There are tons of password managers on the market that all claim to be the best and all touting multiple features and services that may just confuse you more. Not all password managers are created equal. We cut through the bravado and evaluated Bitwarden vs KeePass on what’s most important. Keep in mind that the best password manager for you also depends on whether you’re using it for personal, family or business use.
1. Security & Encryption
A good password manager stores your data securely by using strong encryption to protect your data while it’s on your computer, on the password manager’s server and moving between the two. Deciphering this encryption is almost impossible when password managers use industry-standard encryption like Advanced Encryption Standard. We also checked for up-to-date security methods, two-factor authentication and whether the password manager ever had a third-party security audit.
2. App Compatibility
Password managers aren’t very useful if you can’t use them everywhere, so we compared the types of hardware and software Bitwarden and KeePass were compatible with. We looked at three types of compatibility, which included compatibility with operating systems on desktops and laptops, browsers and iOS and Android for mobile devices.
3. Usability & Ease of Use
We compared Bitwarden and KeePass on ease of set up and use because a good password manager should be simple to download, set up and create a list of your passwords. The interface should also be easy to operate, so you can generate new, stronger passwords and autofill usernames and passwords on logins. We also checked how well they worked with biometric logins for users who have face or fingerprint scanning on their phone, laptop or tablet.
4. Password Sharing
While password sharing is a common feature for paid password managers, it’s not always offered in free ones. We researched secure sharing capabilities and how many people could share at a time. This feature is especially important for families who want to share online accounts or bill pay sites or companies who need to share email, social media accounts or other account logins.
The cost for password managers run the gamut from free to $90 annually or more, depending on how many people are sharing the application. Most password managers advertise a monthly subscription price, but fees are usually billed annually. Any paid password manager should offer unlimited password storage, but free applications often do as well, so we researched storage capacities along with cost.
Bitwarden and KeePass are two of the most popular free password managers. We spent over 10 hours researching and comparing Bitwarden vs KeePass to see how each of them stacked up on the five most important features. Here are some of the strong and weak points of both and other things we learned.
Both Bitwarden and KeePass are open source applications, so anyone can easily review, audit and check them for security issues. Bitwarden’s source code is hosted on GitHub, and the official open source repository for KeePass is available at SourceForge. However, both applications’ developers understand the importance of official security assessments.
KeePass was audited in the European Commission’s Free and Open Source Software Auditing project, and no security issues were found. Its databases use an extremely powerful AES 256-bit encryption algorithm with plugins that support additional algorithms. KeePass also uses a key derivation function (cryptographic hash function) with a salt (random string of data used to modify a password hash) to protect against dictionary attacks. KeePass’ AutoType feature uses clipboard obfuscation and virtual keystrokes to paste passwords into browsers to prevent keylogging. Unlike many password managers that store their encrypted databases on cloud servers, KeePass is strictly stored locally for added security.
The security experts at Cure53 completed a thorough security audit and cryptographic analysis on Bitwarden and found no major issues. Any minor issues that could potentially impact the application were resolved during application updates. Bitwarden uses an extremely strong encryption algorithm with end-to-end AES 256-bit encryption, plus salted hashing through the PBKDF2 algorithm for added security. It also offers two-step authentication, which requires users to input a password and complete a second step for verification. Some users have security concerns because Bitwarden stores data on cloud servers, but data is fully encrypted before syncing in the cloud to ensure privacy and security.
Officially, KeePass only made a version for Windows with supported versions of KeePass1 for platforms running Wine and KeePass2 for platforms running Mono. Its website also shares links to unofficial KeePass ports that allow users to run it on Android, iOS, Mac, and Linux. There are also extensions and plugins for various browsers, including Chrome, Opera, Firefox, Safari, and Vivaldi. A potential compatibility issue is a poor platform syncing ability, such as between Windows and mobile devices.
Bitwarden is highly compatible with versions for Windows, macOS and Linux, plus native mobile apps for iOS and Android. It also offers plugins for all types of browsers, including Chrome, Firefox, Opera, Safari, Microsoft Edge, Vivaldi, and Tor Browser. Bitwarden automatically synchronizes across various devices and platforms for powerful cross-platform synchronization compatibility.
|Other||Vivaldi, Brave, Tor Browser||Vivaldi|
KeePass has a somewhat outdated user interface that’s not completely user-friendly. While it’s considered more secure because it’s not web-based, KeePass requires additional plugins or services to successfully sync across devices. For example, Dropbox is commonly used to sync password databases between all shared devices. You’ll also need separate applications to retrieve passwords on your mobile phone and for any Mac computers or PCs running Linux sharing your passwords. Due to the additional steps, it takes some tech savvy to get KeePass set up, but once you have it up and running, it’s pretty easy to use.
Bitwarden has a clean, modern interface without ads and with an intuitive menu that’s easy to navigate. Setup is straightforward and only requires you to download the software and follow the installation instructions, which culminate into creating your master password. Once created, you have access to several features, even on the free version. Most features are easy to use, but some might be a bit tricky for tech-challenged users.
