Bitwarden Review: Quick Expert Summary
Bitwarden is a secure open-source password manager that comes with heaps of extra features and a remarkably low price tag. I tested all of Bitwarden’s features for security and usability, and it performed rather well — it’s actually one of the best options on the market for advanced users, but it’s not as good as competitors like 1Password.
Bitwarden has all the security tools that I expect from a premium password manager, including strong encryption, two-factor authentication (2FA), password security auditing, password breach monitoring, plus cloud and local hosting options. It doesn’t have as many extra features as some of its top competitors, like Dashlane’s VPN or 1Password’s Travel Mode, but it has a unique Send feature that lets you securely send sensitive information and files to non-Bitwarden users. It’s also soon to implement passkey support.
Other top password managers are a great deal more user-friendly than Bitwarden, which is its biggest drawback. Importing passwords from a browser or other password manager is tricky for non-technical users. Likewise, sharing and syncing password vaults with other users is more complicated than necessary, and auto-save and auto-fill are clunky at times. Ultimately, the interface just isn’t intuitive.
That said, Bitwarden is a good, low-cost option for tech-savvy users and users on a budget — it’s highly secure, handles basic password management well, has a couple of really useful extras, and is around one-third the cost of most competitors.
|🏅 Overall Rank||#11 out of 56 password managers|
|🔐 Encryption||256-bit AES|
|🎁 Free Plan||Unlimited passwords, unlimited devices|
|💸 Pricing||Starting at $10.00/year|
|💰 Money-Back Guarantee||30 days|
|📀 Operating Systems||Windows, Android, Mac, iOS, Linux, ChromeOS|
Bitwarden Full Review
Bitwarden is a basic but highly secure open-source password manager with some great extras. It’s also one of the cheapest products on the market. However, Bitwarden is not as user-friendly as most top competitors — a lot of its features are clunky, complicated to use, and unintuitive. But it does come with some cool extras, including local hosting.
Bitwarden offers a range of plans that are all extremely budget-friendly, and it’s one of the very few password managers that allows you to sync unlimited passwords across unlimited devices on its free plan — making it a great free password manager.
Bitwarden Security Features
Bitwarden keeps user data secure with 256-bit AES encryption — the same encryption used by banks and governments around the world — so you can feel secure storing your information on Bitwarden’s cloud servers. However, if you’re worried about your data being compromised in the cloud, Bitwarden also offers the option for local data storage (self-hosting). This is a nice option for tech-savvy and security-conscious users, but Bitwarden’s servers are actually more secure than most users’ local networks, so local storage isn’t something most users need to worry about.
Bitwarden is also a zero-knowledge password manager, meaning no one from the company can access or see the data in your Bitwarden vault — you’re the only one who knows your master password and therefore the only one who can unencrypt your Bitwarden vault. This is a good thing as far as security goes, but it does mean that if you forget your master password, you’ll lose access to all your passwords — because unlike some competitors, such as LastPass, Bitwarden doesn’t offer any account recovery options. That said, you may still be able to access your vault if you have biometric logins set up on another device, or emergency access enabled, plus there’s an option to set up a master password hint for such occasions.
Each Bitwarden account also has a fingerprint phrase associated with it — a random 5-word phrase that Bitwarden will use to verify users’ identities when they’re doing something encryption-related such as sharing credentials. You can find your unique fingerprint phrase in the account settings.
Bitwarden has all the security tools and features I expect in a premium password manager, such as:
- Multiple two-factor authentication (2FA) options.
- Password generator.
- Password sharing.
- Password auditing and breach monitoring.
- Emergency access.
Bitwarden has a practical vault that allows you to store passwords and other information. However, it’s not as intuitive as a lot of other password managers, and some of its organizational functions are somewhat clunky.
Bitwarden’s vault allows you to store 4 main types of data:
- Credit cards.
- Secure notes.
