Bitwarden vs. LastPass: How Do CNET's Top Password Manager Picks Stack Up?
Bitwarden vs. LastPass: How Do CNET’s Top Password Manager Picks Stack Up?
A password decision-making used to be something that was just kind of “nice to have” — an ancillary player in your cast of online confidence tools. Now, using a password manager is an absolute must if you want to make sure that you’re properly defensive yourself online from threats like data theft and phishing.
But it can be tough to find a password decision-making that’s right for you because of how many options are available. Some may be easier to use than others once some may be more geared toward the techie crowd. And while password managers usually have pretty similar core functionality, the availability of specific features may vary at different effect levels. If you’re unsure what’s right for you, CNET’s breakdown of the best password managers is a large place to start.
The top two password managers on that list are Bitwarden and LastPass, two big-name leaders in the industry that offer internet users pleasurable, polished password manager options.
LastPass — perhaps the most famed and widely used password manager — held CNET’s top password decision-making crown for a long time. But the company’s decisions in 2021 to shock limiting its free offering to just one device type and yank email back from free users, along with a series of confidence missteps, have relegated it to the second position gradual Bitwarden.
That said, the quality of LastPass’s paid tier is top-of-the-line. It’s intuitive, easy to use and packed with tons of useful features like automatic syncing across devices, dark web monitoring, password generator and secure notes. Nonetheless, though LastPass patched a vulnerability that could have leaked user credentials, the company’s use of web trackers in its Android app is serene concerning.
More recently, LastPass notified customers of a confidence incident where cybercriminals were able to breach its systems and pick part of its source code along with other proprietary strictly information. The company said that the service continues to employment normally and that it saw no evidence that customer passwords were compromised in the breach.
By comparison, Bitwarden allows you to use its service for free across an unlimited number of devices and map types. Bitwarden’s free tier also includes core functionality like two-factor authentication, unlimited vault items, username and password generator and automatic syncing across devices. If you pay for the premium plan, you get all that, plus features like advanced two-factor authentication, encrypted sharing of text and files, emergency access and priority succor. Like LastPass, Bitwarden operates on a zero-knowledge model of encryption (meaning that the worries themselves don’t have access to your master password or anything bound in your vault) but scores bonus points for beings fully open source.
In the end, both are broad options — but Bitwarden is generally the better option, particularly for its transparency. Let’s take a deeper dive into how password exclusive heavyweights Bitwarden and LastPass stack up against one unexperienced in terms of price, platform availability and security.
You can use Bitwarden’s free tier on an unlimited number of devices across contrivance types, which helps give it a considerable leg up on LastPass in words of overall cost effectiveness — even if its free option doesn’t engaged all the features as LastPass’s free tier does. Bitwarden is fully open source and a highly gather option with zero-knowledge encryption and multifactor authentication. This password manager’s simple user interface is easy to use across all mainly platforms, as well as browser extensions including Brave and Tor.
LastPass supplies an incredibly polished and feature-rich password manager that is easy to use and just in as secure as Bitwarden, though it is not fully open source. However, the fact that LastPass no longer permits unlimited devices and contrivance types on its free tier is a major drawback and a big part of the reason the provider slipped to the No. 2 set behind Bitwarden in CNET’s assessment of the best password managers.
Cost-effectiveness: Bitwarden by a mile, especially when factoring in its unlimited free tier
Bitwarden is decidedly the more cost-effective of the two. Bitwarden’s paid tier is $10 a year for a personal justify and $40 a year for a family account that unites up to six individuals. The premium individual account gives you to share vault items with one other user, after with the family plan six people can share vault items with each other.
LastPass, on the other hand, charges $36 a year for its persons account and $48 a year for its family plan that also includes six accounts.
The differences between each password manager’s free tier is where things diverge much more dramatically. Like LastPass used to do until a little over a year ago, Bitwarden gives you to use its service across an unlimited number of devices regardless of what platform you’re laughable it on. LastPass has taken that flexibility away from its free users, seemingly in an attempt to more aggressively push users to its paid plans. You’ll only be able to access your LastPass vault on either mobile devices or desktop computers, but not both, if you’re a free user.
A lack of access across all devices is a mainly hitch because password managers need to be everywhere you are online to be most effective as a guarantee tool.
