A password manager used to be something that was simply “nice to have” – an auxiliary player in your group of online security tools. Sad, using a password manager is an absolute necessity if you want to make sure you are properly protecting yourself online from threats like data theft and identity theft.
But it can be difficult to find the password manager that is right for you because of how many options are available. Some may be easier to use than others, while some may be more focused on a bunch of technicians. And while password managers typically have fairly similar basic functionality, the availability of specific features can vary at different price levels. If you’re not sure what’s right for you, CNET’s breakdown best password managers is a great place to start.
The two best password managers on that list are Bitwarden i LastPasstwo big names in industry leaders who offer Internet users great, sleek password management options.
LastPass – perhaps the most well-known and widely used password manager – has long held CNET’s top-notch crown of password managers. But the company’s decisions in 2021 to start limiting its free offer to just one type of device and remove email support from free users, along with a series of security bugs, pushed it to second place behind Bitwarden.
Still, the quality of LastPass’s paid level is top notch. It is intuitive, easy to use and full of many useful features such as automatic synchronization on all devices, dark web tracking, password generator and secure notes. However, although LastPass patched a vulnerability that could have leaked into user credentials, the company use a web tracker in your Android app still a concern.
By comparison, Bitwarden allows you to use its service for free on an unlimited number of devices and device types. Bitwarden’s free level also includes basic functionality such as two-factor authentication, unlimited vault items, a username and password generator, and automatic synchronization on all devices. If you pay for a premium plan, you get it all, plus features like advanced two-factor authentication, encrypted text and file sharing, instant access and priority support. Like LastPass, Bitwarden works on an unknowable encryption model (meaning that the companies themselves don’t have access to your master password or anything stored in your vault), but scores bonus points because it’s a completely open source.
In the end, both are great options – but Bitwarden is generally a better option, especially because of its transparency. Let’s dive deeper into how heavy password managers Bitwarden and LastPass agree with each other in terms of price, platform availability and security.
Sarah Tew / CNET
You can use Bitwarden’s free level on an unlimited number of devices on different device types, which helps it gain a significant advantage over LastPass in terms of overall cost-effectiveness – even if its free option doesn’t include all features like LastPass’s free level works. Bitwarden is a completely open source and very secure option with ignorance encryption and multifactor authentication. The simple user interface of this password manager is easy to use on all major platforms, as well as on browser extensions including Locks and Tor.
Sarah Tew / CNET
LastPass offers an incredibly sleek and feature-rich password manager that is easy to use and about as secure as Bitwarden, although not completely open source. However, the fact that LastPass no longer allows unlimited devices and device types at its free level is a major drawback and a big part of the reason why the provider slipped to 2nd position behind Bitwarden in CNET’s assessment of top password managers.
Cost-effectiveness: Bitwarden per mile, especially considering its unlimited free level
Bitwarden is definitely more cost effective than these two. Bitwarden’s paid level is $ 10 per year for a personal account and $ 40 per year for a family account covering up to six people. A premium individual account allows you to share vault items with another user, while with a family plan, six people can share vault items with each other.
LastPass, on the other hand, charges $ 36 a year for its individual account and $ 48 a year for a family plan that also includes six accounts.
The difference between the free levels of each password manager is where things differ much more dramatically. As LastPass worked until just over a year ago, Bitwarden allows you to use its service on an unlimited number of devices no matter what platform you use it on. LastPass took away that flexibility from its free users, seemingly in an attempt to push users more aggressively to their paid plans. You will be able to access your LastPass vault only on mobile devices or desktops, but not on both, if you are a free user.
Lack of access on all devices is a big problem because password managers need to be everywhere you are online to be most effective as a security tool.
“Internet users will completely forget about their password manager if it is not immediately and consistently visible while browsing the web on various devices,” Rae Hodge of CNET explained in a statement. LastPass versus 1Password comparison. “As a result, they’re likely to store their growing number of passwords in the browser itself, which is a much less secure option.”
Theoretically, you could work around this limitation if you signed up for two separate free accounts using two different email addresses. However, this would mean that you will also have to manage two separate vaults – one for your mobile devices and the other for your desktops. Because automatic synchronization between devices is such a key feature that a password manager must have, this solution is not very practical.
The only place Bitwarden has beaten LastPass in terms of cost-effectiveness is its 30-day free trial, as opposed to Bitwarden’s seven days.
Platform availability: Bitwarden, thanks to a wider range of browser extensions
Both Bitwarden and LastPass offer dedicated desktop apps for Mac, Windows and Linux, along with mobile apps for iOS and Android devices. You can also download Bitwarden from the F-Droid repository.
Both password managers also offer different browser extensions, but while LastPass offers extensions for Chrome, Firefox, Edge, Opera and Safari, Bitwarden has it all plus Vivaldi, Brave and Tor. Bitwarden’s Web Vault will also give you access to your vault from any browser in case you don’t have devices on which you normally use the service.
You can use the command line interface of both providers to write and execute scripts on different platforms. Using CLI requires less processing power and can be great for automating tasks and creating custom interfaces and for enterprise IT teams to integrate password managers into their organization’s internal systems. However, this involves a greater amount of technical knowledge than using a password management application or browser extension. If you are an everyday user who prefers the ease of use of a standard graphical user interface, then the CLI is probably not for you anyway.
Ultimately, Bitwarden gives you more options than LastPass when it comes to the platforms on which you want to use its service. While Bitwarden is easy to use on all platforms for every user, its range of options – including the Tor extension – will definitely appeal to technical customers who are more focused on privacy. If you don’t need to access your vault on all of these platforms, then LastPass does more than do the job in terms of platform compatibility.
Watch this:
Protect your data with a password manager
1:13
Security: Bitwarden, because it is more transparent and completely open source
In terms of security, Bitwarden and LastPass are basically the same. However, Bitwarden has an advantage here because it is more transparent than LastPass. Bitwarden is open source and more advanced in terms of compliance, audits and certification. And unlike the five trackers found on LastPass’s Android app, Bitwarden has two – which isn’t quite as good as the zero found with 1Password and KeePass, but we much prefer two over five. Trackers can be a big privacy issue because, even if your passwords and other vault entries themselves are securely encrypted and hidden from third parties, other websites can still track the sites you visit.
Bitwarden is also open source, which means that its code is openly available online to anyone who wants to test it. LastPass, on the other hand, is proprietary closed source software, which in turn means it is not openly available to the public. With LastPass, we don’t know if there are vulnerabilities or backdoors in the software unless the company publicly reveals them. However, LastPass’s command line interface is open source, which compensates for the proprietary nature of its software if you choose to use the provider’s CLI.
With both Bitwarden and LastPass, you get the advantage of ignorance encryption along with encrypted file and password sharing, multi-factor authentication, and customizable password generation.
Bitwarden’s privacy policy says it collects personal information such as your name, email address, IP address and information about the device you are using. The company says it can use that information to provide its services to you and share that information with unnamed “affiliates, affiliates and partners to facilitate our global operations and in accordance with applicable laws and our contracts with customers or service providers.”
LastPass collects the same categories of information, in accordance with its privacy policy, and may share information with “third party service providers under appropriate confidentiality and privacy obligations”.
In the end, with any provider you can be sure that your vault is safe enough, but Bitwarden is taking the crown here.