Many free password managers have annoying limitations that power most individuals to improve to a paid tier—not Bitwarden. The free model of this open-source password supervisor doesn’t limit you to a sure variety of entries or stop you from syncing your vault throughout all of your gadgets. Even the paid model, which provides a number of high-end safety and sharing capabilities, could be very reasonably priced. Our important complaints with Bitwarden are that the Premium tier presents little or no encrypted cupboard space by default, and that it had hassle mechanically capturing and filling credentials on sure pages in our testing. These points however, Bitwarden wins an Editors’ Alternative award for the free password supervisor class, alongside MyKi. Nonetheless, if you wish to pay for a password supervisor, different merchandise supply a extra seamless and complex expertise, albeit at an elevated value.
How A lot Does Bitwarden Price?
Bitwarden presents three plans on the client degree: Free, Premium, and Household. The Free tier means that you can sync a vast variety of vault objects throughout a vast variety of gadgets, plus features a password generator, one-to-one textual content sharing (sharing text-based entries with a single individual at a time), and the choice to self-host. Not many different free password managers are as restriction-free. Myki Password Supervisor & Authenticator additionally would not have many limitations.
Once you improve to Bitwarden’s $10-per-year Premium tier, you get assist for enhanced two-factor authentication strategies, password vault reporting and evaluation, and the flexibility to mechanically log into websites that use TOTP-style authentication. You additionally get 1GB of encrypted storage for recordsdata and file-sharing capabilities, in addition to emergency entry options. In the event you want extra storage, every extra gigabyte prices $4 per 12 months. The $40-per-year Household Group tier will get you six Premium licenses, precedence buyer assist, and the choice to make use of the Organizations sharing instrument.
Enterprise clients can select between three plans: Free Group, Groups Group ($3 per 30 days per person), and Enterprise Group ($5 per individual per 30 days).
Bitwarden presents native apps for Home windows (together with a Microsoft Retailer app), macOS, Linux, Android, and iOS. Its browser extension helps the anticipated Chrome, Edge, Firefox, Opera, and Safari, in addition to the less-common Vivaldi, Courageous, and Tor Browser. Not one of the plans restrict you to a sure quantity or sort of platforms.
A number of different password managers supply free and paid tiers, too. Nonetheless, their free tiers are typically extra restricted, and their paid tiers are normally costlier.
LastPass, for instance, additionally presents Free, Premium ($36 per 12 months), and Households ($48 per 12 months) tiers. LastPass Free was roughly similar to Bitwarden’s free version because it didn’t place any limitations on the variety of passwords you would retailer, although it just lately made customers select between utilizing it on desktop computer systems and cell phones, which severely limits its utility. A LastPass premium plan removes that device-syncing limitation, plus provides one-to-many sharing, 1GB of cloud storage, account and password safety monitoring, superior multifactor authentication choices, and emergency entry options. The Households subscription will get you six Premium licenses as nicely.
NordPass presents an analogous lineup of plans with a special set of limitations for the free plan. Its free tier means that you can retailer a vast variety of passwords, however prevents you from signing in to the identical account on multiple machine at a time. That you must pay for the Premium tier ($59.88 per 12 months) for password well being studies, sharing capabilities, and the info breach monitor. A NordPass Household account will get you 5 premium accounts.
Dashlane presents a free tier too, however limits you to storing 30 whole data, which is a dealbreaker. Dashlane’s most cost-effective paid plan begins at $35.88 per 12 months, however this tier prevents you from syncing passwords throughout greater than two gadgets at a time. To eliminate this limitation, you must spring for Dashlane’s $59.99-per-year choice.
Different premium password managers additionally cost extra for his or her premium tiers. As an illustration, Sticky Password prices $29.99 per 12 months, Keeper Password is $34.99 per 12 months, and 1Password expenses $35.88 per 12 months.
In case you are decided to not pay to handle your password managers, take a look at our roundup of the most effective free password managers.
Getting Began With Bitwarden
As with most password managers, you begin by organising an account. Enter your electronic mail, create a powerful grasp password, and also you’re executed. Bitwarden does fee that grasp password weak, good, or sturdy as you sort it, and it would not simply search for a minimal size and use of various character units. We discovered that it zinged simple-minded patterns as nicely. For instance, the password 123Abc!123Abc!123Abc! is 21 characters lengthy and makes use of all 4 character sorts, however Bitwarden nonetheless charges it as weak.
In the event you’re switching from one other password supervisor, Bitwarden will help, however you need to head to the online vault to take action. Right here, you possibly can import passwords exported from Dashlane, Keeper, RoboForm, or greater than 50 different password managers. You may also import passwords saved in your browsers.
