re given a lot of options to optimize your credentials. You can check whether it should or shouldn’t include upper case/lower case letters, numbers, or special characters.
Additionally, you can choose the length, minimum numbers, and minimum special characters of your password or username. All of this helps create an unhackable password without having to remember it.
Emergency access
Bitwarden’s Emergency access feature is beneficial in case of critical circumstances. This includes getting into an accident, passing away, and so on. But this is also a great way to recover your account in case you lose your master password.
This feature uses encryption/decryption and public key exchange to provide your emergency contact with permission to access your vault. Depending on the access level you’ve given, your emergency contact can either view/read your login credentials or create a new master password for your vault.
Emergency contacts must be Bitwarden users, however, they don’t need to have a premium plan.
Fingerprint phrases
Bitwarden uses accounts that are identified with a uniquely generated five word string. This assists in securely identifying other users for sharing vault entries. When adding a new user, you can always verify them via their fingerprint phrase rather than some additional arbitrary information. It dramatically reduces the risk that your connections will be tampered and helps to reveal impersonators.
Password sharing
If you run a small organization, there could be thousands of accounts that you'd like to share among your teammates. Google sheets aren't the safest nor the most efficient way to do it. Bitwarden could allow you to share the credentials among users discreetly and using autofill form. It could significantly save your time.
Face ID and touch ID
Face ID and Touch ID are iOS biometric features (fingerprint unlock and face unlock for Android respectively). They are also supported on Windows via Facial Recognition (if the hardware meets the requirements) and for MacOS via Touch ID. These features can only unlock your vault when you are already logged into the Bitwarden system. As the names suggest, it unlocks your vault either by using your fingerprint or face recognition.
Bitwarden Send
The Bitwarden’s Send feature lets you share encrypted data with another person. The data sent is end-to-end encrypted and Bitwarden cannot see the contents of it. You can share a file or a text via Send Link. There are several useful security parameters:
- A deletion date. When your Send data is permanently deleted.
- An expiration date. When the Send Link is no longer active.
- A maximum access count. Users won’t have access anymore once the count is reached
- An optional password for the Send link.
- A disable option. To remove the ability to access the Send link.
Plans and pricing
Bitwarden has flexible pricing options, including a free-forever plan, a premium and family subscriptions. So you can enjoy the basics for free or opt for more advanced features as well as more licenses.
Here’s how the plans stack up against each other:
| Free account | Premium account | Families organization | |
| Price | Free | $0.83/month | $3.33/month |
| Number of licenses | 1 | 1 | 6 |
| Unlimited passwords | ✅ | ✅ | ✅ |
| Unlimited devices | ✅ | ✅ | ✅ |
| Two-factor-authentication | Email, authentication app | Email, authentication app, YubiKey, FIDO2, Duo | Email, authentication app, YubiKey, FIDO2, Duo |
| Bitwarden Authenticator (TOTP) | ❌ | ✅ | ✅ |
| Encrypted file attachments | ❌ | 1GB for personal items | 1GB for each – professional and personal items |
| Emergency access | ❌ | ✅ | ✅ |
| Organizations (shared vaults) | 2 users, 2 collections | 2 users, 2 collections | 6 users, unlimited collections |
| Priority support | ❌ | ✅ | ✅ |
Bitwarden Premium will cost you just $10 per year, and should you choose to opt-in for the Family Sharing package, it would only cost you $1/month for up to 6 users. Considering that other password managers like Dashlane will charge you $59.99 per year, this is a great deal.
The Premium edition isn't noticeably different from the free version. It installs the same native apps on Windows, macOS, iOS, Android, and Linux, unblocking the features that were locked out in the Free version.
A family plan will only be useful if you want to share entries with more than one person. That is if you both need some passwords that you want to keep private from the other parties, and you also need a shared library with more than two shared folders.
It’s also worth noting that the Family Organization plan comes with a free 7-day trial, so you don’t have to instantly commit to it long term.
Bitwarden password manager setup
Most users will be installing a native Bitwarden app that's available on Windows, macOS, iOS, Android, and Linux. There are also browser extensions for Chrome, Firefox, Edge, Opera, and some less popular picks. This means you get a wide selection of how you can access your stored credentials.
Aside from the easy-to-install applications, it's also possible to install Bitwarden on your server. Whether it makes sense from a security standpoint, it's for you to decide. Still, it's doable on Linux, macOS, and Windows machines via an array of Docker containers.
