Bitwarden Inc.
Bitwarden — Open-Source Password Manager
Open-source password manager with a genuinely usable free tier and Premium at around £8 a year — independently audited and self-hostable if you want it.
4.5/ 5
01
What we liked
- Open-source under GPL-3.0 (clients) and AGPL-3.0 (server) — the codebase can be inspected by anyone, and has been audited by Cure53 multiple times
- Free tier is genuinely usable — unlimited passwords, unlimited devices, basic 2FA, password sharing with one other person
- Premium tier is around £8/year — among the cheapest paid password managers, with TOTP, hardware key support (YubiKey, FIDO2) and emergency access
- Self-hostable via the official Docker server or the lightweight community Vaultwarden implementation — you can keep your vault entirely on your own hardware
- Strong cross-platform support: iOS, Android, Windows, macOS, Linux desktop apps plus browser extensions for Chrome, Firefox, Safari, Edge and Brave
02
What we didn't
- Default web vault interface looks utilitarian compared to 1Password or Proton Pass — function over polish
- Apps occasionally lag behind competitors on niche conveniences (Watch app, complex sharing workflows)
- Self-hosting is genuinely simple but requires basic Docker knowledge — not push-button for non-technical users
- Bitwarden Inc. is US-based (Santa Barbara, California) — for users with a specific preference for non-US jurisdictions, this is worth weighing
- Company
- Bitwarden Inc.
- Headquarters
- Santa Barbara, California, USA
- Founded
- 2015 (as 8bit Solutions LLC)
- License
- GPL-3.0 (clients) / AGPL-3.0 (server)
- Free tier
- Unlimited passwords, unlimited devices, basic 2FA, sharing with 1 other user
- Premium pricing
- Around £8/year (subject to change — check current pricing)
- Families pricing
- Around £30–£40/year for 6 users
- Encryption
- AES-256-CBC with HMAC-SHA256, PBKDF2-SHA256 (600,000 iterations default) or Argon2id KDF
- Audits
- Cure53 (multiple), Insight Risk Consulting
- Compliance
- SOC 2 Type 2, ISO 27001, GDPR, HIPAA
- Hardware key support
- YubiKey, FIDO2 / WebAuthn (Premium)
- Passkey support
- Yes — store passkeys in vault and use passkey to log in to Bitwarden itself
- Self-hosting
- Official Docker server, community Vaultwarden (Rust)
- Platforms
- iOS, Android, Windows, macOS, Linux, web vault, browser extensions, CLI