I Do Not Recommend Bitwarden

A review of my experience with Bitwarden after several years of self-hosting it, and why I decided to move away from the password manager.Almost four years ago I published a guide on how to run your own LastPass on hardened OpenBSD, in which I explained how to set up an OpenBSD instance, either as a cloud instance or as a Raspberry Pi bare metal installation, that would host Vaultwarden as a backend for the Bitwarden client applications. After having used a similar approach for myself for several years now, I came to the conclusion that I do not recommend the use of Bitwarden any longer. Let me explain.Freemium dual-license password managerWikipedia describes Bitwarden as _a freemium open-source password management service that is used to store sensitive information […] owned and developed by Bitwarden, Inc., and that is now almost ten years old. The company behind the software is not only developing the Bitwarden server, as well as client applications for most platforms, but it is also offering a SaaS product for users who don’t want to put up with hosting this unwieldy beast on their own. More on this in just a moment.Bitwarden’s pricing for their hosted offering is similar to their competitors' offerings, albeit with differences in terms of functionality. Regardless of whether one picks their hosted offering or decides to self-host, however, the client applications remain the same.Since 2022, Bitwarden is also backed by $100M of PSG growth equity, joined by Battery Ventures. A password manager that wants to remain open-source is one thing, but the same password manager with an investor on its board that needs to see a return on $100M is another. Without wanting to sound overly cynical, this is usually the point in time in which the rent-seeking begins and the product slowly shifts from serving its users to serving its investors.Unwieldy beastIf you decide to self-host Bitwarden, however, you will relatively quickly find yourself in what I would describe as enterprise software hell. The standard Bitwarden server deployment is a heavy-weight C# backend that ships with MSSQL Express and won’t work with more Linux-native databases like PostgreSQL or MariaDB.

Depending on the size of the deployment and the requirements with regard to high availability, you might want to utilize Kubernetes, which in turn adds additional overhead and complexity.Because of this, many smaller to medium-sized deployments prefer to look into Vaultwarden instead, which is an unofficial Bitwarden-compatible server written in Rust™. The simple and lightweight nature of Vaultwarden compared to the official Bitwarden server makes such a big difference for administrators that the unofficial server project has seemingly three times the stargazers on GitHub as compared to Bitwarden’s official implementation. This should make you think, especially as a series B-funded company with $100M, whether your (technical) users appreciate the current direction your software stack is heading towards, or whether you might want to look into bringing the people that built a vastly more successful backend implementation on-board to optimize and accelerate your official stack.And surely that’s what Bitwarden decided to do, right?Bitwarden liteSadly, however, it seems that Bitwarden’s NIH syndrome was too strong to simply take over Vaultwarden as an official project. Instead, the company seemingly hired the main developer of the Vaultwarden project and decided to publish a “lighter” version of their existing backend dubbed Bitwarden unified lite, which is still a service built on Microsoft’s .NET, and which still appears to require more than three times the RAM a Vaultwarden instance usually consumes.Regarding the open-source part of Bitwarden, things have been getting murkier over the past year or so. In late 2024, users started noticing that a new dependency, @bitwarden/sdk-internal, had been pulled into the clients. Its license read:You may not use this SDK to develop applications for use with software other than Bitwarden (including non-compatible implementations of Bitwarden) or to develop another SDK.For a product that prides itself on being open-source, this is a fairly significant plot twist. After considerable backlash in the community, however, Bitwarden called it a “packaging bug” and eventually relicensed the SDK under GPLv3.