The forms for each of these entries have a decent number of fields — all the standard ones you’ll want, plus a few customization options. There are also options to create folders so you can keep your vault organized, which is a nice feature. However, I didn’t find Bitwarden’s vault particularly intuitive or easy to use. I much prefer other password managers’ vaults, like RoboForm, which has one of the most detailed vaults on the market with templates for pretty much every single piece of data you can imagine, or 1Password, which has one of my favorite vaults for usability and easy organization.
Bitwarden includes a shared vault option in all its plans, called Organizations — but I found this feature particularly unintuitive in my tests. Creating an Organization and sharing it with your chosen person is straightforward, but managing the data within it is a bit of a hassle. For example, managing logins between your main vault and an Organization is only possible via the web app, not the desktop or mobile apps. It’s also impossible to move an entry from one Organization to another — you have to clone a copy to save in your main vault and then delete the original, which just seems crazy.
Overall, Bitwarden’s password vault does the basics — it has space for all your passwords and other sensitive information. But it’s one of the least attractive and least intuitive designs in the password manager market, so Bitwarden might not be the best choice for anyone wanting a smooth, simple, click-and-go type password manager.
Two-Factor Authentication (2FA)
Bitwarden provides excellent two-factor authentication (2FA) options. When enabled, 2FA means you need to provide both your password and a second form of verification when logging into an account. This provides an important extra layer of protection for securing online accounts, because it prevents others from gaining access to your accounts even if they somehow get a hold of your passwords. Bitwarden supports a range of different 2FA options to increase the security of your Bitwarden vault, including:
- Using an authenticator app like Authy or Google Authenticator.
- Getting one-time codes via email.
- Biometric logins (on compatible devices).
- USB security keys like Duo and YubiKey (Premium only).
Premium users also get an integrated TOTP (temporary one-time password) authenticator, which you can use to log into the compatible accounts saved in your vault. Most top password managers now have integrated TOTP authenticators, but not all — Sticky Password is yet to include this feature.
This feature is easy to use, and it’s also very convenient. Bitwarden shows you all the TOTP-compatible accounts in your vault and explains how to set it up. I had no trouble syncing Bitwarden with the TOTP 2FA on my PayPal account, and once set up a secure 6-digit password is auto-generated every 30 seconds. Both Bitwarden’s mobile apps and browser extensions will then automatically copy this TOTP code so you can easily paste it into the required login field.
Bitwarden’s 2FA options are genuinely good, and I like that it also supports USB keys — some competitors only allow 2FA via authenticator apps and TOTP SMS codes. I also think it’s great that Bitwarden Premium has its own TOTP authenticator, so you can easily enhance the security of your online logins without having to use a third-party authenticator.
Bitwarden’s password generator is simple to use and effective — it offers users the ability to generate either random strings of numbers, letters, and symbols, or to create easy-to-remember passphrases like correct-horse-battery-staple. It also has the option of generating usernames — which can include parts of your email address or other defined choices. Not all password generators have this many options. Dashlane only generates random passwords, so I like these additional features from Bitwarden.
I also like that Bitwarden can generate passwords from 5 to 128 characters long. The default password length is 14, which is ok, but I recommend making your passwords at least a couple of characters longer. I also think it’s cool that you can choose to exclude ambiguous characters from your passwords, although this isn’t too important since you don’t actually have to remember the passwords (still, it’s a nice touch!).
Generating passwords with Bitwarden and copy-pasting them was easy, but I had some trouble getting Bitwarden to save these new logins automatically. During my tests, Bitwarden didn’t auto-save a couple of the passwords I had just generated, so I had to manually copy-paste the new logins into my vault. This wasn’t too time-consuming, but given competitors like 1Password and Dashlane auto-save passwords quickly and easily, it’s definitely something I’d like to see Bitwarden do better.
However, Bitwarden allows you to view your history of generated passwords, which is useful if the auto-save doesn’t work or if you neglect to save one. Dashlane also has this feature, but a lot of password managers don’t.
Overall, Bitwarden makes it simple to create super-strong passwords and passphrases. I think it’s great that Bitwarden’s password manager has plenty of customization options, and I especially like that it can generate passwords up to 128 characters long.
