Bitwarden Review | Trusted Reviews

Verdict

Bitwarden offers each the perfect free and finest paid-for on-line password administration service. There are just a few particular niches the place customers would possibly want one thing else, however that is the perfect password supervisor for nearly everybody.

Introduction

Bitwarden is among the best password manager choices at present obtainable.

Not solely does it have a wonderful paid-for subscription, with options that greater than justify the fee, but in addition probably the greatest free tiers round for individuals who aren’t keen to spend a dime.

It’s highly effective, customisable however, most significantly, stays straightforward to make use of. After utilizing Bitwarden for a number of weeks, listed below are my ideas.

Pricing

A Bitwarden Premium account prices $10 (£8.50) per 12 months, whereas a Bitwarden Households subscription will get you six accounts for $40 (£34.00) per 12 months, in addition to a share group account (an Organisation) to go together with your loved ones account.

A free Bitwarden account is absolutely useful. Not like LastPass, you’ll be able to entry your passwords on every kind of gadgets, and in contrast to Dashlane’s free tier, there’s no restrict on the variety of passwords it can save you.

Bitwarden does reserve extra superior options for paying customers. Free accounts don’t get an emergency entry contact, safe file storage, in-client TOTP (Time-based One Time Password) two-factor authentication code era for saved providers, and have fewer 2FA choices.

You want a paid account if you wish to use Duo for multifactor authentication, and solely paid organisations (together with households) can use FIDO safety keys equivalent to YubiKey gadgets for 2FA.

Options

• Simple to make use of, and clearly designed
• Biometric unlocking is accessible on all platforms
• Superior options obtainable with paid-for subscription

At its easiest, Bitwarden offers an internet vault, browser extensions, autofill and autosave performance. Simply arrange an account, plug it into your browser and go. By default, you’ll must enter your grasp password each time you restart your browser, whereas the desktop apps and internet vault re-lock themselves on restart or after quarter-hour. Its browser plugins are cleanly designed and really straightforward to make use of, and the standalone apps and internet vault have lately been streamlined to look rather less cluttered, whereas holding the whole lot clearly labelled and properly documented.

Logout and lock settings are extremely configurable, and biometric unlocking is accessible for all platforms. It’s also possible to use a second set up of the Bitwarden consumer as a passwordless login as a substitute of your grasp password. If you happen to can’t hook up with the web, an offline cache of your password database is accessible for read-only entry. There’s even a totally offline Bitwarden Transportable model for static password collections.

Bitwarden lets you retailer logins, cost playing cards, identification knowledge together with your tackle, nationwide insurance coverage and passport quantity, and safe notes. Paying customers can connect recordsdata to entries, permitting you to retailer passport scans or PGP keys.

The Organisations mannequin is price being attentive to, as a result of Bitwarden does issues slightly in another way to a few of its rivals. If you wish to share giant numbers of passwords with somebody, you’ll want an Organisation, an additional shared password library along with your individual non-public one.

Free Organisations will be shared between as much as two individuals, Household organisations by as much as six, and there are bigger choices in the event you want them, primarily geared toward companies. It’s also possible to share particular passwords (or different secret info) with every other Bitwarden person for a most of 31 days through the ephemeral Bitwarden Ship software.

Like most password managers, Bitwarden is a zero-knowledge service, which signifies that it doesn’t know and can’t uncover your grasp password. If you happen to lose it, you’ll must reset your account, deleting all saved passwords. Nevertheless, Organisation directors can reset the passwords of members of their organisation, and that features household subscriptions.

Paying customers can even designate an emergency contact, who, as soon as arrange, can request and be manually or robotically granted entry to your account. If you happen to’ve granted them account Takeover entry, this emergency contact can even create a brand new grasp password to your account in the event you’ve forgotten it.

Bitwarden is open supply and extremely clear in its improvement and concern reporting course of. This helps to make sure that safety vulnerabilities are promptly patched and permits the neighborhood to request new options. The corporate has confirmed to be conscious of person and business criticism, lately taking measures to extend the variety of hash iterations and prompting older customers to rehash their passwords with extra iterations through a really seen pop-up.

It’s good to see measures to enhance the service being usually rolled out because the risk panorama adjustments, moderately than solely being introduced in response to a notable breach, equivalent to Lastpass‘s 2022 incident. The one draw back is that Bitwarden’s person communications typically lean into moderately technical language, equivalent to telling customers with older accounts to extend the variety of KDF iterations (the variety of instances a password is hashed earlier than being saved) to enhance the safety of their passwords and taking them to a web page the place they had been prompted to make the change manually.

A friendlier choice might need been to auto-suggest a quantity, moderately than simply telling customers that 600,000 or extra was finest and leaving them to alter the variety of iterations in a textual content entry field. It’s a minor level of friction, however one that might end in nervous customers not making the change. New accounts are robotically set to make use of this greater variety of iterations.

Person-facing options are additionally usually up to date, with latest additions together with wider gadget help for the passwordless “log in with gadget” function, help for brand new encryption algorithms equivalent to Argon2, and an e-mail alias integration through your individual area, by utilizing + addresses, or a variety of third-party service a that enable customers to generate distinctive e-mail forwarding addresses for each account they create, making it straightforward to see who’s promoting your knowledge and minimising your danger in case a service you utilize loses your knowledge in a breach.

Bitwarden is also one in every of quite a few password administration companies that’ll shortly be rolling out help for Passkeys, a latest passwordless login commonplace that makes use of a pair of secret cryptographic keys as a substitute of a username and password to log you into websites that help it, however this hadn’t been rolled out on the time of writing.

Newest offers