Bitwarden Review

Introduction

Over the past few months, I’ve been working to transition to as many self-hosted applications as I can. Self-hosting applications is a secure way to control your data on your terms as well as to get it moved off of the public cloud.

When the opportunity presented itself to install Bitwarden I decided it was time to give it a try and write up a Bitwarden review.

What is Bitwarden

Bitwarden is a FOSS (free and open-source) password manager that you can download and self-host. The self-hosted option supports multiple users, organizational password sharing, synchronization between the server and mobile and desktop applications, two-factor authentication as well as any other feature that the average user may need.

Installation of Bitwarden on Docker

Most of my self-hosted applications run in Docker on a cluster of Raspberry Pi 4’s. If you need to install Docker on your Raspberry Pi you can view the steps to install it here. After some research, I found a Docker image that was compatible with the arm7hf architecture for the Raspberry Pi. The image you need to pull from the Docker Hub bitwardenrs/server:raspberry. This container includes an SQLite database that works well for installations that support a small number of users.

The docker run code you can run in your terminal is below:

docker run \
-p 8005:80 \
-v bitwarden:/config \
--restart always \ 
--name bitwarden \
bitwardenrs/server:raspberry

If you want more details about running Bitwarden in Docker on a Raspberry Pi, you can check out this post.

Bitwarden Web Vault

Once you have the Docker container up and running, you can visit to the Bitwarden web vault. From here you are able to create your first account. After you create your account and log in you will be presented with the vault screen.

Bitwarden Review - WebVault

From here you can add your passwords, identities, credit cards, and notes. The web vault interface is very clean, modern, and easy to use. In can organize your items into folders and add them to a shared organization so you can share those passwords with other users.

Bitwarden Review 1

When you add an item, you are able to add your typical username and password. URL’s can also be included so Bitwarden browser extensions can recognize and auto-fill the login fields. Bitwarden also can act as a second-factor authenticator app for websites that support it, all you have to do is enter the Authenticator Key (TPOP) when you are adding an item.

The application also has the ability to attach files and create custom fields in the add item screen to meet additional needs for more advanced use cases.

Browser Extensions

Bitwarden has browser extensions that allow you to manage and use your passwords from directly within your internet browser. They have extensions for all major browsers, with the exception of Safari due to limitations within MacOS Catalina.

Browser Extension Setup

Bitwarden Chrome Extension Settings

When you first open the Bitwarden browser extension you will be presented with the login screen. If you have are running a self-hosted version of the application, then you need to click the settings icon on the top left-hand corner of the extension. Once you click this icon, you’ll be presented with the below screen that allows you to enter the address of your installation. For most installations, you only need to enter the URL in the top field. You can fill out the remaining fields if you have a more advanced installation.

Browser Extension Usage

Once the browser extension is installed and connected to your server, the Bitwarden browser extension will automatically begin syncing your passwords. When you log in to websites that are not in your Bitwarden password manager, then it will automatically ask if you want to add the login to the database. This feature ensures that keeping your database up to date is much less painstaking.

Bitwarden Password Generator

You can also use the secure password generator that is built-in to the Bitwarden browser extension to create more secure passwords for the websites that you use. You can adjust the options to create more complex passwords with special characters. Once you settle on a password complexity level, just copy and paste the given password into the online form and hit submit.

When you visit a website, the extension will recognize that website and attempt to fill the login fields. If the website does not support automatic filling of the login fields, all you have to do is click the extension icon and you’ll see a list of available login information for the website that you are viewing.

The browser extension also syncs with the server on a regular basis, this means that if you need to look up any of the information that you have stored in Bitwarden, all you have to click the extension and click search.

Desktop Applications

Bitwarden Desktop Application Screenshot

Bitwarden desktop applications are also available for Windows, Mac OS, and Linux. They are very similar to the Bitwarden Web Vault and sync frequently with the Bitwarden Server. The desktop applications are fully featured, responsive applications that can be used to work with your password database in a local desktop environment. The Bitwarden Desktop applications also allow you to work with your data offline as they do not require a constant connection to the Bitwarden server.

Conclusion

Once you have Bitwarden set up, it really is a set-it and forget-it solution to managing your passwords. The application itself does not require much maintenance for small local installations. Currently, my installation contains over 700 items. This application has been the easiest to learn and since it is hosted from home, it is one of the most secure ways to store your passwords. I believe that Bitwarden is the best free password manager that can be easily self-hosted in a docker environment.

I hope you enjoyed this Bitwarden Review. If you have any questions, or suggestions, please leave a comment below.