Bitwarden presents three choices for exporting your fault: .json, .json (encrypted), and CSV. The encrypted choice is new and makes use of the identical encryption as your vault; meaning you must use the identical key to decrypt it if you import it once more.
Two-factor authentication considerably enhances the safety of your saved passwords. With out some type of 2FA, anyone who guesses, steals, or hacks your grasp password can entry your vault from wherever. With 2FA enabled, entry requires one other issue, one thing solely you possibly can present. To arrange 2FA with Bitwarden, head to the Settings part within the net interface after which choose the Two-step login choice on the left-hand menu.
Bitwarden’s free version helps 2FA by way of authenticator apps, which we favor over much less safe SMS-based strategies. Most two-factor programs require you to arrange some form of backup, reminiscent of a cell quantity that may obtain an unlock code by way of textual content, in case you ever lose your authentication machine. Once you go to allow 2FA in Bitwarden, it reveals a warning on the high of the web page about how the corporate can’t allow you to regain entry to your account should you lose your 2FA machine. It strongly advises you to repeat down your account restoration code and retailer it in a secure place.
Establishing 2FA with an authenticator app is straightforward; simply snap the QR code along with your authenticator app of selection and also you’re able to go. There’s additionally an choice to obtain 2FA codes by way of electronic mail, however utilizing a 2FA app is a a lot smoother expertise. Bitwarden premium subscribers get extra 2FA choices, together with authentication by way of a Yubikey, or any FIDO U2F appropriate safety key.
One in style method for utilizing two-factor authentication along with your different on-line accounts depends on TOTPs (time-based one-time passwords). Like Myki and Enpass, Bitwarden Premium can function an authenticator itself, each producing the required TOTP and mechanically filling it in when wanted. To set this up, you paste the 2FA authentication code into the Authenticator Key (TOTP) part of a password entry.
Desktop, Net, and Browser Extension Expertise
You need to use Bitwarden’s net interface, desktop apps, or browser extension to create and edit entries in your vault, however some performance is proscribed to the online interface. As an illustration, you need to use the online app to arrange 2FA, run Bitwarden’s safety studies, and import passwords. You may share objects from any platform, however the desktop app limits you to Bitwarden’s new Ship characteristic, quite than the complete sharing capabilities.
If you wish to host your passwords domestically, Bitwarden permits you to take action on Home windows, macOS, and Linux gadgets. Bitwarden’s purposes and code library have been audited by Cure53 in 2018, whereas its community infrastructure was audited by Perception Threat Consulting in 2020. We admire Bitwarden’s dedication to audits and hope it continues to do them at common intervals.
Bitwarden’s net and desktop apps have an analogous format. Within the center, you get an inventory of all of the entries within the vault, whereas a left-hand menu means that you can filter by merchandise sort (login, card, id, safe be aware) in addition to view your favorites and deleted objects. The browser extension’s design is extra streamlined, however you possibly can nonetheless filter by merchandise sort. We like that you could change the interface theme of the desktop app and browser extension. We didn’t expertise any efficiency points or crashes when throughout testing on any of those three apps. For reference, we examined Bitwarden totally on the Edge browser and a Home windows 10 machine.
You may also set up your saved logins and objects into folders. LastPass and LogMeOnce Password Administration Suite Premium are among the many merchandise that allow you to do that at seize time. If you wish to set up your Bitwarden logins, it is slightly extra work. It’s essential to create the folders you need first, after which edit every merchandise to place it within the desired folder. The desktop app doesn’t assist drag-and-drop capabilities. 1Password goes one step additional with password group; you possibly can keep a number of vaults per account and set up objects in a nested construction.
As with most different password managers, Bitwarden means that you can add identities, bank cards, and notes to your vault. All of these things are fairly simple to arrange and assist customized fields (textual content, hidden, or Boolean). Bitwarden can use id and bank card objects to fill net types, a course of we talk about later.
All of Bitwarden’s apps have an in depth set of options associated to vault entry. For instance, you possibly can configure how lengthy it takes for entry to trip and what occurs at that time. The desktop apps and browser extensions even assist biometric authentication unlocks.
Password Seize and Replay
On the desktop, we examined Bitwarden in Edge on a Home windows 10 machine. To start out, we merely logged in to 10 or so web sites. In virtually each case, Bitwarden slid in a banner on the high of the web page providing to avoid wasting the credentials. Bitwarden had hassle with a two-page and hybrid login web page we tried, nonetheless; it didn’t supply to avoid wasting our credentials for these websites.
We verified that Bitwarden captures credentials throughout account creation and that it handles some, however not all, password change occasions. Some password managers, amongst them Keeper, Password Boss, and Sticky Password deal with oddball pages by letting you fill in all fields after which seize every thing on demand.
