Platforms: Windows, Mac, iOS, Android, Linux
Free version: Limits on file sharing and 2FA
2FA: Yes
Browser plugins: Chrome, Safari, Firefox, Opera, Brave, Microsoft Edge, Vivaldi, Tor
Form filling: Yes
Mobile PIN unlock: Yes
Biometric login: Face ID, Touch ID on iOS and macOS, fingerprint and face unlock on Android, Windows Hello
Killer feature: Unlimited syncing across all devices on free version
Bitwarden is a highly secure, open-source password manager that does the basics really well and at little cost.
It offers more on its free tier than most competitors do, and its premium plan — with features such as advanced two-factor authentication (2FA) and secure storage — will set you back just $10 per year.
Users simply looking to save an unlimited number of passwords that sync across all their devices and automatically fill in online forms will get that with Bitwarden's free tier.
Bitwarden is not the most intuitive service to navigate, and it has some clunky functionality compared to other password managers. However, it's a great value for anyone on a budget who's willing to figure it out. Bitwarden is our top free choice among the best password managers.
Read on for the rest of our Bitwarden review.
Bitwarden: Costs and what's covered
Bitwarden offers three pricing tiers for consumer accounts: Free, Premium ($10 per year) and Family ($40 per year).
The free tier comes with most of the basic features you'd want in a password manager, making it a good option if you're just looking for safe storage. The Premium plan is a bargain when compared to similar tiers offered by other password managers, which often run about $35 per year.
Users on Bitwarden's Free plan get unlimited password and secure-note storage across as many devices as they want. There's also a password generator and an innovative feature called Bitwarden Send for sharing sensitive text-based information.
Bitwarden will auto-fill usernames and passwords through its browser extensions on the desktop and with the Bitwarden mobile apps on iOS and Android. Form filling for identities and payment info is included with this tier, but on the desktop versions only.
If you upgrade to a Premium account, $10 per year gets you all of the above features, plus file sharing via Bitwarden Send, the Bitwarden Authenticator app for verifying your identity on accounts that use 2FA or time-based one-time passwords (TOTPs) and an emergency access feature that lets you grant vault access to another user in case of, well, an emergency.
This premium tier also comes with 1 GB of secure storage, priority support, advanced 2FA options such as YubiKey and "health reports" — basically, security audits (manually generated) that show you if your passwords are weak, recycled or have been exposed in a data breach.
If you know how to set up a server, then Bitwarden also offers self-hosting (versus cloud hosting) options with all plans for anyone who wants complete control over their data using their own server.
The Bitwarden server can be anything from a leased cloud instance to a Raspberry Pi sitting on a shelf in your living room. Bitwarden has server specifications and instructions here, and there's a good third-party walkthrough here.
Finally, Bitwarden's $40-per-year Family plan is basically Premium for up to six users with unlimited sharing between accounts.
As we've noted, Bitwarden Free is a solid option for basic password management — maybe the best one out there. LastPass, one of our other top freemium picks, now limits syncing on its free plan to only computers or to only mobile devices, a significant gap that Bitwarden fills.
LastPass does include some of Bitwarden's Premium features, such as the ability to use an in-house authenticator app, in its free tier, but at $36 per year, its premium option costs nearly four times what you'll pay for a similar Bitwarden plan.
The premium and family plans offered by other password managers will also set you back a lot more than $10 (or $40 for families) annually, which may be attractive only if you really need bonus features like a built-in VPN.
The Bitwarden desktop application supports Windows 7, 8.1 and 10; macOS 10.14 and later; and most major distributions of Linux. The Windows and Mac versions can be downloaded directly from the Bitwarden website or via the Windows and Mac app stores.
There's also a "portable" Windows version you can install on a USB flash drive. If you want to get really elite, there's a command-line version that works on Windows, Mac and Linux alike.
There are Bitwarden desktop browser extensions for Chrome, Safari, Firefox, Opera, Brave, Microsoft Edge, Vivaldi and the Firefox-based Tor browser. Mobile apps are available for both iOS (10.0 or later) and Android (5.0 and up). You can also access your vault via any web browser at vault.bitwarden.com.
For this review, I tested Bitwarden on a 2020 MacBook Air running macOS 10.15 Catalina and an iPhone XR. I used Google Chrome for browser testing.
Bitwarden: Setup
To get started, you'll need to create an account on Bitwarden's website using your email address and name. You'll also choose your master password and an optional password hint. There is no password recovery if you forget your master password, so the hint may be helpful. Either way, make your master key something both secure and memorable.
Bitwarden doesn't do much hand-holding through the setup process, although its Help pages are actually pretty helpful. Once you have your account set up, you'll be logged into your web vault to start importing and organizing your passwords.
To import data from LastPass, 1Password, Firefox, Chrome or another one of many supported file formats, select Tools > Import Data and fill out the dropdown fields. If Bitwarden doesn't officially support the service you currently use, you can create and upload a CSV file. Note that data uploads are possible only in the web app, not via desktop or mobile.
Next, download the relevant desktop and mobile apps as well as browser extensions. It took almost no time for me to install these and get logged in. Extension features like autofill and password generation functioned immediately, with no additional setup needed.
However, the Bitwarden browser extension did not automatically sync, so if you download the extension before you import passwords into your vault, you'll need to go to Settings > Sync > Sync Vault Now to be able to view your logins.
