Bitwarden Review 2024: It's Free but Is It Safe to Use?
Security
Bitwarden Provides Impenetrable Password Safety
With its open-source codebase, virtually unbreakable encryption, and various security features, Bitwarden is a highly secure password manager. You can use it to save all your passwords and sensitive data with complete peace of mind.
Besides its encryption protocols, Bitwarden uses TLS/SSL to secure communications between its apps and servers where data is hosted. It also uses HTTP Strict Transport Security (HSTS), which forces all your connections to use TLS and stops data hijacking.
End-to-End Encryption
Among Bitwarden’s biggest strengths is its top-grade AES 256-bit encryption. This military-grade encryption standard can’t be broken, and the end-to-end encryption means only you can access your data. The only way to access your vault is via a key devised from your master password using PBKDF2 SHA-256, which even sophisticated hackers can’t crack.
Of course, it’s critical to remember your master password. If you lose it, premium and family accounts can only be accessed if you have emergency access set up. However, Enterprise users can request admins for a password reset.
Two-Factor Authentication (2FA)
Two-factor authentication provides another layer of security besides your master password. It’s really easy to set up 2FA in Bitwarden via the web portal — open the Security tab in account settings, select the Two-step login option, and set it up via your preferred method.
I was pleased to see that Bitwarden offers multiple 2FA options. I set it up in my tests via Google Authenticator, but you can also use similar apps like Authy. Besides, Bitwarden supports YubiKey, Duo, FIDO2 keys, and email-based verification codes. Note that free users can only authenticate via email or authenticator apps, while other options are premium only.
Bitwarden also generates TOTP codes to sign into other accounts that you have on websites. You can set these up on the desktop app by entering the TOTP seed or by scanning the TOTP seed QR code on the mobile app. Once set up, Bitwarden will generate six-digit TOTPs that change every 30 seconds, and it’ll even auto-fill them if you have the feature enabled.
Breach Monitor
Bitwarden offers dark web monitoring via its breach monitor, which checks if your accounts were leaked in data breaches. It’s easy to use — just enter your email address, and Bitwarden will inform you about any leaked accounts connected to that email.
During tests, Bitwarden’s breach monitor highlighted 6 compromised accounts I had. What’s even more impressive is that it provides additional details like when a breach occurred, when it was reported, how many people were affected, and what information was leaked.
Third-Party Security Audits
A good indicator of a password manager’s quality is whether it has passed any independent audits. As it turns out, Bitwarden has successfully cleared many audits and penetration tests over the past few years. It’s been audited by firms like Cure53, Insight Risk Consulting, and others. So, I’m fully confident in its security measures.
Privacy — Open Source Codebase and a Zero-Knowledge Architecture
Bitwarden’s zero-knowledge architecture ensures data privacy, as no one can access your data except you. The only way to view your information is by decrypting your vault via the master password, which no one else has. Plus, Bitwarden is completely open-source, meaning its code is free for anyone to review and audit.
For added privacy, you can self-host Bitwarden and store your data locally. This isn’t something most people should worry about because Bitwarden’s servers are secure, but it’s a good option if you’re very privacy-conscious.
Besides its privacy-focused architecture, Bitwarden complies with GDPR, CCPA, and HIPAA. Plus, it’s Privacy Shield-certified and has completed SOC 2 Type 2 and SOC 3 compliance. Overall, this is an excellent password manager for data security and privacy.
Features
Lacks Some Features but Offers Tools for Easy Password Management
Bitwarden isn’t as feature-rich as top choices like Dashlane, 1Password, and others. However, I found in my tests that it includes the basic tools needed for secure and convenient password management.
Reports
The Reports feature is among this app’s biggest highlights, providing detailed information about overall password safety. You can use Bitwarden’s reports to check for exposed, reused, weak, and breached passwords. Also, it lets you know if you have accounts on unsafe websites and which of your logins need two-factor authentication.
You should note that Bitwarden’s reports are only available in the web app. They aren’t available in its desktop apps, mobile apps, or browser extensions. So, you must log into the web portal on a browser to use this feature. Also, the free plan only includes limited data breach reports, meaning you must get a paid plan to access all the available reports.