Sharing Sensitive Information — Send
Bitwarden’s unique Send feature lets you easily and securely share sensitive information with any recipient. The Send feature is built into Bitwarden’s web dashboard, browser extension, mobile app, and desktop app, and it allows you to quickly share files (up to 500 MB on desktop or 100 MB on mobile) and text information (up to 1,000 encrypted characters), which might include passwords, notes, or other sensitive data.
A nice bonus is that the recipient doesn’t need a Bitwarden account. Top password managers like Dashlane offer secure sharing features, but the recipient usually needs an account to access them.
You can create and store “sends” within a specific section of your Bitwarden vault. When creating a new “send”, you give it a name, write the text you want your recipient to see and/or attach the files you want them to have access to, choose from a range of options relating to access, and then hit save. Bitwarden then generates a unique URL for the particular “send”, which is hosted on its secure servers, and anyone you share that link with can access it.
This feature is a great way to send sensitive information to companies or other third parties, as it means it won’t sit in their email accounts indefinitely. When creating your “send” you can put a time limit on how long it will be accessible for, as well as limit the total number of times they can access it. You can also password-protect it, meaning that only recipients with both the URL and the password (which you’d send separately) would have access.
I really like this feature, but it only provides access to a single, static piece of data. If you’re looking to share and sync whole folders or vaults with other users, or share passwords that your friends can automatically use to log in to accounts, you’ll need to use Bitwarden’s Organization feature, which is more like a traditional password manager sharing feature.
Password Sharing — Organization
Bitwarden also has a more traditional password-sharing feature, similar to those offered by Dashlane and LastPass. This feature allows you to share logins and other details from your vault with your friends and family, but they will need a Bitwarden account to view, access, and use all the data.
Bitwarden’s sharing feature works via Organizations — which is basically a shared vault. You start by creating an Organization and adding all the passwords and other data you want to share. You then send an invite to your chosen recipient(s), and choose their level of access — which determines whether they can access and modify the entire vault, or whether they only have read-only access. There’s also the option to hide the passwords, meaning they can use them to log in, but not read them.
You can also create Collections within your Organization — this makes it easy to organize your logins, as well as who has access to what. For example, if you’re using an Organization to share passwords with your family, you can group the items everyone can access in one Collection and make another Collection for sensitive info you want to share with your partner but not your kids.
Bitwarden’s Free and Premium plans both include 1 free Organization, in which you can store unlimited items. However, you can only create 2 Collections and share items with 1 other user. Upgrade to the Families plan to create an unlimited number of Organizations and Collections and share them with up to 6 people. If you need to share passwords with more than 6 people, you will need to upgrade to one of Bitwarden’s business plans. The Teams and Enterprise plans offer Organizations that include unlimited Bitwarden users.
Overall, it’s great to have a shared vault option, but setting up Organizations and Collections is a bit of a hassle. It’s also a little limiting in terms of the sharing options provided. Other top password managers, like Dashlane, offer a much more intuitive and flexible sharing experience. Plus, if you want to share logins with more than one user, you have to upgrade to the family plan. On the other hand, Bitwarden Families allows for comprehensive shared vault management between up to 6 users and is much cheaper than the competition.
Password Auditing and Breach Monitoring
Bitwarden offers several password auditing tools to keep your vault as secure as possible. These “reports” all offer valuable information to help you analyze different aspects of your password vault. Here’s what Bitwarden’s password auditing checks for:
- Exposed passwords. Checks breach databases for any of your saved passwords.
- Reused passwords. Scans your vault for repeated passwords.
- Weak passwords. Flags simple and weak passwords in your vault.
- Unsecured websites. Warns if you have accounts on sites with the insecure HTTP protocol instead of the safer HTTPS protocol.
- Inactive 2FA. Highlights the accounts in your vault that support 2FA login, which you can set up with the Bitwarden TOTP Authenticator for extra security.
