Bitwarden offers each the perfect free and finest paid-for on-line password administration service. There are just a few particular niches the place customers would possibly want one thing else, however that is the perfect password supervisor for nearly everybody.
- Limitless free tier
- Cheap paid tiers
- Simple to make use of
- TOTP password era
SafetyBitwarden makes use of AES-CBC 256-bit encryption to your Vault knowledge and PBKDF2 SHA-256 to derive your encryption key
Sharing:Ephemeral sharing (as much as 31 days) with any Bitwarden person through Bitwarden Ship; share collections with as much as one different person through a free organisation or with anybody in your your Bitwarden Households organisation
Storage: 1GB encrypted attachment or safe file storage for paid subscribers
Bitwarden is among the best password manager choices at present obtainable.
Not solely does it have a wonderful paid-for subscription, with options that greater than justify the fee, but in addition probably the greatest free tiers round for individuals who aren’t keen to spend a dime.
It’s highly effective, customisable however, most significantly, stays straightforward to make use of. After utilizing Bitwarden for a number of weeks, listed below are my ideas.
A Bitwarden Premium account prices $10 (£8.50) per 12 months, whereas a Bitwarden Households subscription will get you six accounts for $40 (£34.00) per 12 months, in addition to a share group account (an Organisation) to go together with your loved ones account.
A free Bitwarden account is absolutely useful. Not like LastPass, you’ll be able to entry your passwords on every kind of gadgets, and in contrast to Dashlane’s free tier, there’s no restrict on the variety of passwords it can save you.
Bitwarden does reserve extra superior options for paying customers. Free accounts don’t get an emergency entry contact, safe file storage, in-client TOTP (Time-based One Time Password) two-factor authentication code era for saved providers, and have fewer 2FA choices.
You want a paid account if you wish to use Duo for multifactor authentication, and solely paid organisations (together with households) can use FIDO safety keys equivalent to YubiKey gadgets for 2FA.
- Simple to make use of, and clearly designed
- Biometric unlocking is accessible on all platforms
- Superior options obtainable with paid-for subscription
At its easiest, Bitwarden offers an internet vault, browser extensions, autofill and autosave performance. Simply arrange an account, plug it into your browser and go. By default, you’ll must enter your grasp password each time you restart your browser, whereas the desktop apps and internet vault re-lock themselves on restart or after quarter-hour. Its browser plugins are cleanly designed and really straightforward to make use of, and the standalone apps and internet vault have lately been streamlined to look rather less cluttered, whereas holding the whole lot clearly labelled and properly documented.
Logout and lock settings are extremely configurable, and biometric unlocking is accessible for all platforms. It’s also possible to use a second set up of the Bitwarden consumer as a passwordless login as a substitute of your grasp password. If you happen to can’t hook up with the web, an offline cache of your password database is accessible for read-only entry. There’s even a totally offline Bitwarden Transportable model for static password collections.
Bitwarden lets you retailer logins, cost playing cards, identification knowledge together with your tackle, nationwide insurance coverage and passport quantity, and safe notes. Paying customers can connect recordsdata to entries, permitting you to retailer passport scans or PGP keys.
The Organisations mannequin is price being attentive to, as a result of Bitwarden does issues slightly in another way to a few of its rivals. If you wish to share giant numbers of passwords with somebody, you’ll want an Organisation, an additional shared password library along with your individual non-public one.
Free Organisations will be shared between as much as two individuals, Household organisations by as much as six, and there are bigger choices in the event you want them, primarily geared toward companies. It’s also possible to share particular passwords (or different secret info) with every other Bitwarden person for a most of 31 days through the ephemeral Bitwarden Ship software.
Like most password managers, Bitwarden is a zero-knowledge service, which signifies that it doesn’t know and can’t uncover your grasp password. If you happen to lose it, you’ll must reset your account, deleting all saved passwords. Nevertheless, Organisation directors can reset the passwords of members of their organisation, and that features household subscriptions.
Paying customers can even designate an emergency contact, who, as soon as arrange, can request and be manually or robotically granted entry to your account. If you happen to’ve granted them account Takeover entry, this emergency contact can even create a brand new grasp password to your account in the event you’ve forgotten it.
Bitwarden is open supply and extremely clear in its improvement and concern reporting course of. This helps to make sure that safety vulnerabilities are promptly patched and permits the neighborhood to request new options. The corporate has confirmed to be conscious of person and business criticism, lately taking measures to extend the variety of hash iterations and prompting older customers to rehash their passwords with extra iterations through a really seen pop-up.
It’s good to see measures to enhance the service being usually rolled out because the risk panorama adjustments, moderately than solely being introduced in response to a notable breach, equivalent to Lastpass‘s 2022 incident. The one draw back is that Bitwarden’s person communications typically lean into moderately technical language, equivalent to telling customers with older accounts to extend the variety of KDF iterations (the variety of instances a password is hashed earlier than being saved) to enhance the safety of their passwords and taking them to a web page the place they had been prompted to make the change manually.
A friendlier choice might need been to auto-suggest a quantity, moderately than simply telling customers that 600,000 or extra was finest and leaving them to alter the variety of iterations in a textual content entry field. It’s a minor level of friction, however one that might end in nervous customers not making the change. New accounts are robotically set to make use of this greater variety of iterations.
Person-facing options are additionally usually up to date, with latest additions together with wider gadget help for the passwordless “log in with gadget” function, help for brand new encryption algorithms equivalent to Argon2, and an e-mail alias integration through your individual area, by utilizing + addresses, or a variety of third-party service a that enable customers to generate distinctive e-mail forwarding addresses for each account they create, making it straightforward to see who’s promoting your knowledge and minimising your danger in case a service you utilize loses your knowledge in a breach.
Bitwarden is also one in every of quite a few password administration companies that’ll shortly be rolling out help for Passkeys, a latest passwordless login commonplace that makes use of a pair of secret cryptographic keys as a substitute of a username and password to log you into websites that help it, however this hadn’t been rolled out on the time of writing.
Must you purchase it?
If you happen to’re in search of comfort: Bitwarden will be so simple as you need it to be, working as an unobtrusive extension to autofill what’s wanted in your browser.
If you happen to require refined and customisable security: Bitwarden provides a excessive degree of person configurability and management below the bonnet, however can’t fairly match that of the KeePass household of purposes.
Bitwarden is the perfect password supervisor for most individuals. It’s safe, clear and has extra options than every other paid-for password supervisor we’ve reviewed, whereas nonetheless being very straightforward to make use of.
How we check
We check every password supervisor ourselves on a wide range of laptop and cellular working techniques.
We feature out comparative function evaluation in opposition to business requirements and rival merchandise, and check safety and comfort settings equivalent to default logout behaviour and offline entry.
We used for at the very least per week.
Examined all the obtainable options.
Bitwarden is completely secure to make use of, with AES-CBC 256-bit encryption stopping hackers from stealing your knowledge and common updates to assist customers keep safe.
Sure, a free password supervisor from a good vendor sometimes has the identical degree of safety because the paid-for variations. By subscribing, you simply get entry to a higher variety of superior options.