MyKi, Norton, Enpass Password Supervisor, and lots of others allow you to give every entry a pleasant, memorable identify on the time of seize. With Bitwarden, seize is easier, because you simply click on a button, however including a pleasant identify required modifying the identify after the actual fact. You would possibly, for instance, take two entries with the default identify “login.yahoo.com” and rename them to Private E mail and Work E mail.
Some password managers instantly fill in your credentials if you revisit a website. Others put an icon within the username area and fill credentials solely after you click on, which avoids some attainable safety dangers. Bitwarden can now mechanically fill credentials, however you possibly can disable this selection should you favor. In testing, this characteristic labored for traditional websites we tried, however a couple of hybrid sign-on pages tripped it up.
If Bitwarden has credentials saved for the location you are on, it overlays the variety of entries on its toolbar button. Click on the button, click on the specified entry, and it fills the info. Alternatively, you possibly can right-click on a login area to fill any saved credentials from a context menu.
You may also view your whole password assortment by clicking the toolbar button and opening your vault. From right here, you possibly can simply seek for objects and launch the related webpage by clicking on it.
After you add all of your passwords to Bitwarden’s vault, it is best to exchange any weak or duplicate ones with sturdy and distinctive passwords. Free customers need to scout out the dangerous ones themselves; Bitwarden reserves most of its password safety evaluation instruments for paying clients. These instruments can be found by way of Bitwarden’s net interface, however nowhere else.
Bitwarden can generate six studies: Uncovered Passwords, Reused Passwords, Weak Passwords, Unsecured Web sites, Inactive 2FA, and Knowledge Breach. Uncovered passwords are these which have been uncovered in recognized knowledge breaches, whereas reused and weak passwords are self-explanatory. Bitwarden treats any linked URLs in your vault that don’t use TLS/SSL encryption as unsecured. The Inactive 2FA report identifies which internet sites in your vault assist two-factor authentication, however for which you haven’t linked a TOTP code in Bitwarden. That final report may throw up some false positives, nonetheless, should you select to make use of a special authenticator app.
The Knowledge Breach report checks if any of your electronic mail addresses, passwords, bank cards seem in any knowledge breaches by way of the Have I Been Pwned website. Free customers can examine if any of their electronic mail addresses or usernames have been uncovered in a breach.
Many different password managers, together with LastPass Keeper Password, 1Password, and NordPass embrace related instruments. Dashlane’s free model gives an actionable password power report and lively Darkish Net monitoring for paid customers.
Once you do discover a password that you’ve got used a number of instances or a weak one like “123456,” you do not have to assume up the substitute your self. Like virtually each competing product, Bitwarden features a random password generator.
By default, the password generator creates passwords containing upper- and lowercase letters and digits, however not particular characters. We strongly advise checking the field so as to add particular characters to the combo, since it is a requirement for many websites anyway.
The generator can crank out passwords from 5 to 128 characters lengthy, but it surely defaults to 14 characters. We advise rising the size to twenty characters or extra. On Android, Bitwarden defaults to fifteen characters and makes use of all character units by default. Bitwarden ought to standardize these choices and enhance the default password size.
Against this, Myki Password Supervisor & Authenticator defaults to passwords of greater than 30 characters. Since you do not have to recollect the saved passwords, you would possibly as nicely make them lengthy.
Bitwarden also can generate multi-word passphrases of the Right-Horse-Battery-Staple sort. There is no level in utilizing this characteristic for a password managed by Bitwarden, however you would possibly think about using it to create a memorable grasp password like “unstylish-slam-plywood-anvil.” Once more, Bitwarden’s default phrase size is a bit low at three phrases. We suggest rising that setting.
Filling Private Knowledge
It is only a brief step from filling username and password fields to filling different private knowledge in net types. Like LogMeOnce and lots of others, Bitwarden can retailer a number of units of non-public knowledge and use them that can assist you when it is time to fill out a type.
Bitwarden shops two sorts of non-public knowledge objects: Playing cards and Identities. For every bank card, you file particulars just like the quantity, cardholder identify, and CCV. It would not allow you to snap the cardboard with a smartphone digital camera the way in which Dashlane and some others do.
Every id saves a easy assortment of non-public knowledge, together with identify particulars, snail-mail handle, electronic mail, and cellphone quantity. It is not practically the large cornucopia of knowledge saved by RoboForm In all places, and you may’t have a number of situations of a area the way in which you possibly can with Dashlane and some others. You do not even get separate strains for dwelling, work, and cell numbers. Nonetheless, you possibly can add customized fields to an id entry: Textual content, Boolean (a checkbox), and Hidden (the entry is obscured by asterisks by default). Though different password managers are extra complete on this regard, each area that Bitwarden fills is one you do not have to sort.