Bitwarden also conveniently supports facial and fingerprint biometrics, which you can easily set up for your mobile devices under the settings tab. Once enabled, you can unlock Bitwarden using biometrics instead of your master password. KeePass doesn’t seem to have this ability.
KeePass lets you share with as many people as you want, completely free of charge. Since it’s not web-based, you must store it on a shared network drive or file server to share it with others. Each person uses the same master password to open the database because there aren’t any access control lists. If you want to limit who can add to and edit the database, use the file systems’ permissions to only grant access to certain users or groups.
Bitwarden’s free and premium versions allow sharing with one other person, but the family and team versions allow up to five for a monthly fee. You can add more users to the team version for an additional fee if you need unlimited user access, and the enterprise version automatically offers unlimited sharing with a per user/per month fee. All versions also offer unlimited shared items, and Bitwarden upgrades open extra features, such as unlimited collections.
Both password managers have free versions, but Bitwarden users can upgrade to a paid version to unlock additional features or share with more users. Its core features are always 100% free, which includes the features most people need. Upgrading from a free personal account to a premium account provides some additional features, but you can still only share with one other person. For $12 a year, the family plan allows sharing between five people, and for $5 per month, you can share the team plan with five people or add more people for an additional $2 per person monthly for unlimited sharing. Enterprise plans offer unlimited sharing at $3 per person per month, plus a wealth of additional features, including optional on-premises hosting for added security.
KeePass doesn’t have a paid version. It’s always completely free of charge, no matter how many people share it. There aren’t any separate tiers with additional features to unlock; every user has access to the same features. This works well for individuals or businesses who need to share a password manager with lots of people and either don’t want or can’t afford to pay for multiple sharing on a paid application. Like most free options, KeePass can be somewhat limited when it comes to features. However, unlike some free applications, it offers unlimited password storage and the ability to save multiple files, such as credit card and banking information or important documents you want backed up.
|Individual||Free basic; $10 per year per person for premium||Free|
|Family||$1 per month or 12 per year, for up to 5 users||Free|
|Teams||$5 per month for 5 users, then $2 per month per additional user||Free|
|Business||Use team or enterprise package, depending on business’ needs||Free|
|Enterprise||$3 per user per month||Free|
Both these password managers are solid choices, but like any tool, you need to understand how to use it to maximize its usage. Below is a table comparing Bitwarden vs KeePass in regard to the main functions of a password manager and how these functions work for each company.
|Setting up the vault||Download the software, follow the prompts, create a master password and build a new vault to save passwords. Get the extension for your preferred web browser, and visit the sites with passwords you want to save in your new vault.||Download the latest version, set a master password and configure your database settings. Download any browser plugins or additional software you need to use the application on your mobile phone, Mac device or Linux-based PC. KeePass automatically adds some groups into your new vault to help with organization.|
|Logging into accounts||Copy and paste using the Bitwarden extension or enable the “autofill on page load” feature.||Copy and paste from your local KeePass database or from a shared location, drag login information from the KeePass database or enable the AutoType feature to have the application automatically login for you.|
|Creating passwords||Click yes to save passwords when you enter a username and password for the first time on a website. Pick your own passwords or use the built-in password generator to generate secure, random passwords. Import existing passwords from previous password managers using CSV, HTML, XML or JSON files.||Pick your own passwords or use the built-in password generator, which can be adjusted to use or exclude specific characters or patterns to customize it to a website’s requirements. Import existing passwords from a spreadsheet. Use a browser extension to create password files as you visit websites.|
|Changing passwords||Must be manually changed one at a time on the change password screen on each website, but Bitwarden can generate new, more secure passwords to replace existing ones, and it automatically keeps a history of old passwords in case you need them again.||Must be manually changed one at a time on the change password screen of the website you want to replace an existing password with a new, securer one created by KeePass’ password generator. It also automatically keeps a history of previous passwords.|
|Sharing logins||At varying price points, it allows sharing between two people for free and premium plans; sharing between five people for family plans; and unlimited sharing for team and enterprise plans.||Unlimited sharing at no extra charge.|
|Recovering account||If you lose the device or method used for two-step authentication, you can recover your account using your two-step login recovery code. If you lose your master password, you can ask for your password hint to be emailed to you. Recovering your account isn’t required if this hint reminds you what your password is, but if it doesn’t, Bitwarden can’t reset it for you due to the nature of the application. You must delete your old account, so you can register again and start over.||If you forget your master password, there’s no way to recover your account. All your other passwords in the database are also lost because there isn’t a backdoor or key that can open all databases. You will need to start over.|
|Advanced security features||Premium accounts include 1 GB encrypted file storage, password hygiene and health reports, two-step login with security keys and time-based one-time password (TOTP) authenticator.||Security-enhanced password edit controls, SHA-256 is used to hash the master key components and AES 256-bit encryption algorithms with plugins that support additional algorithms, including GOST, Twofish and Serpent. The complete database is encrypted, not just the password fields.|