- Data breach. Checks breach databases for any of your emails or usernames to see if they’ve been breached.
Data breach monitoring is included in Bitwarden’s Free plan, but you’ll need to upgrade to Premium to access all the other reports. This is a shame, as competitors like Dashlane include this feature for free. That said, Password Boss and others also charge for their password auditing tools, and Bitwarden’s plans are at least very reasonably priced.
Bitwarden’s password auditing feature works quite well — it brought up all of the weak and repeated passwords, unsecured sites, inactive 2FA, and breached logins in my testing, so it was easy for me to see which passwords I should change.
The only complaint I have is that Bitwarden doesn’t have real-time breach monitoring — competitors like Dashlane and Keeper automatically notify users when their sensitive information shows up on the dark web, whereas Bitwarden only checks when you do a manual search. But if you regularly check on the security of your online accounts, this shouldn’t be a problem.
Overall, Bitwarden’s vault health report makes it easy to monitor the strength of your logins and change weak or compromised passwords.
Bitwarden has an Emergency Access feature for Premium subscribers. This is an important feature that allows your loved ones or other trusted contacts to access your passwords in the event of an emergency. I was pleased to see Bitwarden offers this.
Bitwarden’s Emergency Access is easy to set up and use. From the Emergency Access tab within your main Account Settings, simply click on + Add emergency contact, enter the email address of your chosen contact, and define their waiting period and access level. They will receive an email notification and be required to create a Bitwarden account in order to accept the invite if they don’t already have one — but a free account is sufficient for the invitee. Once both parties have accepted and reconfirmed the trusted contact, an encrypted key (linked to your emergency contact’s email address and Bitwarden account) is created and stored — enabling your vault to be unencrypted in the event of an emergency.
When your contact needs access, they simply request it from within their Bitwarden account, and if you don’t manually accept or deny the request, they will automatically gain access once the specified waiting period has elapsed (which you will have chosen when first setting up the trusted contact). You can further specify the level of access your contact will be granted: View (they can read/view all items in your vault), or Takeover (they create a new master password and gain complete control of the vault). If you choose the second option, you can use the feature to recover your account should you forget your master password.
Overall, this is a great feature that is easy to set up, works perfectly, and gives extra peace of mind. Most password managers have a similar feature, although Password Boss allows you to choose the specific passwords that are shared with specific contacts, rather than automatically sharing the entire vault. This is a nice level of customization that I’d like to see more password managers offer.
Bitwarden Plans and Pricing
Bitwarden is one of my favorite password managers for users on a budget — it offers tons of good features in every single plan, and its paid plans are cheaper than any other premium competitor.
Here’s a quick overview of Bitwarden’s plans:
|Platforms||Mac, iOS, Windows, Android, ChromeOS, Linux||Mac, iOS, Windows, Android, ChromeOS, Linux||Mac, iOS, Windows, Android, ChromeOS, Linux|
||Free||$10.00 / year||$40.00 / year|
|Number of licenses||1||1||6|
|Shared Vaults (Organizations)||1 Organization, 2 Collections, 1 other User||1 Organization, 2 Collections, 1 other User||Unlimited Organizations, Unlimited Collections, 5 other Users|
|Bitwarden Send||Text Only||Text and Files||Text and Files|
|2FA||Email, Authentication App||YubiKey, FIDO2, Duo, Email, Authentication App||YubiKey, FIDO2, Duo, Email, Authentication App|
|Encrypted File Attachments||❌||1 GB Personal||1 GB Personal and 1 GB for Organizational Items|
|Bitwarden TOTP Authenticator||❌||✅||✅|
|Vault Health Reports||Username Data Breach Report Only||✅||✅|
|Email Alias Integration||✅||✅||✅|
Bitwarden Free — Good Range of Features
Bitwarden Free offers a lot of good free features:
- Unlimited password storage across unlimited devices.
- Unlimited secure notes, credit cards, and identity storage.
- Password generator.
- Unlimited password sharing with 1 user.