Password importing
What if you're already using some other password manager and want to switch it out for Bitwarden? Does it mean that you'll manually have to reenter all your passwords? Nope, there's no need for that. Bitwarden has an import function from plenty of other services.
Depending on which password manager you're using, your route might be different. Still, generally speaking, you'll have to export files from your current provider and upload it to Bitwarden, which will then encrypt and instantly add them to a vault.
For personal accounts:
Log into your web vault and navigate to Tools > Import Data. Detailed instructions for importing files from each source will be displayed after choosing the particular file format from the dropdown menu.
For organization accounts:
Managing organization accounts works the same way. You'll need to log into the vault and enter the organization admin area and then go to Tools > Import Data. More detailed information will also be shown after choosing a particular format.
Even when importing large volumes of data, the import procedure is relatively quick (just don't forget to delete all the unencrypted password exports). If recovered by hackers, these files can compromise all your accounts.
Platforms and extensions
Setting up Bitwarden is really simple and quick. All you have to do is create an account, and you’re good to go. That is unless you choose to get the browser extension as well.
In terms of compatibility, Bitwarden gets a huge plus. It's excellent that its developers thought of this in advance and didn't lock any platform out.
Here's a full list of the platforms that support Bitwarden:
- Web interface that's accessible from any browser
- Browser extensions available for Chrome, Firefox, Edge, Brave, Opera, and more
- Desktop apps for Windows, macOS, and Linux
- Mobile apps for iOS and Android
- Command-line interface (Windows, macOS, Linux)
Each option is similar, however, they all have their differences. For instance, the web app is the most extensive in terms of features. Meanwhile, you can’t import passwords or enable 2FA on desktop apps, which isn’t very convenient. Plus, you can only autofill credentials through browser extensions.
So, Bitwarden isn’t the most convenient or user-friendly password manager, but it does offer very organized interfaces.
Let’s dive into what each option offers.
Bitwarden mobile apps
Bitwarden has apps on both iOS and Android. We found that they’re very easy to use. Everything is neatly sectioned at the bottom of the screen. The main window is your vault, then there’s also the Bitwarden Send feature, password generator, and settings.
In the Settings section, there’s even a tutorial on how to set up your mobile device to autofill passwords using Bitwarden. However, while there’s a password importing button, it transfers you to guides on how to import passwords on the web app.
Web app
The web application is accessible through the Bitwarden website. It provides the most comprehensible management option for Bitwarden vault administration. You can manage your personal vault, organization vaults where you're added, and other account information settings. It's also possible to manage bulk operations via checkboxes.
From there, you're able to create Folders for your personal vault and Collections within organization vaults. Whatever you need to create, the management process is really quick, taking barely a few clicks, and we experienced no issues with it.
However, it does take some time to find what you’re looking for. For instance, it took a while to find the password importing section. But from there, I had no issues with password importing. All I had to do was select the format of the import file, choose the file, and click “Import data.”
One thing that wasn’t pleasant was the auto-filling feature. I had to open the browser extension to fill in the password, which was quite annoying to say the least. So Bitwarden could use some improvements on this part.
Bitwarden for desktop
The desktop application can be useful when web browsing isn't an option or it's just more convenient through the app. It's also perfect for storing particularly sensitive information like bank account numbers and credit cards.
The desktop apps are very similar to the web app, yet they’re a little more limited. Setting up multi-factor authentication or importing passwords is only available on the web app. The same goes for Bitwarden’s security reports.
Among each other, the desktop apps look identical on all three operating systems – Windows, macOS, and Linux. Each of them has the same features and design, so if you're using the Windows version and decide to move to macOS, you'll scarcely notice a difference.
Browser extensions
A browser extension for password managers is convenient considering most of our accounts are online. Bitwarden's add-ons for browsers have a lot more differences from one another. There’s extensions for some of the least supported browsers. So your experience will significantly depend on your browser.
For example, the Firefox add-on has a persistent sidebar but Chrome does not. This might translate into different user interface decisions down the line. If you're switching browsers, don’t expect that the add-ons you were using before will look or feel the same way.
More importantly, this could translate to safety issues associated with your browser rather than the safety of the add-on. For example, after the most recent Microsoft Edge update, its Bitwarden extension works with hiccups.
No matter which one you pick, all of the add-ons will allow you to do essentially the same things that are possible on apps – generate passwords and autofill credentials. At the same time, customization options will largely depend on the browser you pick.
Command-line interface
For the true DIY-spirited, Bitwarden offers a full-featured command-line interface (CLI) that you can access your vault through. Every feature that you can use on the web, apps, and extensions, you can also use through CLI. It's not chained to any particular platform – you can use it on Windows, macOS, and Linux distributions.