Technically, the issue is resolved. Philosophically, however, this episode tells you all you need to know about where Bitwarden is heading: The freeware parts are bait, the actual product is the SaaS subscription, and the community is there to contribute issues and translations as long as it doesn’t cost the company anything.The real culpritSetting aside the backend, however, the real culprit with regard to Bitwarden are the client applications. Advertised functions do not work as expected, basic features are non-existent (after ten years!) and the user interface is poor to put it mildly, especially when compared to equally priced alternatives. And don’t get me wrong, if Bitwarden was purely a FOSS-effort and not funded by venture capital all these flaws could be brushed aside because, after all, it would be a community effort. However, Bitwarden isn’t a community effort, which is reflected very noticeably in the bureaucratic processes they drowned the community in, but more on this in a moment.Migrating vaultsAbout a year ago, I supported someone who tried to switch from a competitor to Bitwarden under the thought of rather supporting open-source software with a yearly subscription than some proprietary platform that one has no insights into. Part of the migration was naturally importing existing vaults from the previous password manager into the new Bitwarden account. As can be seen in my bug report on GitHub, however, this went sideways very quickly, and resulted in at least one vault requiring significant technical workarounds for the import to work.The response from what sounded like an official Bitwarden employee left me frankly stunned. Despite the migration/import feature being advertised in multiple places throughout Bitwarden’s marketing materials and documentation, and despite dozens of users having already complained about the exact same issue, Bitwarden simply decided to ignore the issue report and instead requested opening another likely dead-ended discussion in their community forum.This level of corporate bureaucracy is not at all what open-source software should look and feel like, and it is definitely completely unjustified for a feature that is being advertised on both the open-source software, as well as the paid product, but that simply does not work as advertised.

Similarly, many other issues are funneled through this process of community discussions, which more often than not turn out as not much more than lengthy threads of pointless back-and-forth, and almost never materialize in actual implementations.Note: The same import was tested with proprietary alternatives to Bitwarden and worked flawlessly.Moving items between vaultsMigration pain is not limited to the initial import. Even when you’re already inside Bitwarden and simply want to shuffle entries between an organization vault and your individual vault, or the other way around, there is, to this day, no proper “move the selected items to …” feature. For a handful of logins you can clone/edit each one manually, but anyone who has ever tried this with a few hundred items (say, after cleaning up a collection, leaving a company, or consolidating several organizations) knows that this quickly becomes a carpal tunnel-inducing exercise.The official workaround that Bitwarden support and community threads recommend is to export the source vault as unencrypted JSON, edit the file, and then re-import it into the destination vault. Setting aside the obvious security footgun of having 500+ credentials sitting in plain text in ~/Downloads, or worse, a directory that’s silently synced to the cloud (think Dropbox, OneDrive, iCloud, …) while you figure out where to put them, the process happily loses a non-trivial amount of data along the way:[…] if there are file attachments in any of your vault items, then these will not be included in the export […] the export will not include items in the Trash, or any password histories or timestamps.For any organization that relies on attachments (e.g. SSH key files, licence keys, recovery codes as images) or on password history for compliance/audit reasons, this is plainly unacceptable. For a product whose entire job is to be the source of truth for your credentials, the complete absence of a “move these 500 items to that vault, keep everything intact, click OK” button in year ten of its existence speaks volumes about where Bitwarden’s engineering priorities lie.Client updates breaking thingsAnother example concerns client updates.

It appears that Bitwarden pushes new updates to their clients that can lead to vaults becoming inaccessible (on the client side) at random, without any heads-up to the users. I personally encountered this issue while travelling.When I had my phone plugged-in overnight, F-Droid decided it’s a good time to update a few apps, one of which was Bitwarden. The next morning I had to log into my banking and when I opened the Bitwarden app on my phone I was unable to access my vault. It took some time to figure out what was going on (via Vaultwarden), and I was lucky that I had my UPDC (which hosts my Bitwarden backend) with me, as otherwise I could have ended up in a pretty bad situation with my whole vault being unavailable.The sheer irresponsibility with which Bitwarden appears to push what looks like breaking protocol changes between the clients and the backend is frightening. As someone who relies heavily on my password manager to work in offline mode, this experience taught me that Bitwarden cannot be trusted. From that moment on, I disabled automatic updates for the Bitwarden clients and exported a current snapshot of all passwords to a local backup in KeePassChi/KeePassXC/KeePassDX.This is, by the way, not a Vaultwarden-specific issue, despite Bitwarden staff claiming so. Searches through the bitwarden/android repository return a long list of very similar reports, for example around the 2025.12.x release introducing regressions that prompted users for the master password twice after login and then crashed the app, or the 2025.6.0 release that simply crashed on startup for many users. The Android app in particular went through a full rewrite from .NET MAUI to native Kotlin in 2024, which shipped alongside a trail of regressions that continue to show up in quarterly releases.User experienceAside from the aforementioned technical details, Bitwarden is (and has always been) one of the subjectively worst applications on my phones and my desktop in terms of user interface.