Detailed Expert Review
What We Liked
- Open source software – great for Linux users!
- Local encryption
- Zero-knowledge encryption
- Easy to use interface
What We Didn’t Like
- Data is stored in 14 Eyes surveillance location
BitWarden is an open-source password manager with a really quickly-growing user base. The interface is nice, clean and straightforward, and as an added bonus, is full of features, even on the free version. These features include a password generator, cloud storage for all passwords and syncing across numerous devices (and that’s more than Enpass will give you). BitWarden is pretty versatile like that, and will sync multiple device passwords via a web app, smartphone apps and its numerous browser extensions.
I’ve reviewed almost 70 password managers, so here’s my BitWarden review.
BitWarden Plans and Pricing
As a software that has developed over time, BitWarden used to be completely free. Nowadays, it has two separate pricing plans.
BitWarden is currently in active development, and other paid features may be released in the future.
The premium version is a yearly subscription model, which is pretty low-priced for the market – which makes sense, because it offers fewer features.
One thing to note though – although it’s low-priced, it also has no refund option.
There are two options for personal, individual users, and two options for Business users, which is a nice touch.
I’d say that the Families or Teams plan is probably enough for, well, families and individuals, unless you really, really care about two-factor authentication – for which you’d need to upgrade to the Enterprise plan, but you’d need at least 5 users for that.
I think the 1GB of encrypted file storage (on the Family plan) would be worth upgrading for, but – as I’ve circled on the screenshot above – the Family and teams plans are pretty similar…unless you need more than 5 users and priority tech support.
There’s also a 7-day free trial of plans, which should be more than enough time to see if it’s worth it for you or your organization.
Otherwise, I’d say that the Teams option is a good, simple option for small businesses, but nothing larger than that. When you come to think of the business heavy focus of, say, Myki, or even Zoho Vault, BitWarden seems a bit underdeveloped in comparison.
In this completely honest BitWarden review, I have to admit that the reporting and tracking is not strong enough, and IT professionals will find the customization options within BitWarden not nearly enough for their needs. Also, the amount of encrypted storage provided (1 GB) is not going to be enough for most large teams. BitWarden does include a few options aimed at the more tech-savvy crowd with both the ability to use a command prompt for input and the ability to self-host the data instead of storing your database in the cloud.
BitWarden is a basic, but effective, password manager. This is one for users who like things to be straightforward and hassle-free – in life, and in password management.
Yes, it may have fewer features than some of its larger competitors (it’s not flashy like LastPass, or cute like RememBear), but it does what it needs to do. For example, if you’re looking for password sharing – I couldn’t find any way to share my passwords – you’re better off with something like LastPass instead, which has a fantastic sharing feature.
Actually, since it’s open source, it’s continually being improved on and updated. New features are being added all the time. One update allowed users to store more than just passwords – now, as a result, you can also store credit cards, secure notes and identity info.
Having said that, I think BitWarden is mostly for straightforward password storage and login protection, with a few extra features – which is never a bad thing to admit (especially not in a totally honest BitWarden review like this).
BitWarden has desktop app versions (and a lot of them), browser extensions and also Android and iOS apps. This is a techy software, for techy people (such as Linux users), so that’s to be expected. I’ll get into these different apps a bit later in this BitWarden review, but for now, know that they’re available, and I’ll be discussing them.
Another important thing to note is that each version has slightly different user interfaces –
Which was a little tricky, for reasons I’ll get into shortly.
Password managers have one main job – looking after your passwords. Some password managers do a better job than others when it comes to actually getting those passwords into their systems – and BitWarden is one of them.
I couldn’t find out how to import passwords – which some password managers (LastPass) guide you through as a part of the installation process. BitWarden, as I found out, doesn’t.
After a bit of searching around, I finally found the option of importing passwords in the browser extension. I was redirected to a help document on the BitWarden site, and saw this –
I think this is the most options for password importing that I have ever seen – and I‘ve seen a LOT of password managers!
I’m also happy to report that the importing took nothing more than a painless CSV import, and a dragged/dropped file – et voila, all my passwords appeared.
Here is where what I mentioned above, about the different user interfaces comes in – I spent a good ten minutes trying to find the option to import my passwords on the web app. It turned out, I should have been doing this on the web vault, which was the only place where I could actually import. Small difference, but a lot of time wasted.
While I would have really liked to have seen a nice auto-import from browser extension (like LastPass and Dashlane both have), I’ll still take what I can get – I know BitWarden is much more designed for techies.
As for the question “Is BitWarden safe?” BitWarden offers a good password generation tool. The tool allows users to set parameters for their preferred password and generate passwords from the ruleset. Users can do this as either a completely random sequence of numbers and letters, or they can choose to use a sequence of several words.
This generator is also available in the smartphone app and in the browser extensions.
Business Use Reporting
One thing I noticed just in passing, is that for BitWarden business users, there’s a nice function to generate reports. It turns out these are available only via the website (you need to upgrade to a business account and then receive a login), and not in the apps or extensions.
The reporting looks pretty good, if that’s what you need, with details of weak and reused passwords used by anyone within your organization. The administrator can also get a report of logins being used on unsecured websites, and even inactive two-factor logins.
