It used to be that a password manager was something that was just “nice to have” – ​​an auxiliary player in your online security toolset. Now, use a password manager is an absolute must if you want to make sure you’re properly protecting yourself online against threats like data theft and phishing.

But it can be difficult to find a password manager that’s right for you because of the number of options available. Some may be easier to use than others while others may be geared more towards the techie crowd. And while password managers generally have fairly similar basic functionality, the availability of specific features can vary at different price points. If you’re not sure which is right for you, CNET’s breakdown of the best password managers is an excellent starting point.

The two best password managers on this list are Bitwarden and Last passtwo big names in the industry that offer excellent, polished password management options to internet users.

LastPass – perhaps the most well-known and widely used password manager – has long held the crown of CNET’s Best Password Manager. But the company’s decisions in 2021 to start limiting its free offering to just one type of device and removing email support from free users, along with a series of security missteps , relegated it to second position behind Bitwarden.

That said, the quality of the paid tier of LastPass is top of the line. It’s intuitive, easy to use, and packed with useful features like automatic synchronization between devices, dark web monitoring, password generator, and secure notes. However, although LastPass fixed a vulnerability that may have leaked user credentialsof the company use of web trackers in its Android application is always of concern.

By comparison, Bitwarden lets you use its service for free on an unlimited number of devices and device types. Bitwarden’s free tier also includes basic features such as two-factor authentication, unlimited vault items, username and password generator, and automatic synchronization between devices. If you pay for the premium plan, you get all of that, plus features like advanced two-factor authentication, encrypted text and file sharing, emergency access, and priority support. Like LastPass, Bitwarden operates on a zero-knowledge encryption model (meaning the companies themselves don’t have access to your master password or anything stored in your vault), but marks bonus points for being fully open source.

Ultimately, both are great options – but Bitwarden is generally the better option, especially for its transparency. Let’s take a closer look at how password manager heavyweights Bitwarden and LastPass compare in price, platform availability, and security.

Sarah Tew/CNET

You can use Bitwarden’s free tier on an unlimited number of devices across all device types, giving it a huge leg up on LastPass in terms of overall profitability – even though its free option doesn’t include all the features of the LastPass Free Tier. Is. Bitwarden is completely open source and a highly secure option with zero-knowledge encryption and multi-factor authentication. This password manager’s simple user interface is easy to use on all major platforms, as well as browser extensions, including Brave and Tor.

Sarah Tew/CNET

LastPass offers an incredibly polished and feature-rich password manager that’s easy to use and about as secure as Bitwarden, though it’s not entirely open source. However, the fact that LastPass no longer allows unlimited devices and device types on its free tier is a major downside and a big part of the reason the provider slipped to second place behind Bitwarden in CNET’s rating of the best password managers.

Profitability: Bitwarden by a mile, especially considering its unlimited free tier

Bitwarden is definitely the more profitable of the two. Bitwarden’s paid tier is $10 per year for a personal account and $40 per year for a family account that covers up to six people. The premium individual account lets you share vault items with one other user, while with the family plan, six people can share vault items with each other.

LastPass, on the other hand, charges $36 per year for its individual account and $48 per year for its family plan which also includes six accounts.

The differences between the free tier of each password manager are where things diverge much more. Like LastPass did until just over a year ago, Bitwarden lets you use its service on an unlimited number of devices, regardless of what platform you’re using it on. LastPass removed this flexibility from its free users, apparently in an effort to push users more aggressively to its paid plans. You will only be able to access your LastPass Vault on mobile devices or desktop computers, but not both, if you are a free user.

A lack of access across devices is a major issue, as password managers need to be everywhere you are online to be the most effective as a security tool.

“Internet users are bound to completely forget about their password manager if it’s not immediately and consistently visible when they browse the web on all devices,” says CNET’s Rae Hodge in his LastPass vs. 1Password comparison. “As a result, they are likely to store their ever-increasing number of passwords in a browser itself, which is a much less secure option.”

You could, theoretically, get around this limitation if you signed up for two separate free accounts using two different email addresses. However, this would mean that you would also have to manage two separate vaults, one serving your mobile devices and the other your desktop computers. Since automatic synchronization between devices is a crucial feature for a password manager, this solution is not very practical.

The only place where LastPass beat Bitwarden in terms of profitability is its 30-day free trial, as opposed to Bitwarden’s seven days.

Platform availability: Bitwarden, due to its wider range of browser extensions

Bitwarden and LastPass offer dedicated desktop apps for Mac, Windows, and Linux, as well as mobile apps for iOS and Android devices. You can also download Bitwarden from the F-Droid repository.

Both password managers also offer various browser extensions, but while LastPass offers extensions for Chrome, Firefox, Edge, Opera, and Safari, Bitwarden has all of those plus Vivaldi, Brave, and Tor. Bitwarden’s Web Vault will also allow you to access your vault from any browser in case you are without the devices on which you normally use the service.

You can use the command line interface of both providers to write and run scripts on various platforms. Using a CLI requires less processing power and can be ideal for automating tasks and creating custom interfaces and for corporate IT teams to integrate password managers into their organizations’ internal systems. However, this involves a greater amount of technical know-how than using a password manager’s app or browser extension. If you’re an ordinary user who prefers the ease of use of a standard graphical user interface, the CLI probably isn’t for you anyway.

Ultimately, Bitwarden gives you more options than LastPass when it comes to which platforms you want to use its service on. Although Bitwarden is easy to use on all platforms for any user, its range of options – including the Tor extension – will certainly appeal to more technical and privacy-conscious customers. If you don’t need to access your vault on all of these platforms, then LastPass more than does the job in terms of platform compatibility.

Now Playing:
Look at this:

Protect your data with a password manager


Security: Bitwarden, because it’s more transparent and fully open source

In terms of security, Bitwarden and LastPass are basically on equal footing. However, Bitwarden gets an advantage here because it’s more transparent than LastPass. Bitwarden is open-source and more outspoken about its compliance, audits and certifications. And unlike the five trackers residing on the LastPass Android app, Bitwarden has two — which is not as good as the zero found with 1Password and KeePass, but we much prefer two over five. Trackers can be a major privacy issue because, even though your passwords and other vault entries themselves are securely encrypted and hidden from third parties, other websites can still track the sites you visit. .

Bitwarden is also open-source, meaning its code is freely available online to anyone who wants to examine it. LastPass, on the other hand, is proprietary, closed-source software, which conversely means that it is not openly available to the public. With LastPass, we don’t know if any vulnerabilities or backdoors exist in the software unless they are publicly disclosed by the company. That said, LastPass CLI is open-sourcewhich compensates for the proprietary nature of its software if you choose to use the vendor’s CLI.

With Bitwarden and LastPass, you get zero-knowledge encryption plus encrypted file and password sharing, multi-factor authentication, and customizable password generation.

Bitwardens privacy policy indicates that it collects personal information such as your name, email address, IP address and information about the device you use. The company declares that it may use this information to provide its services to you and share this information with “unnamed subsidiaries, affiliates and partners to facilitate our global operations and in accordance with applicable laws, and our agreements with customers or suppliers. Services”.

LastPass collects the same categories of information, depending on its privacy policyand may share the information with “third party service providers under appropriate confidentiality and data confidentiality obligations”.

Ultimately, with either provider, you can rest assured that your vault is amply secure, but Bitwarden takes the crown here head-to-head.