Secure and Easily Organizable Vaults
Bitwarden provides secure vaults to store logins, card details, identities, and any notes you have. I found it easy to add any new information I wanted to save in these vaults, and it’s even easier to organize your data. You can categorize your information into folders, thus making it easy to locate when needed.
You can also make shared vaults called Organizations, but this feature is only available in the web app. This lets you share logins between people in the same organization but doesn’t make up for the lack of an actual sharing feature.
Bitwarden also lets you make collections in your vaults, which are shared folders that other users can access.
I noticed that Bitwarden’s vaults aren’t as versatile as other apps like 1Password. For instance, 1Password’s vaults let you enter all kinds of information, including SSH keys, API credentials, membership cards, databases, and more. While Bitwarden’s notes feature can save this information, other apps make it more convenient.
Auto-Save and Fill
Bitwarden can quickly save your logins, addresses, and other information you use online. Later, it auto-fills this information wherever needed to save you time while surfing the web. Bitwarden’s auto-save feature instantly appeared during tests when I used my logins and asked if I wanted to store them.
Unfortunately, Bitwarden’s auto-fill isn’t as seamless as the auto-save. I had to click the Bitwarden extension icon and select which details to auto-fill whenever I wanted to log into a website. You can fix this by enabling the ‘auto-fill on page load’ setting. However, this causes Bitwarden to always auto-fill the first login you’ve saved for the site.
While its auto-fill isn’t as intuitive as what you get with top choices like Dashlane, Bitwarden’s auto-save and fill features will save a lot of time filling in online forms.
Password Generator
Bitwarden has one of the best password generators I’ve seen, as it lets you create up to 128-character-long passwords. Plus, there’s lots of password customization, including uppercase/lowercase letters, numbers, special letters, and more. You can also customize the maximum amount of numbers and special characters.
Besides generating passwords, Bitwarden’s password generator can create passphrases and usernames. Overall, I’m very impressed with Bitwarden’s password generator and frequently used it during my tests to create safe passwords.
Bitwarden Send
Although it lacks a proper sharing feature, Bitwarden Send lets you share data with anyone. This feature easily lets you send entire files or text to anyone by creating a link that the recipient can access. However, you should note that Bitwarden Send doesn’t allow files over 1GB.
Bitwarden Send also provides various customization options. You can limit how many times others can access the file, how long the link should last, and when the Bitwarden Send link will be deleted. Plus, Bitwarden Send lets you password-protect sent information to ensure only authorized people can access it.
Emergency Access
Emergency access is a vital feature, as it lets you add trusted contacts who can access your vault during emergencies. However, you should note that it isn’t available in Bitwarden’s free plan.
To set up emergency access, you must first invite a trusted emergency contact via email and set their access level. Afterward, you must set a wait time, which is how long they must wait to access your vault after initiating an emergency access request. Once your trusted contact has accepted the invite, you must confirm it from your account to grant them access.
Import and Export
Bitwarden offers solid import and export features for seamlessly switching between password managers. The import feature supports several file formats, including .csv, .xml, .1pux/.1pif (1Password), .json, and more. So, it’s easy to import passwords from any other source onto Bitwarden. You can even copy/paste file content directly instead of importing it.
Bitwarden’s export features are also great. You can export .csv, .json, or encrypted .json files, so you shouldn’t have trouble importing data onto other password managers. Something to note is that import and export are only available in the web portal, meaning you can’t use these features from the desktop/mobile apps or browser extensions.
Overall, Bitwarden provides good features for convenient and protected password management. However, it’s missing some crucial tools you’d get with top choices like Dashlane, such as password sharing. Also, its auto-fill isn’t as intuitive as what you get with the best password managers.
Ease of Use
Straightforward Installation and Setup
Bitwarden is easy to install, set up, and use. Whether you’re using its desktop/mobile apps, web extensions, or web portal, it’s easy to sign up for an account and begin using its features to safeguard your passwords.
