Is Bitwarden Safe?

There are a lot of names to choose from nowadays within the password management space. With big mainstays like LastPass, 1Password, Roboform, and Bitwarden clamoring for your attention, it can be difficult to know which password manager to choose from.

One of the main concerns for any consumer is always, first and foremost, safety; is your data secure?

To answer that question in regards to one of the more offbeat and unique password managers out there, let’s take a look at Bitwarden, its safety protocols, and some of the unique features on offer with the open-source program. 

Related: How To Share Passwords on Bitwarden

Is Bitwarden Safe?

Bitwarden Black Belt

The good news for those wondering whether or not their data is safe with Bitwarden is that the answer is a resounding yes. There is no reason to suspect that your data is any less safe with Bitwarden than it is with any of the other major password managers.

The flexible, open-source application uses the same high-end encryption standards that other big names like LastPass or 1password to protect your data as well as a few other layers of bonus security that are unique to Bitwarden.

Down below we’ll talk about exactly why Bitwarden is as secure — if not more so — than any of its competitors and what some of those unique features are.

Why Your Data is Safe with Bitwarden

Here are 5 things to know about the safety aspect of the Bitwarden password manager.

Powerful Encryption

Is Bitwarden Safe? Encryption

Like any other password manager worth its salt, Bitwarden relies on 256 AES encryption of your data. This makes it, for all intents and purposes, completely indecipherable to anybody who doesn’t have a supercomputer or centuries’ worth of spare time at their disposal.

This is currently the highest standard for encryption out there and one that protects your information even in the event of a data breach. Without the cipher key, all of your data will be nothing but an unintelligible soup of letters, numbers and symbols.

Zero-Knowledge Architecture

Is Bitwarden Safe? Empty Box

Bitwarden further relies on a technique known as salted hashing, in which your master password is locally turned into gibberish before being sent to Bitwarden servers.

All Bitwarden then receives, rather than your naked email address and master password, is a series of random letters and numbers that are hashed one more time before being saved onto the database.

One-way hashing is used every single time you log on, so not only is your information scrambled, it changes with every single use so even the old, already useless data becomes technically even more useless.

Self Hosting

Is Bitwarden Safe? Server

One of the unique features of Bitwarden is the ability to host your own server so that all of you can maintain firsthand control over your data.

By self-hosting, you avoid the risk of being lumped in with a major data breach in which hackers gain access to your information by cracking open a corporate safe containing the central stockpile of user data.

One of the other perks of self posting is that it allows you greater customizability over Bitwarden itself — things like free premium features, unlimited encrypted storage, and more data control.

The drawback is, of course, server maintenance and upkeep and the onus being on you to protect the server itself. 

It’s Open Source

Is Bitwarden Safe? Source Code

Being open-source, Bitwarden’s source code is on display for all to see. With so many eyes on the code constantly, this means any bugs or weaknesses in the code are spotted and patched out almost immediately and that Bitwarden is subject to a constant, rapid stream of updates.

In the context of any security software this is an extra plus as the premise of cybersecurity is that of an arms race against malicious attackers.

It Relies on Microsoft Azure Servers

Is Bitwarden Safe? Microsoft

Though Bitwarden gives users the option to self-host, there is good reason to trust the Bitwarden servers — because they’re not actually Bitwarden’s servers.

All of the Bitwarden data is stored and processed on the Microsoft Azure Cloud, meaning that all management and infrastructure upkeep is maintained by the immense Microsoft team and Bitwarden (and by extension, you) gets to reap all of the security advantages that come with one of the largest tech Giants in the universe.

Hackers would not only need to steal your master password, as well as bypass the two-factor authentication, they would also need to hack into the Azure Cloud itself and then contend with the overly encrypted blob of data that is your information there.

Related: How To Delete Bitwarden Account and Passwords Data Permanently

How to Increase Password Security: Tips & Tricks

Why use a password manager?

Use the Password Generators & Rotation Tools

One of the most important features of any password manager is its ability to auto-generate complex and fundamentally secure passwords that don’t use dictionary words and would be nearly impossible for the average person to remember.

This allows you to make use of an even more difficult to crack password than you would otherwise be unable to use. On top of that, some have password rotation features that can actually change your passwords for accounts regularly.

Partial Passwords

A powerful option for password protection is to auto-generate an immensely complex password composed of a random mix of capitals, lowercase letters and numbers but to add a simple suffix of your own — be at a smaller string of random characters or phrase — that you purposely don’t save and remember yourself like an old-school password.

You would instead manually input this final suffix at the end whenever entering your passwords to reap two unique advantages: one, an easy-to-remember “password” that isn’t stored on any server, and two, an actual password that is effectively impossible to brute force.

This way, even if the unthinkable happens and you fall victim to a server data breach the fact that the extra string is stored nowhere but your own memory would keep your data safe.

Use Full Sentences with Numbers

If you aren’t going to generate your own passwords, you can still create passwords of great length and complexity that are surprisingly easy to remember.

One of the best ways to do this is to input a phrase combined with a numerical string, such as a date, and an author with punctuation in between.

For example, a famous 1776 quote by Thomas Paine, “These are the times that try men’s souls” would become “ThomasPaine.1776.TheseAreTheTimesThatTryMen’sSouls.”

This is both easy to remember as well as enormously complex considering the mix of capitals and numbers. 

And that’s about it. You can rest assured that your data, in combination with personal password security best practices, are just as safe with Bitwarden as they would be with any decent password manager. Arguably more so. Feel free to reach out to us below for any Bitwarden or password protection-related help!

Posted by

Will Heydecker is a writer, screenwriter and illustrator who still likes dragons. As part of his bitter war against adulthood, he likes to distill art, gaming, technology, and entertainment info into digestible topics people actually enjoy reading.