If you’d like Bitwarden to fill the shape you are watching, simply click on the extension button after which the specified id or bank card. We tried a couple of websites as a easy sanity examine and located that Bitwarden largely did the job, regardless of lacking a couple of fields.
Sharing and Emergency Entry
We all the time advise towards sharing your passwords with simply anybody, however generally you actually should. Once you do need to share, you need the method to be each easy and safe. Bitwarden presents two strategies for sharing logins: by way of a brand new characteristic referred to as Ship and, for households or groups, Organizations.
Bitwarden’s new Ship characteristic simplifies sharing significantly. With this technique, you possibly can ship an encrypted hyperlink to anybody (even individuals who don’t use Bitwarden) utilizing no matter communication technique you favor. Sends can both embrace recordsdata (as much as 500MB, or as much as 100MB if importing from cell) or textual content notes. Free customers can solely share notes as a result of these accounts don’t embrace any encrypted file storage. Through the setup for a Ship, you possibly can specify an expiration date, a deletion date, and a most entry restrict, plus arrange a password.
For the second technique, you do not share with different customers instantly. As a substitute, you create a corporation, invite different customers, after which share with the group. Free and premium private customers cannot use this instrument; it is just for subscribers to the Household Group tier or any of the enterprise plans. Subscribers to Bitwarden’s Free Group and Household Group tier can share objects with a complete of two and 6 individuals respectively, whereas the Group and Enterprise plans don’t have any such limitations.
Inside a corporation, shared objects fall into collections; each merchandise have to be part of no less than one assortment. Collections are much like shared folders in merchandise reminiscent of LastPass and Keeper Password Supervisor & Digital Vault.
Free Group customers can create two collections. In the event you subscribe to the Household Group plan or above, you possibly can create a vast variety of collections. The purpose with this method is to allow you to share totally different passwords with totally different members of a bunch. This sharing setup lends itself extra to enterprise clients.
Because the creator of the group, you’re the omnipotent Proprietor. There are three different ranges of entry, Admin, Supervisor, and Consumer, however the distinctions actually matter extra to enterprise installations. As well as, you possibly can restrict every person to particular collections, or make the share read-only. In the event you’re sharing with a accomplice, it is smart to present full Proprietor entry. If the share is extra one-sided, maybe along with your youngster, Consumer entry in read-only mode might be finest.
Just a few competing merchandise, amongst them LastPass, LogMeOnce, and Dashlane allow you to arrange a special form of sharing. With these merchandise, you designate an inheritor to obtain some or your entire passwords within the occasion of your premature demise. Bitwarden presents this characteristic, too. In essence, the proprietor of a Bitwarden vault can invite an emergency contact to their vault who will solely have the ability to entry the contents of it after the unique proprietor approves the request manually or a time restrict set by the proprietor expires. Notably, solely Premium customers and better can ship out emergency entry requests, however free customers may be designated as these recipients. Emergency entry contacts, upon getting access to the vault, will both get read-only entry or full management of the vault.
Bitwarden On Cellular
We examined Bitwarden on an Android 11 machine, however Bitwarden presents an iOS app too. Each apps look constant and have the identical options, amongst them biometric authentication and the flexibility to autofill credentials. Very like the desktop and net apps, the cell variations assist themes, too.
The Android app features a backside navigation bar with 4 objects: My Vault, Ship, Generator, and Settings. The My Vault part lists your merchandise sorts, folders, and unorganized objects; faucet on any to view particulars or edit the entry. The Ship tab enables you to arrange and handle shared objects. The Generator part offers you entry to Bitwarden’s password generator instrument. Within the Settings tab, you possibly can management autofill preferences, allow extra necessities to unlock the vault, and export your vault, in addition to entry different commonplace choices.
In testing, Bitwarden efficiently stuffed credentials inside apps and in a browser. We didn’t expertise any app crashes both.
A Severe Contender
In the event you’re looking for a free password supervisor, positively take a look at the open-source Bitwarden. It doesn’t restrict the variety of passwords you possibly can retailer or stop you from syncing your vault throughout gadgets; many different free password managers do. The Premium tier can also be cheap and consists of glorious options reminiscent of an actionable password well being report, emergency entry choices, the flexibility to generate TOTP codes, and assist for enhanced two-factor authentication strategies. Bitwarden had some hassle mechanically capturing and filling credentials on some websites in our testing, however it’s an Editors’ Alternative winner without cost customers due to its notable lack of restrictions. If you wish to pay to your password supervisor, different choices are a bit slicker and supply extra options, however at the next worth.
Myki Password Supervisor & Authenticator retains all of your passwords in native storage and is one other Editors’ Alternative decide without cost customers. Our favourite paid password managers are Dashlane, LastPass, and Keeper, all of which supply a wonderful, clean password administration expertise with high safety instruments.