The desktop app setup is straightforward and takes a few minutes. Also, you can easily get any of its mobile apps from your device’s app store in less than a minute. The interface and user experience are identical across all desktop apps.
If you’re switching from another password manager, Bitwarden’s excellent import feature makes it effortless to get started. It supports various file formats, meaning you can easily bring your data from another password manager. There’s also an account-switching feature that lets you seamlessly switch between Bitwarden accounts, if you have multiple.
Web App and Browser Extensions
Bitwarden provides excellent web apps and browser extensions containing all its key features. You can access the web app via your phone or PC’s browser to view your vault, check for breaches, adjust settings, and more.
The browser extensions work on Chrome, Firefox, Edge, Safari, and Opera. The extensions include its auto-fill features, vaults, password generator, and Bitwarden Send. The extensions have an intuitive layout similar to a mobile app, so you’ll have no trouble using any of Bitwarden’s features.
Desktop Apps
During tests, I found that Bitwarden’s desktop app has a straightforward design, both in terms of looks and user experience. The app has a basic white color scheme with blue accents, so it’s not the most impressive looking. However, browsing your vaults, saving new information, and using all the password manager’s features is easy.
You should note that the desktop app doesn’t provide Bitwarden’s auto-fill features. So, the best way to use this password manager on desktops is by combining a browser extension with the native app.
Mobile Apps
Bitwarden’s mobile apps look better than its desktop apps and are just as intuitive. The apps include Bitwarden’s vaults, password generators, biometric login support (fingerprints and Face ID), and other key features.
You should note that Bitwarden’s mobile apps need accessibility permissions for the auto-fill features. So, you need to grant these permissions after installing them, or the app’s auto-fill can’t work on the different websites you visit.
How to Install Bitwarden on Windows
- Open the sign-up page. Open Bitwarden’s website and click “Get Started Today” to access the sign-up page.
- Create an account. Enter your email and master password to create a Bitwarden account.
- Log into the web portal. Sign into Bitwarden’s web portal after making an account.
- Download the Windows app. Download Bitwarden’s app after logging into the web portal.
- Install and run the Windows app. Run the setup to install the Windows app and log into it using the account you created earlier.
- Use Bitwarden. Use Bitwarden’s vaults and other safety features to safeguard your data.
Overall, Bitwarden is easy to install and use. It’s not the most pleasing looking due to the basic app designs, but you’ll have no trouble navigating any of its apps and using their various features.
Support
Good Support Despite the Lack of Some Important Channels
Despite the lack of live chat and phone support, I was impressed with Bitwarden’s support in my tests. It offers email-based support, community forums, and a detailed online knowledge base with helpful information about the app.
Email Support
Bitwarden’s email support is the fastest way to get help. In my experience, it usually takes email-based support up to a day to respond to questions. However, Bitwarden’s email support almost always replied to me within 30 minutes. Plus, the answers were always helpful and contained useful links with more information.
I also like that Bitwarden’s email support stays fast regardless of the time. I contacted them at multiple random hours throughout the day, and I always got an answer within an hour at most. So, while it doesn’t fully compensate for proper live chat support, I was quite pleased with my experience with Bitwarden’s email support.
Community Forums
Bitdefender’s community forums have experts and Bitwarden users who will answer your questions based on personal experience. Just make a thread asking your question or highlighting an issue, and you’ll get answers in a while. This isn’t the fastest way to get help, but Bitwarden’s community forums are a valuable resource, if your issue isn’t urgent.
Knowledge Base
Bitwarden also has a helpful knowledge base with lots of information about the password manager, its apps, extensions, features, and more. The knowledge base is known as the Help Center, which has an intuitive interface that makes it easy to find the information you need.
In the Help Center, you can learn how to use the app’s features, how its various functions work, and even how you can self-host Bitwarden. There’s also a search function that lets you quickly find what you need.
The Help Center can also redirect you to the Learning Center, which will teach you the fundamentals of Bitwarden. If you haven’t used password managers before, the Learning Center is a useful resource that’ll explain all you need to know.