While it may not be handy for the more common users, administrators will love the possible integration between Bitwarden and other identity management systems. This means that if your IT personnel is tech-savvy enough, you could probably integrate Bitwarden's password manager vault within your organization's internal infrastructure. Plus, it allows you to tweak the UI, adding custom interfaces. If there's one thing that you'll remember, know that with CLI, the sky's the limit.
Customer support
How you find Bitwarden's customer support largely depends on your account type. If you're a free user, you might expect some frustration, but if you have a Premium plan, you can expect priority queues. Even then, Bitwarden doesn't shine.
The only option to contact support is via email. It's nice to see that the responses are from real human beings and not automated. You could contact support via Bitwarden's social media sites – they have a subreddit and a Twitter page. However, replying to user queries, they mostly direct users to the help page or ask to contact via email.
In many cases, Bitwarden's community forum is your best bet to get help in a timely fashion. There are plenty of users who share their workarounds and solutions, with developers sometimes joining in to give a tip. It's also a place to request features that you'd like to see implemented in Bitwarden. All in all, Bitwarden's customer support could be improved, but it's not a dealbreaker, either.
Video review
If you’re not much of a reader and prefer visual learning, click on the video below to watch our Bitwarden review on YouTube.
Best password manager alternatives to Bitwarden
If you're not intimidated by the proprietary software, there are some good options among these providers, too.
NordPass
| Cloud storage: | 3 GB (with NordLocker app) |
| Free version: | Yes |
| Browser plugins: | Chrome, Firefox, Safari, Opera, Brave, Vivaldi, and Edge |
| Coupons: | 🔥Get NordPass, now 52% OFF and 1 month FREE!🔥 |
NordPass is a very streamlined password manager. But its pretty UI isn't the only thing that might be appealing to you. It uses more modern XChaCha20 encryption, which is even harder to crack than AES-256. Plus, their apps were independently audited, which adds transparency even if the software is proprietary.
Still, you'll be able to automatically save and autofill passwords. Not only that, your vault is accessible from any device that you're using. So, even if you have iPhone but using a PC, you will have your credentials at hand at all times.
Read more: NordPass review
Keeper
| Cloud storage: | 5 GB |
| Free version: | No, 30-day free trial |
| Browser plugins: | Chrome, Firefox, Opera, Edge, Internet Explorer |
| Coupons: | 🔥Get 50% OFF Keeper Unlimited and Family plans!🔥 |
Keeper is a very solid password manager that implements a zero-knowledge approach. To put it simply, your data is encrypted on your device rather than a server, so it’s only accessible for your eyes only.
Keeper also comes with plenty of two-factor authentication options as well as the Breach Watch which checks for your stolen passwords. There’s also the KeeperChat feature – a secure messaging app that guarantees complete privacy. So, with this password manager, you can seamlessly make your every day online life much more secure and private.
Read more: Keeper review
Is Bitwarden worth it?
Bitwarden is one of the most trustworthy open-source password managers that’s great for personal use and great for organizations. It offers a comprehensive free version and affordable premium plans and has everything it takes to secure and share your credentials.
Yet, Bitwarden’s auto-filling feature is not the best solution a password manager can offer. There’s no one-click filling option, as you have to access everything through the browser extension. Additionally, the desktop apps aren’t as convenient as they don’t offer as many features as the web application.
Our Bitwarden review shows that there are many things that this password manager does right, yet there’s also quite a lot of room for improvement.
Best password manager deals this week:
Other password manager reviews from Cybernews:
Dashlane review: comprehensive and user-friendly password management tool
NordPass review: features, pricing and why we recommend it
Enpass review: safe and minimalistic password management solution
LastPass review: still among the most popular password managers
FAQ
Is Bitwarden secure?
Bitwarden is one of the most secure password managers around. Its source code is freely available online to anyone, and such public scrutiny helps Bitwarden to quickly fix any security issues. Moreover, Bitwarden is frequently audited by third-party digital security auditors as well as independent researchers.
Finally, this password manager encrypts your data end-to-end using the AES 256-bit cipher. It means that a brute-force attack (trying all possible combinations) would take so long that only the grandchildren of the hacker have a remote chance of cracking your master password. Your Master password is even safer, as it is hashed using PBKDF2 SHA256.
Is Bitwarden better than LastPass?