It’s pretty impressive – and actually impressed me more than any reports Zoho Vault ever generated – I’d say BitWarden’s reporting is on the same level of Myki’s pretty impressive reporting.
BitWarden has an extension for all the major browsers like Chrome, Microsoft Edge, Safari and Firefox (see below for the full list of all BitWarden download options, under the “Ease of Use” section in this BitWarden review).
I was amazed to see that BitWarden also has an option for even more high-level or technical browsers, including Tor and Brave! This really is the password manager for the technically-savvy.
The browser extension does pretty much what the desktop app does, and even looks pretty similar too –
And there are some pretty nice in-browser features too – if you hover over the icons in the red box, you’ll be able to View Data; Copy Username and Copy Password –
It’s all very nice and clean! I think it’s very easy to use, and even the least-savvy BitWarden user will be able to figure it out easily enough.
The web app (which is my go-to for any password manager review) was functional, easy to use and did the job.
However, I did notice that after my CSV import, there were a few logins where BitWarden hadn’t imported all of my data –
Otherwise, I was pretty happy – clicking on each of the logins gives you the item’s information (on the right of the screenshot). The menu is also really intuitive.
One thing that also bugged me was the lack of automatic categorization – you can clearly see that BitWarden supports login info, card and financial information, identity-related info and Secure notes – and I had a range of this data imported. While Dashlane and even RoboForm nicely categorized these for me on import, BitWarden didn’t. I clicked on ‘card’, for example, expecting to see a saved credit card, and got nothing.
It turned out that I had to add credit card and financial information, and anything other than a login manually. So that’s a bit less great, but actually, everything else was pretty good, so I was happy overall.
Otherwise, while researching this BitWarden review, I also noticed that BitWarden’s auto capturing of passwords was pretty good – I’d see a little notification each time it captured something, but otherwise, it just did its job in the background. That’s my kind of password manager!
The mobile app looks and functions in the same way as the web app and browser extension. You’ll need your master password to log into your account, and once you’re in, all s pretty much the same as on the desktop.
You’ll see your vault, the password generator, the tools and the settings on the ap. And that’s it. Nice, straightforward – simple!
Unfortunately, BitWarden’s security policy wouldn’t let me take screenshots, which is actually a nice little security feature if you think about it. But having said that, I also locked my smartphone screen for ten minutes, and then reopened it, and the BitWarden app didn’t even ask me for my master password again. I’m sure this setting can be changed somewhere in the app, so it will request your master password on device locking and reopening, but I couldn’t see where.
The mobile app synced nicely with my browser extension and the web app, showing me all of my saved data, right after I downloaded and logged in. All in all, a very nicely functioning app, not say, like the disaster I experienced with Zoho Vault’s non-syncing mobile app, which also looked completely unrelated to its web app.
BitWarden Ease of Use and Setup
BitWarden is so easy to get up and running, and even better – has a ton of options for you to choose from when it comes to installing and using it –
I decided to go for the Windows installation and the Chrome browser extension.
I downloaded the software, and followed the installation instructions…which led me to the screen asking me to setup my master password.
I like that it gave me feedback on my (actually very) weak password…but it let me set it up as my master password, despite telling me how weak it was. I know I’m comparing two very different password managers, but LastPass refused to let me continue with a weak master password.
Otherwise the dashboard looked really good – as clear as Dashlane itself – and actually better than quite a few other password managers out there Zoho Vault’s dashboard was an utter mess}:
So far, so good. The dashboard – on the web app, browser extension and the mobile app was really self-explanatory and easy to use.
Two-factor Authentication (2FA)
I was a bit surprised that BitWarden didn’t prompt me to install any two-factor authentication – for a password manager built by technically-savvy people, I would have assumed security was kind of their thing.
While BitWarden security includes some two-factor authentication, it’s actually the one feature that can only be setup on the website, and the website only, and it is slightly buried in the options.
You should also know that the free version only offers BitWarden security via email and 3rd party authentication, while the paid membership expands the options to Yubico, Fido and Duo.
If that’s a deal breaker for you, then you really should upgrade to the premium version – because personally, I never take security (and definitely not online security) too lightly. Otherwise, you’ll have to make do with BitWarden security consisting of your master password and your emergency recovery phrase (if you’ve set one up) – or if you do forget your login details, your data will be wiped.
Is BitWarden safe? I would still say yes.
BitWarden Customer Support
I should be honest here – BitWarden is not in the same league as other password managers when it comes to customer support, but it still provides some options to get in touch.
The only real option you have to get support is via email. You’ll also see some social media links available, but I didn’t find them very responsive. I saw they had a nice, responsive Twitter page, but that their answers there were short and mostly tell people to visit their help pages on the site.
I was a bit disappointed that there were no live chat or phone numbers for support. But, at least there was an active user-to-user help forum. I actually found the forum pretty useful, with a lot of answers to common questions.
Still, if it’s a direct response from BitWarden you want, then email is your best option.
I emailed BitWarden through the website, and amazingly, I received a response in under 24 hours. I was even more impressed that the response I got was definitely from a human and was not automated.
It was easy to read and understand, and even asked me a follow-up question! While I was a bit annoyed that there wasn’t a live chat, I guess this is the next best thing – actually, even LastPass could learn a thing or two about customer support from BitWarden.