Up until spring 2021, only two of our leading password managers offered free service tiers that allowed you to synchronize and use a password manager across multiple devices. So when LastPass restricted its free service to use on a single device in March 2021, Bitwarden -- the only other app with the same offer -- sealed the deal and became the de facto free password manager champion.
But what do we know about Bitwarden? Is it as safe to use as LastPass? Is it as convenient and user-friendly? Is it as compatible across platforms, and is it as packed with as many features? You bet your login it is. Bitwarden's open-source code base creates a transparent security foundation beneath its otherwise streamlined and designed-for-simplicity interface. This -- combined with its hyper-flexible platform, browser compatibility and its feature-rich premium options -- push Bitwarden ahead of its competitors.
My once long-held love of LastPass notwithstanding, I finally made the switch to Bitwarden and found out why it's gathered such a devoted fanbase. Here's the scoop on my browser's new best friend.
- Open-source and transparent
- Free version syncs across unlimited devices
- Feature-rich premium versions
- Free version has fewer features than competitors
- User interface isn't as smooth as competitors'
- Premium users get better customer support
Bitwarden cost and compatibility
You'll be hard-pressed to find a traditional platform Bitwarden isn't compatible with. Bitwarden works with Windows, MacOS, Linux, Android, iPhone and iPad. Its browser extensions are available for Chrome, Firefox, Safari, Edge, Opera, Vivaldi, Brave and Tor. The site's extensive knowledge base also specifically includes instructions on using Bitwarden with popular services like Twitch, and offers walk-throughs on integrating Bitwarden with common browser settings to ensure a smoother experience.
With Bitwarden's free tier, you can store an unlimited number of logins, notes and cards in its encrypted vault, all of which you can access from as many devices as you like once you've installed the app. A must-have for any password manager, Bitwarden's free tier also includes a random password generator. Free tier users can also enable two-factor authentication for logins and can use Bitwarden's database breach feature, which checks across multiple sites to see if any of your logins have been involved in a breach.
Bitwarden's free tier isn't as feature rich as LastPass', which offers a password strength gauge that checks all your vault entries for duplicates and weak passwords. But the ability to use Bitwarden for free on multiple devices, which you can no longer do with LastPass, more than makes up for the lack of bells and whistles.
Bitwarden has steadily increased its range of flexible features, however. In March, it announced a new convenience perk that will allow you to quickly switch between different Bitwarden user accounts on the same websites. You can also create customizable fields for your logins. It's a seemingly small benefit that offers big convenience for those who want to get the most out of the app's modular design. Bitwarden has also upped its biometric security option for those who prefer physical authentication over passwords, and enabled security key support for its mobile apps.
More bells and whistles are available in Bitwarden's $10 yearly premium tier subscription service, including a nearly identical password strength report for your vault. The premium subscription also comes with up to 1 gigabyte of encrypted file attachments and secure login via YubiKey, U2F and Duo.
If you really want to take your household privacy up a notch, you can opt for Bitwarden's family plan, which comes with six user accounts and costs $40 a year. Bitwarden offers a 30-day money-back guarantee on its premium services.
Bitwarden security and privacy
When it comes to privacy management services, I'm slow to recommend free services. Online services cost money to develop and maintain, and companies often pay for free services by sharing your data with third-party advertisers, putting your privacy at cross purposes with a corporation's revenue stream.
But Bitwarden's free service has me at ease. Its open-source roots are one of Bitwarden's most appealing features, allowing the web at large to inspect its code for flaws and suss out hidden security threats that aren't as easily identified in proprietary, closed-source software.
Bitwarden's efforts at transparency extend to its public collection of readily accessible audits, certifications and codebase -- including its independent audit by Cure53. In fact, it offers a convenient, ongoing list of all of its security certifications and audits. Its security is just as strong as LastPass', with both offering two-factor authentication, zero-knowledge password encryption (neither company can see your vault entries) and customizable password complexity rules. Bitwarden also allows you to self-host. That means if the public-facing Bitwarden service ever gets breached, your own vault should theoretically be secure.
Outside of actual security strength, privacy is also a priority for password managers.
The web trackers found on LastPass' website previously raised a privacy concern worth noting and pushed me past the tipping point toward Bitwarden. The Exodus Privacy app, developed by the Guardian Project to document the number of trackers and permissions other apps use, discovered seven web trackers (now down to five) in the Android version of LastPass earlier this year.
The web trackers on LastPass included those from Google Analytics, AppsFlyer and Mixpanel. While LastPass' password encryption normally protects your passwords from being viewed by any tracker or site, these trackers let third-party companies collect a startlingly complete record of the sites you visit.
By comparison, Bitwarden had two. LastPass' premium competitors 1Password and KeePass have no trackers.
But the list of third-party entities it shares that data with -- my larger concern -- is fairly limited by comparison, and Bitwarden does have an opt-out option which would further reduce that number. Still, I'd like to see more disclosure from the company about which subsidiaries and affiliates Bitwarden may be able to share your data with.
Is Bitwarden's interface as pretty as LastPass'? Not if you like digital gewgaws and finessed design (don't we all?). But, as a former LastPass devotee now firmly in the Bitwarden camp, I'm more convinced than ever that simple is beautiful.