- Bitwarden Send (encrypted sharing) for text notes.
- Data breach scanner.
- 2FA compatibility with TOTP authenticators like Authy.
- Biometric login for Android, iOS, and Windows 10 & 11 devices.
- Local data storage (self-hosting).
I think Bitwarden Free is one of the best free password managers out there. It has most of the features a single user needs to keep their passwords protected, and it’s one of the few free password managers to allow unlimited passwords synced across unlimited devices. However, it doesn’t include password strength auditing or encrypted file storage like Dashlane Free.
Bitwarden Premium — Great Features for a Great Price
Bitwarden Premium is one of the cheapest and best value premium password managers on the market — costing just $10.00 / year. It offers a ton of useful cybersecurity features, and it costs a lot less than most competing products.
Bitwarden Premium includes all of the features mentioned in the Free plan, plus:
- Password health and auditing tools.
- Built-in TOTP 2FA authenticator.
- USB 2FA with apps like YubiKey and FIDO.
- Emergency access.
- 1 GB encrypted storage.
- Bitwarden Send (encrypted sharing) for text and files.
- Priority support.
Bitwarden Free is truly useful, but Bitwarden Premium is cheap enough that it’s well worth the upgrade, as it comes with excellent additional security features, including advanced 2FA, vault auditing, and a built-in authenticator.
Bitwarden Premium has one flaw — that you can only share or sync folders with one other user. Sure, you can use Send to share text or files, but this means you’re restricted to sharing static pieces of data. Many competitors have sharing features without these limitations — Dashlane provides unlimited password sharing with unlimited users in both its free and premium plans.
That said, Bitwarden Premium is a great password manager, especially for the price. And you can try Bitwarden risk-free with a 30-day money-back guarantee.
Bitwarden Families — Decent Family Plan
Bitwarden Families includes all of the features in Bitwarden Premium, plus:
- Coverage for up to 6 users.
- Unlimited password sharing between up to 6 users.
- 1 GB storage for shared items.
The Families plan is only slightly more costly than Bitwarden Premium, and at $40.00 / year, it’s the cheapest password manager for families on the market.
Unfortunately, I found the password sharing feature to be unintuitive — the Organizations feature is hard to find in the online dashboard, and it can be tricky to sync and share logins. 1Password’s family sharing feature is much simpler, and it also includes a variety of permission settings for parents and families.
However, more tech-savvy families will definitely appreciate Bitwarden Families — it’s cheap, secure, and effective, plus there’s a 30-day money-back guarantee (which 1Password doesn’t offer).
Bitwarden Ease of Use and Setup
Bitwarden is easy to download and install, but importing passwords is less streamlined than with other password managers — I had to go through Bitwarden’s Help Center to figure out how to import passwords from my old password manager into the Bitwarden vault. However, once I found the instructions, it was easy to import a CSV file with my passwords into Bitwarden. There is the option to directly import passwords, but only if you’re switching from LastPass.
I hope Bitwarden will improve in this area and make setting up your vaults easier. At the very least, they should provide better guides to walk you through the installation and migration process. Dashlane, 1Password, and most other premium password managers make importing passwords much easier.
Password auto-filling can be clunky too, and I found myself wasting time editing my logins. Whenever you enter a new login, Bitwarden offers to save that login to your password vault. Each time you want to log into a saved website (that Bitwarden recognizes), you will see a small number “1” in the browser extension. Clicking on the browser extension should reveal the saved login in your vault, and you can simply click that login to auto-fill your password. This isn’t the worst auto-fill option, but it’s still not as convenient as Dashlane and LastPass, which allow you to click an icon in the login field to auto-fill without hassle.
Bitwarden’s auto-save function worked reasonably well for me, but I had a few frustrating experiences with it. I would use the auto-save function to add a new password to my vault, but Bitwarden would fail to remember that site when I returned to it. I had to either manually search for the saved password in the browser extension, or manually edit the saved login so that Bitwarden was able to identify the website.
