Bitwarden Review

Bitwarden Review

Share this article on:

In our Bitwarden review, we explain the password manager´s key features and explore its strengths and weaknesses to help you evaluate whether this is a suitable solution to meet your password management needs.

Bitwarden Review Summary

Bitwarden is an open-source password manager with a strong range of features and capabilities in both the free and premium versions. Ideal for empowering users to become more security conscious, Bitwarden is quick to set up, highly customizable, and can be self-hosted if required.

On the downside, there is no live support if you encounter issues. Although the Bitwarden user interface is more intuitive than most, and there are plenty of online resources that can help resolve your issues, it could be an annoyance if you are unfamiliar with commercial password managers.

Bitwarden Key Features

Bitwarden is a multi-platform password manager that enables users to generate, store, use, and share passwords securely from any location. Bitwarden also supports the secure storage of credit cards and identities, enabling users to autofill payment details and forms using keyboard shortcuts.

Among Bitwarden´s key features, the two most useful to personal and business customers are the capability to synchronize stored data across multiple devices, operating systems, and browsers, and the option to conduct password health checks to identify weak, reused, and exposed passwords.

Below we have compiled a list of some of the other key features available to business customers and indicated whether they are available in the free organization version (F), in the premium organization version (P), or in the premium enterprise version (E). Personal customers are advised differences exist between the personal and business plans. Please refer to our Pricing and Plans section.

 

Security

Security is one of the most important considerations when choosing a password manager, especially in healthcare. Bitwarden security is first rate, offering military-grade end-to-end encryption (AES 256-bit) and PBKDF2 SHA-256, with only the administrator able to manage organization data. Bitwarden operates under the zero-knowledge protocol, so does not have access to users’ password vaults.

Bitwarden only receives hashed versions passwords, which are then hashed again when data is transmitted. Furthermore, one-way hash functions are used with salting, so it is not possible for Bitwarden to reverse that process. Therefore, in the event of a breach Bitwarden-managed servers, or an organization’s servers if self-hosting, only encrypted hashed and salted passwords could be obtained.

Bitwarden is open source, which is great for security. This transparency means anyone can access, review, and audit the code and suggest updates. The company also has a bug bounty program and profile on HackerOne. Bitwarden has also undergone a third-party security audit and cryptographic analysis with Cure 53, which included Bitwarden applications and backend server systems. The company also arranged a security assessment and pen test with Insight Risk Consulting which found no major security issues.

HIPAA Compliance

Bitwarden stands out as an ideal password manager solution for healthcare in terms of security, with the solution having undergone a third-party audit for HIPAA Security Rule compliance in December 2020. Furthermore, Bitwarden is prepared to enter into a Business Associate Agreement if required.

Bitwarden has also been confirmed as meeting the security standards of other regulations including GDPR, CCPA, SOC 2, SOC 3, and Privacy Shield – although it is important to be aware that HIPAA compliance is dependent on how the solution is used rather than its technical capabilities.

Setup, Interface, and Usage

Most users will set up Bitwarden using an easy to install app for Windows, macOS, iOS, Android, or Linux. Browser extensions are available for all major browsers including Chrome, Firefox, Edge, and Opera, as well as less popular browsers such as Brave, and Vivaldi. If you are a previous user of a password manager solution, Bitwarden has an easy import feature from all main password manager solutions.

Thereafter, the user interface is intuitive and simple, making it easy for all users – even those with no experience of password managers. The password manager can be accessed via a web interface from any browser. There are browser extensions available for most web browsers, desktop and mobile apps, and a command-line interface for integration with other identity management systems.

Customer Service and Support

Support is limited for the free versions of the product, and for paid versions customer support only offered online or via email. That said, response times are quick with priority support available for premium accounts. The online help center is comprehensive with a good selection of FAQs, and there is an active online community.

Pricing and Plans

Bitwarden has one of the most extensive free versions of any password manager solution. However, the additional benefits of the premium version coupled with the low price make it worth an investment. Personal Bitwarden Premium plans cost less than $1 per user, per month ($10 per year), with a family plan for up to 6 users costing $3.33 per month ($40 per year).

Bitwarden offers a free organization package for 2 users, with a Teams package for $3 per user, per month and an Enterprise package for $5 per user, per month. The business packages are available on a 7 day no obligation free trial.

Personal Accounts

Personal Accounts Cost Main Features
Basic Free Account 100% free Core password management features; 1-to-1 text sharing, unlimited vault items, sync across all devices, secure password generator, and a self-host option.
Premium Account $1 per month ($10 annually) Premium password security and management features including: Bitwarden Authenticator (TOTP), emergency access, encrypted file attachments, 1-to-1 text and file sharing, 2-step login (YubiKey, U2F, Duo), and vault health reports.
Family Organization $3.33 per month ($40 annually) All premium features for up to 6 users plus priority customer support, self-host option, plus unlimited collections and shared items.

Business Accounts

Business Accounts Cost Main Features
Free Organization Free Forever Core features: Sharing for 2 users, 2 collections, unlimited shared items, unlimited item storage, text sharing, multi-device sync, secure password generator, 2FA, cloud host only.
Premium Organization $3 per user, per month Premium features: Unlimited users, collections, items storage and shared items. Text and file sharing, 1GB storage (personal) and 1GB storage (organizational) user groups, event logs, directory connector, API access, vault health reports, priority support, Bitwarden Authenticator (TOTP), and 2FA, YubiKey, U2F, Duo.
Premium Enterprise $5 per user, per month Premium Organization features plus secure business secrets, enterprise policies, SSO authentication via SAML 2.0 and OpenID connect, plus a self-hosting option.

Verdict

It is hard to fault Bitwarden. Both the free and premium accounts offer great usability and extensive features. Security is first rate, with military grade encryption, open-source transparency, configurable password generators, and excellent vault health reports. The premium versions of Bitwarden are also very competitively priced.

Healthcare users should note the platform has been independently assessed against HIPAA Security Rule standards. The only negative is the lack of phone or live chat support, although email support is good, quick, and available 24/7/365.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.

Share This Post On