- Mar 06, 2021 So, here is our compassion between Bitwarden vs LastPass, which of these is the best open source password manager 2021. The winner takes it all (and hides it) in the battle of the password managers. Password Managers are, we think, generally a good thing.
- Bitwarden Open Source Password Manager Bitwarden The Most Trusted Open Source Password Manager for Business Bitwarden offers the easiest and safest way for teams and individuals to store and share sensitive data from any device. Start an Enterprise Trial Plans & Pricing.
Bitwarden Open Source Password Manager Reviews
So, here is our compassion between Bitwarden vs LastPass, which of these is the best open source password manager 2021. The winner takes it all (and hides it) in the battle of the password managers.
Bitwarden is a free and open source password management solution for individuals, teams, and business organizations. Not even the team at Bitwarden can read your data, even if we wanted to. Your data is sealed with AES-256 bit encryption, salted hashing, and PBKDF2 SHA-256. Bitwarden is focused on open source software. The source code for Bitwarden is hosted on GitHub and everyone is free to review, audit, and contribute to the Bitwarden codebase. Bitwarden: Security Because it’s an open-source password manager, Bitwarden is considered extremely safe — thousands of security experts across the world have independently reviewed every piece of its source code. Bitwarden also uses 256-bit AES encryption to encrypt user data before the data reaches Bitwarden’s servers.
Password Managers are, we think, generally a good thing. Remembering adsofpjdp is one thing, but also committing 4256p4m2glm! and paLsdKfnk26& to memory is quite another. Keeping your passwords strong and changing them regularly is important these days, when you can check on a website whether or not you’ve been “pwned,” and Chrome harasses you with your unfeasible large number of compromised passwords.
Web browsers, the front line in the war between password and jailbird, have been able to remember your passwords for a while now, and can generate strong passwords that you’ll never be expected to remember. This is fine until you try to log in on a different system, or using your cell phone, and have to dig in the browser settings to view the password that it recorded for you.
Benefits of Password Managers
There’s another benefit of password managers: they tend to come backed with some sort of internet security suite or browser plugin. They also make it easy to manage your passwords, syncing across devices, generating new ones, and hiding everything behind a master password—which is the only one you need to remember. You can also use them to hide encrypted notes, too.
Disadvantages of Password Managers
Of course, the downside of this is that they’re massive targets for password thieves. Once they’ve compromised your master password, your entire digital life is laid open. It’s worth, therefore, making that master password as complex as you can possibly cope with, changing it regularly, and never reusing passwords. There are also services, such as some banks, that don’t support their use, and if you’re caught with your banking details in one you may not get a refund if you’re a victim of cyber crime.
Two of the market leaders in password-management software are LastPass and Bitwarden. Both are available for free, though they maintain premium subscription tiers if you need the additional features they can bring. The free apps, however, contain all the functionality you’ll need as a one-person user, and only become limiting if you want to roll them out across entire organizations.
You can store an unlimited number of passwords in both, and sync them across devices. They both generate random passwords when you sign up for a new service or want to change an existing password, and you can use them to encrypt information, such as bank details or credit card numbers.
Open Source Software
Bitwarden VS LastPass
Bitwarden is open source, which means it has faced external scrutiny from security experts, while LastPass is not. This doesn’t mean there’s anything wrong with LastPass’s security, of course—it takes part in security audits—and neither app has reported a full data breach, though LastPass has been the target of some minor ones. LastPass offers a hint for your master password, which can save you if you’ve forgotten it. Bitwarden does not.
Both apps offer plugins for major browsers—Chrome, Edge, Firefox, Opera, and Safari. Bitwarden goes one further and plugs into the, ahem, “privacy-focused” browser Tor, while LastPass works nicely with Internet Explorer. These plugins can be used to auto-fill identity fields within webpages, as well as manage your password database via the web interface.
Both services also come with desktop apps, although it’s notable that Bitwarden’s doesn’t support two-factor authentication, and doesn’t have the random-password generator or password-sharing abilities of the LastPass app. Both services use separate authenticator apps, however.
Usage
The award for user-friendliness has to go to LastPass, as its app and web interface are virtually identical, meaning you only have to learn how to use it once. Both managers use AES-256—the only public security standard approved by the NSA—against which there is no known practical attack strategy that doesn’t use a side-channel or some additional knowledge of the key.
Settings
Setting the apps up is a simple process. If you’ve got passwords stored somewhere, such as in Chrome, then they will import them for you. LastPass’s Security Challenge feature regularly reminds you to change passwords that are overdue or weak, and there’s an auto-change feature that can rattle through multiple password updates quickly— an extremely popular feature with users.
LastPass also has recovery options if you lose your master password, sending one-time passwords to trusted email addresses. Bitwarden doesn’t offer this—any passwords you store on its servers are accessible to you alone through the master password, so if you lose it or it becomes compromised, then you’ll need to rebuild your entire password database.
The Difference
Bitwarden has one feature you won’t find in many other places: your password vault doesn’t have to be stored on its servers. This is likely to be of more interest to corporate users (it’s only available through the Enterprise subscription tier), but the ability to keep your passwords under your control on your own server can be an attractive feature. Both apps offer secure password-sharing between two users as part of their free tier, which scales up through their Premium and Enterprise tiers, and both offer a small amount of encrypted file storage too, as long as you’re a subscriber.
It’s worth pointing out again that both apps have a free tier, so it’s perfectly possible to download them both, get them set up, and choose which one suits you best with no cost other than a little bit of your time. We’re big fans of Bitwarden, but using either app is still better than using neither and trying to remember all your passwords, which inevitably leads to reused, weak passwords, or other security flaws. Password managers are also more secure and flexible than getting your browser to remember them.
The Cost
Pricing is very close, with LastPass’s tiers being slightly more expensive each month by a buck or so. You may find, though, that you get more for your money with LastPass if you’re going to go for one of the business-oriented tiers.
Either way, a password manager is a valuable addition to your enterprise, and anyone who uses passwords online can benefit from one. These apps are so similar that it will come down to which has a feature you like, or just personal preference as to which one you ultimately choose.
Bitwarden offers encryption on a zero-knowledge model — meaning only you have access to your passwords — using the cipher AES-256, which protects passwords using hundreds of thousands of rounds of password “hashing” that turns your passwords into scrambled versions of themselves that can’t be reverse-engineered. It gives you the option of hosting your passwords on Bitwarden’s servers or locally, eliminating any risk of a data breach on the company’s end.
The potential downside of zero-knowledge security and encryption is that, if you ever lose your password, it’s gone for good. But the overall upsides of Bitwarden’s approach are considerable: If you pair strong passwords with the deep password-hashing functionality the software provides, you should have plenty of peace of mind on the security front.
Bitwarden has been audited by third-party security experts, whom it invites to test its limits by making its source code fully available. It also offers two-factor authentication — a must for any modern password management solution — free for use with Google Authentication and email, for which you get a wider range of options with the Premium version.