Bitwarden on desktop
Bitwarden would be easy to use with only the browser extension and web app, as the desktop app doesn't add any functionality and is only slightly sleeker. In fact, some features, such as emergency access and vault health reports, are available only in your web vault (under Tools > Reports).
The browser extension looks a lot like a mobile app, with tabs for your main vault, Bitwarden Send, a password generator and your settings.
There are a few ways to use the automatic formfilling feature. If the website you're on has a saved login, the Bitwarden extension icon in your browser toolbar will have a number on it. Tap the icon to open the extension and select the password you want to auto-fill.
To auto-fill credit cards or identities (addresses, for example) when checking out or filling out forms, toggle the Bitwarden extension icon and hit Tab on your keyboard. All available cards and identities should be visible to select.
I found it easier to open the extension immediately than to right-click (CTRL + click on Mac) and navigate through several menus to select the correct login, although that's also an option if you prefer.
Perhaps the easiest option is a keyboard shortcut that auto-fills your most recently used login without actually opening the extension or dropdown menus. Bitwarden has a few standard keyboard shortcuts:
- Windows: Ctrl + Shift + L
- macOS: Cmd + Shift + L
- Linux: Ctrl + Shift + L
- Safari: Cmd + \ or Cmd + 8 or Cmd + Shift + P
My Chrome shortcut was set to something different by default, so if that's the case, you can view and configure different shortcuts in your browser if needed.
Bitwarden's password generator is a little bit clunky compared to those of other password managers — you have to manually go into the Bitwarden extension to create and copy/paste a password.
When you create a new login on a website, Bitwarden should ask if you want to save it to your vault. This worked each time I tested it, though you'll want to be careful that Bitwarden saves updated passwords properly.
Sharing texts and files with Bitwarden Send is quick and easy using the browser extension. You can also view and edit the item or copy login information directly from the extension.
If you opt to download the desktop app as well, you'll find a left-justified menu bar where you can select your specific login types to view all the usernames and passwords in that category.
You can also organize or view by folder — use the plus sign to create a new folder — or view your favorites or trash. Search the selected category using the search bar at the top and add a new record using the plus icon at the bottom.
If you toggle Send at the bottom instead, you can create file or text links to content on your computer, which you can the copy or share to send. You can select a date on which access to your send will expire, or on which your send will be permanently deleted, as well as a maximum access count.
File sharing is available only with a Premium account, though you can send text links on the Free tier. Send recipients do not need to use Bitwarden to open the sent links or files.
Unlike the browser extension (and the mobile app, as described below), the Bitwarden desktop app does not have a separate tab for the password generator. Instead, you'll find it under View in the main application toolbar.
Bitwarden mobile apps
Like the desktop app and browser extension, the Bitwarden mobile app is basic. The interface and functionality are almost exactly the same, so the experience will be similar no matter which device you're on.
When you first log into your mobile app, you'll likely see a pop-up notifying you that you have to enable notifications for your vault to sync properly.
The default screen is your vault home, organized by item types and folders. There's a plus sign in the upper right corner to create items and a search icon to search your entire vault. If you tap on Login or another item type or folder, you'll see the full list of items in that category.
Tap on the three horizontal dots to view, edit or copy the account information. You can also launch the website or app directly from Bitwarden.
Password auto-fill is easy to enable in your phone Settings — but unless you want to type in your master password each time you need to connect to Bitwarden, go to Settings > Unlock with Face ID or Unlock with PIN Code in the app. Once enabled, this feature works smoothly. However, you cannot auto-fill cards or identities on mobile.
The Bitwarden app has a built-in password generator, which allows you to set the parameters for the password and copy it to paste directly into the app or website.
You can also use Bitwarden Send in the app just as on the desktop: Create links to text or content on your device, which you can copy or share using any share options on your phone. Toggle the Send icon on the bottom toolbar and select the plus sign in the upper right corner.
Bitwarden: Security
Like most password managers, Bitwarden uses AES-256 encryption to protect the data stored in your password vault. Your information is only unencrypted, and only locally on your device, once you've logged into your vault with your master key.
Bitwarden is also SOC 2 Type 2 and SOC 3 compliant, meaning the organization has met standards set by the Association of International Certified Professional Accountants (AICPA) for handling consumer data. Bitwarden undergoes a security audit every two years, but it's also open-source, so the code is available for anyone to review for flaws.
All Bitwarden users get several 2FA options for accessing their vaults. Free-tier members can set up a two-factor authentication login process using email verification or an authenticator app like Authy or Google Authenticator.
The Premium tier also supports Duo Security, YubiKey and FIDO U2F-compliant USB security keys. As mentioned earlier, Premium subscribers can also use Bitwarden's own authenticator app instead of a third-party one.
Once you've logged in with your master password and any enabled two-step method, you can unlock your vault using a PIN or a biometric method. Bitwarden supports fingerprint and face unlock on Android, both Touch ID and Face ID on iOS, biometrics on Windows 10 via Windows Hello and Touch ID on macOS.
Bitwarden password manager review: Bottom line
Bitwarden is a solid password manager, especially at such a low price point. Its free version is arguably the best budget option available now that LastPass has restricted data syncing on its free plan. Plus, at just $10 per year, Bitwarden's premium tier is well worth paying for to get extras like security audits and advanced 2FA.
Bitwarden does have a learning curve for those who are new to password managers, and some of its features are clunkier than its competitors. But if all you want is a free — and highly secure — way to store and sync logins, Bitwarden is the obvious choice.