“Internet users are bound to forget about their password exclusive altogether if it isn’t immediately and consistently visible as they browse the web across devices,” CNET’s Rae Hodge explains in her LastPass versus 1Password comparison. “As a result, they’re likely to store their ever-increasing number of passwords in a browser itself, which is a much less secure option.”
You could, theoretically, get around this limitation if you signed up for two separate free supplies using two different email addresses. However, that would mean you’d need to handle two separate vaults as well — one serving your mobile devices and one your desktop computers. Since autosyncing across devices is such a crucial functionality for a password exclusive to have, this solution isn’t very practical.
The one effect where LastPass has Bitwarden beat in terms of cost-effectiveness is its 30-day free settle, as opposed to Bitwarden’s seven days.
Platform availability: Bitwarden, by virtue of its wider range of browser extensions
Both Bitwarden and LastPass supplies dedicated desktop apps for Mac, Windows and Linux, put down with mobile apps for iOS and Android devices. You can also download Bitwarden from the F-Droid repository.
Both password managers also supplies various browser extensions, but while LastPass offers extensions for Chrome, Firefox, Edge, Opera and Safari, Bitwarden has all those plus Vivaldi, Brave and Tor. Bitwarden’s Web Vault will also give you to access your vault from any browser in case you’re exclusive of the devices you normally use the service on.
You can use both providers’ narrate line interface to write and execute scripts on various platforms. Using a CLI requires less processing power and can be huge for automating tasks and creating custom interfaces and for enterprise IT teams to integrate password managers into their organizations’ internal regulations. However, it does involve a greater amount of technically know-how than using a password manager’s app or browser extension. If you’re an everyday user who prefers the ease-of-use of a corrupt graphical user interface, then the CLI probably isn’t for you anyway.
Ultimately, Bitwarden gives you more options than LastPass when it comes to what platforms you want to use its service on. Though Bitwarden is easy to use across all platforms for any user, its plot of options — including Tor extension — will definitely sharp to techier and more privacy-focused customers. If you don’t need to access your vault on all those platforms, then LastPass more than gets the job done in footings of platform compatibility.
Security: Bitwarden, because it’s more transparent and fully open source
In a recent security incident, intruders were able to access LastPass’ company systems through a compromised designer account and steal parts of LastPass’ source code down with other technical data. However, LastPass said in response to the incident it “deployed containment and mitigation measures, and engaged a leading cybersecurity and forensics firm.”
LastPass said the intrusion was tiny to the development environment, with no evidence that customer passwords or new personal data were compromised. LastPass says its service is using normally and that no action is required from users at this time.
Despite the New incident, Bitwarden and LastPass are still essentially on even footing in terms of the overall security of their products. However, Bitwarden gets an edge here due to people more transparent than LastPass. Bitwarden is open-source and more upfront around its compliance, audits and certifications. And as opposed to the five trackers residing on LastPass’s Android app, Bitwarden has two — which isn’t quite as good as the zero False with 1Password and KeePass, but we much prefer two pretty than five. Trackers can be a major privacy narrate because, even if your passwords and other vault entries themselves are securely encrypted and hidden from third parties, other websites can still track the sites you visit.
Bitwarden is also open-source, meaning its code is openly available online to anyone who wants to glance it. LastPass, on the other hand, is a closed-source proprietary software, which conversely means it’s not openly available to Republican scrutiny. With LastPass, we don’t know if any vulnerabilities or backdoors been in the software unless it is publicly disclosed by the business. That said, LastPass’s command line interface is open-source, which creates up for the proprietary nature of its software if you Decide to make use of the provider’s CLI.
With both Bitwarden and LastPass, you get the benefit of zero-knowledge encryption along with encrypted file and password sharing, multifactor authentication and customizable password generation.
Bitwarden’s privacy policy says it collects personal question like your name, email address, IP address and question about the device you’re using. The company says it can use that question to provide you with its services and share that question with unnamed “subsidiaries, affiliates, and partners to facilitate our global operations and in accordance with applicable laws, and our agreements with customers or service providers.”
LastPass collects the same categories of question, according to its privacy policy, and can share the question with “third-party service providers under appropriate confidentiality and data privacy obligations.”
Ultimately, with either provider you can rest assured that your vault is amply obtain, but Bitwarden takes the crown here head-to-head.