Overall, I found that Bitwarden’s Help Center is an excellent resource for basic troubleshooting and other frequently asked questions about the app.
All things considered, Bitwarden’s support is very reliable. The email-based support is fast, the community forums are useful, and the knowledge base has lots of information. Of course, having live chat and phone support would’ve improved it even further, but I was quite satisfied during my tests.
Pricing
Well-Priced Plans and a Great Free Option
Bitwarden has multiple great plans for individuals, families, and businesses. Plus, it has an excellent free plan that’s perfect if you just want to get the app for yourself.
Feature-Rich Free Plan
Bitwarden’s free plan provides unlimited storage for your passwords and sensitive information. Plus, it offers the password generator, Bitwarden Send feature, two-factor authentication, and health reports. While most password managers only allow their free plans on 1 device, Bitwarden’s free plan supports unlimited devices.
There are some limitations to the free plan, though. For instance, the 2FA only supports email and authentication apps, Bitwarden Send only allows text, and the breach report feature doesn’t let you add new emails. Also, you can’t use Bitwarden’s free plan to generate TOTP codes.
Well-Priced Plans for Individuals and Families
Bitwarden’s premium accounts for individuals and families provide excellent value and include the app’s full range of features.
The Premium plan has everything available in the free plan and allows you to send files up to 1GB with Bitwarden Send. Additionally, Premium lets you use YubiKey and FIDO2 keys for 2FA besides email and authenticator apps. It also allows you to add contacts for emergency access.
The Families plan offers everything available in Bitwarden Premium. However, Bitwarden Families allows up to 6 separate user accounts, while Premium only allows 2. Plus, the Families Plan lets you make unlimited collections, while the Premium plan is also limited to 2 in this item.
Excellent Subscriptions and Free Trials for Businesses
For businesses, Bitwarden has effective Teams and Enterprise plans that include Bitwarden’s core features and various other useful tools. For example, Bitwarden’s business-focused plans let you make user groups, manage access levels, and audit when specific passwords were used.
The Enterprise plan provides even more features like password policies, SSO integration, account recovery, and SCIM support. Plus, every Enterprise plan user gets a complimentary Bitwarden Families plan.
I was also pleased to see that Bitwarden’s business plans come with a 7-day-long free trial, thus letting you test all the features without commitment.
30-Day Refund Policy
Bitwarden has a 30-day refund policy that applies to both personal and business-focused subscriptions. To receive a refund, simply cancel the subscription from your account settings and contact Bitwarden’s support to get your money back.
Bottom Line
Overall, Bitwarden is a standout password manager thanks to its open-source design, various safety features, and excellent free plan. However, throughout my testing, I found that some things hold it back from being as good as the best password managers. For example, its auto-fill features aren’t the best, and it’s missing password sharing.
While Bitwarden is good for basic and secure password management, you should get a top premium alternative like Dashlane if you want comprehensive password safety. Besides its protection, Dashlane offers many useful features, well-priced plans, and more, making it the best overall choice. Plus, you can try Dashlane risk-free, as it’s backed by a 30-day money-back guarantee.
FAQs About Bitwarden
Is Bitwarden good?
Yes, Bitwarden is a good password manager. It provides reliable security via its encryption and zero-knowledge architecture. Plus, Bitwarden has other useful features like auto-save and fill, password generation, data breach monitoring, and more.
Can I use Bitwarden for free?
Yes, Bitwarden provides a solid free plan. It offers all the app’s key features, including airtight encryption, secure vaults, auto-save and fill, and unlimited device support.
Is Bitwarden really safe?
Yes, Bitwarden uses AES 256-bit encryption to ensure your data stays safe. Also, it has a zero-knowledge architecture, meaning no one except you can see your data, not even hackers who somehow gain access to Bitwarden’s servers.
How and where does Bitwarden store passwords?
Bitwarden fully encrypts your data and stores it in the Microsoft Azure cloud. The Azure cloud is a secure service maintained by the experienced teams at Microsoft, so it follows industry-standard data management and safety practices.