There were also several times that Bitwarden failed to offer to auto-save a new login, so I had to add it manually — this is really annoying. Competitors like Dashlane and 1Password are able to immediately auto-save and auto-fill logins without all of this hassle. Users looking for a password manager that provides a seamless and simple auto-fill and auto-save experience should definitely avoid Bitwarden.
That said, Bitwarden has recently added a handy account-switching feature to enhance ease of use for users with multiple Bitwarden accounts. This means that if you have more than 1 Bitwarden account, for example, work and personal accounts, you can switch between them seamlessly without having to log out and log back in again each time. It works for up to 5 accounts, and it’s a cool addition.
Overall though, Bitwarden isn’t the most intuitive password manager. But users who are willing to put a little bit of extra time into customizing their password manager experience will find that Bitwarden provides everything they need to securely save, store, and fill their logins.
Bitwarden Mobile App
Bitwarden’s mobile app is pretty good. I tested it out on my iPhone, and it integrated really well with iOS, including my iPhone’s biometric scanner — I could log into Bitwarden using just a fingerprint. All of my passwords were synced easily between my desktop and my phone, and I had no trouble setting up Bitwarden to auto-fill my passwords.
The mobile app includes the password generator and the Send feature. It’s simple to switch between your private and shared vaults, and if you have multiple Bitwarden accounts, you can also easily switch between these with just one tap.
If you use the TOTP authenticator, these codes are found at the top of the main screen, and new codes are automatically copied to your phone’s clipboard so you can easily paste them.
For the most part, Bitwarden’s mobile app is really intuitive to use. During my tests, it automatically detected password fields and auto-filled logins for my saved sites more easily than the browser extension on my PC, and the biometric login made it easy for me to access my Bitwarden vault on my iPhone.
Bitwarden Customer Support
Bitwarden’s customer support options are simple and a little limited but responsive and helpful. Bitwarden offers excellent email support as well as a robust knowledge base and forum community. However, there is no phone support and no live chat — a number of top competitors offer this, including Dashlane and RoboForm — and I genuinely missed this option with Bitwarden.
However, I was sincerely impressed with the swift response from Bitwarden when they replied to my email — check out the time stamps on our email exchange that occurred after business hours on a Friday! Most password manager tech departments try to get back to you within 24 hours, and often those hours are limited to business hours on Monday-Friday. Bitwarden got back to me in just over 90 minutes on a Friday night.
The Bitwarden knowledge base is quite comprehensive. It has an excellent Help Center with easily understandable user guides on all features and topics, as well as an impressive Learning Center with tutorials sorted by skill level. The active and informative community is an added bonus. Given that Bitwarden is open-source, there are numerous community members who contribute useful content to the knowledge base. Bitwarden’s staff also actively participate within the community.
I’m a big fan of Bitwarden’s customer support — most competitors take too long to get back to their customers, and some competitors like LastPass even make sending an email tricky! I was able to find answers to most of my questions in the Help Center, but it was also easy to make contact with Bitwarden’s support reps, and they responded to all of my inquiries in a timely manner and offered helpful and accurate advice.
Is Bitwarden a Good Value in 2023?
Bitwarden is a reliable and secure password manager with a variety of useful security features for a good price. It’s not the most attractive or intuitive product, and it doesn’t have as many unique or extra features as the likes of 1Password or Dashlane, but it’s definitely got what it takes to keep your logins secure — and it costs a fraction of the price of most competitors.
Bitwarden offers unlimited passwords across unlimited devices on its free plan, and it’s one of very few premium password managers to do this. It also comes with all the core password management features you’ll need as well as 2FA and biometric logins for extra security.
Upgrading to Bitwarden Premium brings compatibility with advanced 2FA tools like YubiKey, an integrated TOTP authenticator to use with your saved accounts, plus comprehensive password auditing and password breach monitoring. You also get access to the full version of the distinctive Send feature, which allows you to send files and text (with time and access limits) to non-Bitwarden users via an encrypted URL.