Comparing LastPass and Bitwarden is hard because the former is entirely cloud-based. In any case, LastPass is a good password manager – it has a great set of features, even if you use a free version. After all, there's a reason why this product is found in most lists of the best premium and free password managers. What you would need to keep in mind is that LastPass has recently been hacked.
What platforms does Bitwarden support?
Bitwarden is available on Windows, macOS, and Linux. It also offers mobile apps for Android and iOS users. When it comes to browser extensions, you can install Bitwarden add-ons for Chrome, Firefox, Edge, Opera, Vivaldi, Brave, and Tor Browser.
What information does Bitwarden encrypt?
All information stored in your vault, including credit cards, secure notes, IDs, folders, and attached files, is protected by end-to-end encryption. The only information about you that's not encrypted is your billing email, name, and organization.
How to use Bitwarden?
Using Bitwarden password manager is easy. It has apps for all popular desktop and mobile platforms, including Linux, as well as Chrome, Firefox, and Opera. You can even access your vault straight from Bitwarden's website.
After installation, you can import your existing data from other password managers or browsers. Alternatively, you can start adding logins, credit cards, IDs, and secure notes from scratch. And the best part – Bitwarden has a great free version, meaning you don't have to spend a dime to protect your information.
Can Bitwarden see my passwords?
Just like any zero-knowledge password manager, Bitwarden can't see your passwords or anything else that's in your vault. It receives already hashed account names and passwords without the means to reverse-engineer them. What's more, all of your data is encrypted using military-grade cipher and brute-forcing it would take a lifetime of a Greenland shark, or even more. Finally, Bitwarden is used to third-party audits that check for security vulnerabilities and embraces an open-source technology model that leaves no secrets behind the doors.
Has Bitwarden been hacked?
No, Bitwarden has never been hacked. Even by any change a password manager would be hacked, all of your data is encrypted with zero-knowledge architecture, which means that Bitwarden does not have a decryption key to your data and the hackers wouldn’t be able to access it.
How does Bitwarden make money?
Bitwarden profits from its multiple paid tools, integrations, and premium plans, such as Business Teams Organization and Enterprise Organization plans. In a nutshell, Bitwarden gets the entirety of its revenue from subscriptions.
Does Bitwarden have a VPN?
No, Bitwarden currently doesn’t have a built-in VPN.
What is Bitwarden used for?
Bitwarden is mainly used to sync and consolidate all the passwords using one vault. This password management tool allows you to generate and manage powerful passwords to boost online security. Besides, it offers other useful tools like password sharing, breach monitoring, and more.
Is Bitwarden free?
Yes, Bitwarden has a full-featured free version for use. It offers unlimited password storage on unlimited devices, as well as unlimited password sharing and other useful features. Bitwarden’s premium subscriptions include more advanced functionalities, like 2FA, Bitwarden Authenticator, health reports, and more.
Comments
There is some read-only offline access if the file was recently opened and you are "logged in".
If you are completely offline, even if you have the files synced locally, you may not be able to access them because you have to log in on their server.
The same issue would be if their server is down.
I would personally like to sync the credentials easier, but I would like to have 100% access to my passwords, even if their server is down or I am somewhere without internet.
The second point: adding a password/secret when you don't have Internet (or the connection is not that good) should be possible too.
How secure is the import process? Your article suggests that the logins and passwords exported from another program are uploaded to Bitwarden servers and ONLY THEN encrypted and stored to the vault. This looks to me as a major security issue, especially because the import can only be done through their website, i.e., there is no control over what it does with the data.
As far as the Safari extension. I’m not sure what’s stopping from releasing it through the Mac App Store. That’s standard procedure for most Safari extensions. All it takes an Apple Developer account and the cost is not prohibitive.
This should be more upfront in this review as it is a deal breaker for many people.
“Safari now limits Safari App Extension use to only those obtained through Mac App Store downloads. As of Q1 2021, users will not be able to use a Bitwarden Safari App Extension obtained through a .dmg installation from bitwarden.com/download or any other non-App Store source.”
So, eventually, you will have to use their app instead of an extension.
you can deploy Bitwarden on Windows, macOS, and Linux machines. You’ll need Docker and Docker Compose (it might come with your default Docker installation, so double-check that you have it). You can get the installation id and key from here.
Then, there’s also the recommended minimum system requirements for the server:
Processor: 2 GHz dual-core
Memory: 4 GB RAM
Storage: 25 GB
Docker: Engine 19+ and Compose 1.24+
You can also self-host although that takes a little work to setup.
Your email address will not be published. Required fields are marked