My biggest complaint is that Bitwarden’s user experience isn’t intuitive when compared with most competing password managers. Auto-save and auto-fill are clunky, and sharing password vaults between users is needlessly complicated. That said, Bitwarden’s customer support is great — the tech support team got back to me right away via email, and there is also a comprehensive knowledge base.
Overall, Bitwarden is not a “set-and-forget” type of application. Users looking for an easy-to-use password manager should look to something more intuitive, like 1Password or Dashlane. But if you’re willing to spend some time learning about how to make the most out of Bitwarden, its inexpensive price tag makes it a high-value password manager.
Frequently Asked Questions
Is Bitwarden safe?
Yes, Bitwarden is very safe. It protects user passwords with 256-bit AES encryption, which makes it basically impossible for hackers to access the data on Bitwarden’s servers. Bitwarden also has a zero-knowledge policy, so not even Bitwarden staff can access your data.
Bitwarden’s open-source development means that a ton of cybersecurity experts around the globe have extensively scrutinized it. Many security-minded users stand by Bitwarden as one of the most secure password managers on the market because the Bitwarden community has carefully analyzed every piece of its source code.
Is Bitwarden free?
Bitwarden Free is one of the most full-featured free password managers on the market. Here’s what Bitwarden users get for free:
- Unlimited password storage on unlimited devices.
- Secure notes, credit cards, and identity storage.
- Unlimited password sharing with one user.
- Bitwarden Send for text notes.
- Data breach scanner.
- Password generator.
- 2FA compatibility with TOTP authenticators like Authy and Google Authenticator.
- Biometric login with iOS, Android, and Windows Hello.
Bitwarden Free is pretty good, but I still recommend upgrading to a paid password manager. Bitwarden Premium is a very affordable and secure option. It offers a lot of excellent additional features, like vault auditing, USB-key 2FA compatibility, a built-in TOTP Authenticator, and 1 GB encrypted storage, all for much less than competitors.
Does Bitwarden work for Windows, Android, macOS, and iOS?
Yes! Bitwarden is compatible with all major operating systems — it has a desktop app for Windows, MacOS, and even Linux, a mobile app for Android and iOS, a web app, and browser extensions for an impressive range of browsers, including Chrome, Firefox, Opera, Edge, Vivaldi, Brave, and Tor.
Bitwarden lets you save an unlimited number of passwords across all devices, operating systems, and browsers, and you can sync your data either through the cloud or through your local network.
Where are Bitwarden passwords stored?
Bitwarden offers users two locations to store their passwords. Storing passwords on Bitwarden’s servers allows for simple cloud-sync between all devices, and Bitwarden protects user passwords with 256-bit AES encryption and a secure SRP handshake.
For users with strong network security, Bitwarden also offers the option for local data storage. You can keep your data within your network, which eliminates the (extremely low) risk of a man-in-the-middle attack. Bitwarden is one of the only free password managers that offer local data storage.
Does Bitwarden have an auto-fill vulnerability?
The short answer is no. Auto-fill on page load is a feature included in Bitwarden’s browser extensions that is turned off by default. Although it is typically safe, this feature is not enabled by default due to the risk of compromised or untrusted websites using it to obtain login information.
Unless you deliberately change the settings to enable the ‘auto-fill on page load’ function, this is not something you need to worry about. And it comes with a visible warning, telling you that it is off because it can be potentially dangerous.
Bitwarden has also taken some additional steps to ensure users’ safety by only filling iframes from trusted websites. If users manually auto-fill an untrusted iframe, Bitwarden will display an alert that will give them the option to either cancel or proceed.
Does Bitwarden support passkeys?
It soon will! Bitwarden has announced that it will implement passkey support later this year. Passkeys are a great alternative to traditional passwords, so it’s really good to see Bitwarden plans to support them. Once the feature is live, users will be able to fully integrate passkeys into their Bitwarden vault. There will even be the option to use a passkey to unlock your vault, thus eliminating the need for a master password.