Bitwarden – Open Source Password Manager

Complete Guide to Bitwarden: Secure Password Management

Bitwarden has established itself as the leading open-source password manager, providing secure credential storage with the transparency that comes from publicly auditable code. Unlike closed-source alternatives, Bitwarden allows security researchers to verify its claims, resulting in a trust level that proprietary solutions cannot match. The platform offers free core functionality while premium features remain affordable for those who need them.

With clients for every major platform—web browsers, desktop applications, mobile devices, and command line—Bitwarden ensures your passwords are accessible wherever you need them while maintaining end-to-end encryption that keeps your data private even from Bitwarden’s own servers.

Installation Options

# Browser Extensions:
Chrome Web Store
Firefox Add-ons
Safari Extensions
Edge Add-ons
Opera Add-ons

# Desktop Applications:
# Linux
sudo snap install bitwarden
flatpak install flathub com.bitwarden.desktop

# macOS
brew install --cask bitwarden

# Windows
winget install Bitwarden.Bitwarden

# Mobile Apps:
iOS: App Store
Android: Play Store / F-Droid

# Command Line:
npm install -g @bitwarden/cli
# Or via package managers

# Verify CLI
bw --version

Account Setup

# Create account:
Visit vault.bitwarden.com
Click "Create Account"

# Master password requirements:
- At least 12 characters recommended
- Mix of cases, numbers, symbols
- Unique to Bitwarden
- Never shared or reused

# Important security notes:
Master password is never transmitted
Only hash used for authentication
Data encrypted before leaving device
Bitwarden cannot recover your password

# Recovery options:
- Emergency Access (premium)
- Account recovery admin (orgs)
- No master password recovery!

# Two-factor authentication:
Settings > Security > Two-step Login
Options:
- Authenticator app (TOTP)
- Email
- Security keys (FIDO2/WebAuthn)
- Duo (premium)
- YubiKey (premium)

Vault Organization

# Item types:
- Login (websites/apps)
- Card (payment methods)
- Identity (personal info)
- Secure Note (text)

# Creating logins:
Click + New Item
Fill in:
- Name
- Username
- Password
- URL(s)
- Notes

# Password generator:
Click dice icon
Options:
- Length (5-128)
- Uppercase, lowercase
- Numbers, symbols
- Avoid ambiguous characters
- Passphrase option

# Folders:
Create folders for organization
Assign items to folders
Nest folders for hierarchy

# Collections (organizations):
Share with team members
Granular permissions
Different from personal folders

# Favorites:
Mark items as favorite
Quick access at top of vault

# Custom fields:
Add extra fields
Types: Text, Hidden, Boolean
Useful for security questions

Browser Extension Usage

# Auto-fill:
Click extension icon
Select matching login
Or: Ctrl+Shift+L (auto-fill)

# Auto-fill settings:
Settings > Auto-fill
- On page load
- On icon click
- Keyboard shortcut
- Default URI match detection

# URI matching:
Base domain: example.com
Host: login.example.com
Starts with: https://example.com/login
Exact: https://example.com/login/
Regular expression: Custom pattern

# Generate passwords:
Click generator icon
Copy generated password
Or auto-fill in forms

# Add logins:
Banner appears on new logins
Click to save credentials
Or: + button to add manually

# Keyboard shortcuts:
Ctrl+Shift+Y: Open vault
Ctrl+Shift+L: Auto-fill
Ctrl+Shift+9: Generate password
Ctrl+Shift+N: Add login

# Context menu:
Right-click on form fields
Bitwarden options available

Desktop Application

# Features:
Full vault management
System tray integration
Biometric unlock option
Offline access

# Biometric unlock:
Settings > Security
Enable Windows Hello / Touch ID
Requires master password first

# Minimize to tray:
Settings > Preferences
Run at startup
Minimize to system tray

# Vault timeout:
Settings > Security > Vault Timeout
- Immediately
- 1-5 minutes
- 15-30 minutes
- 1-4 hours
- On system idle/sleep/lock

# Timeout action:
- Lock (require master password)
- Log out (require full login)

# Export vault:
File > Export Vault
Formats: JSON, CSV, encrypted JSON
Use encrypted for backups!

Command Line Interface

# Login
bw login
bw login email@example.com

# Unlock vault
bw unlock
# Returns session key
export BW_SESSION="session_key"

# Sync vault
bw sync

# List items
bw list items
bw list items --search "google"
bw list folders
bw list collections

# Get item
bw get item "Item Name"
bw get item id-here
bw get password "Item Name"
bw get totp "Item Name"

# Create item
bw create item "$(echo '{"name":"Example"}' | base64)"

# Edit item
bw get item id | jq '.name = "New Name"' | bw encode | bw edit item id

# Delete item
bw delete item id

# Generate password
bw generate
bw generate -ulns --length 20

# Export
bw export --format json
bw export --format encrypted_json

# Lock
bw lock

# Logout
bw logout

# Useful scripts:
bw get password "Example" | xclip -selection clipboard

Security Features

# Encryption:
AES-256 bit encryption
PBKDF2 key derivation
Salted hashing
Client-side encryption

# Key derivation settings:
Settings > Security > KDF Settings
PBKDF2 or Argon2id
Iterations count
Higher = more secure, slower

# Password health reports:
Tools > Reports (premium)
- Exposed passwords
- Reused passwords
- Weak passwords
- Unsecured websites
- Inactive 2FA

# Data breach report:
Check if emails exposed
Uses Have I Been Pwned

# Emergency access:
Settings > Emergency Access
Designate trusted contact
Set wait time
Grant view or takeover

Self-Hosting

# Bitwarden self-hosted:
# Requires Docker

# Download installation script
curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh
chmod 700 bitwarden.sh

# Install
./bitwarden.sh install

# Configure
./bitwarden.sh start

# Update
./bitwarden.sh update

# Vaultwarden alternative:
# Lightweight Rust implementation
docker run -d --name vaultwarden \
  -e ADMIN_TOKEN=your_admin_token \
  -v /vw-data/:/data/ \
  -p 80:80 \
  vaultwarden/server:latest

# Connect clients:
Settings > Self-hosted
Enter your server URL

Organizations

# Create organization:
Settings > Organizations
New Organization
Choose plan (free or paid)

# Collections:
Organize shared items
Grant access to members
Granular permissions

# User management:
Invite users by email
Assign to collections
Set user types:
- User
- Manager
- Admin
- Owner

# Policies (Enterprise):
- Master password requirements
- Two-step login required
- Single organization
- Personal vault disable

# Shared folders workflow:
1. Create collection
2. Add items to collection
3. Share collection with users
4. Set permissions

Send Feature

# Bitwarden Send:
Share text or files securely
Self-destructing links
Password protection

# Create Send:
Click Send tab
+ New Send

# Options:
- Text or File
- Name
- Deletion date
- Expiration date
- Maximum access count
- Password protect
- Hide email
- Disable after max

# Share link:
Copy Send link
Recipients don't need account
Enter password if set

# Manage Sends:
View active Sends
Delete early
Track access count

Mobile Features

# Auto-fill on mobile:

# iOS:
Settings > Passwords > AutoFill Passwords
Select Bitwarden
Works in Safari and apps

# Android:
Settings > Accessibility
Enable Bitwarden
Or: Autofill service

# Biometric unlock:
Settings > Security
Enable fingerprint / Face ID

# Camera for TOTP:
Scan QR codes
Auto-setup authenticator

# Watch apps:
Apple Watch app
Quick TOTP access

Import and Migration

# Import from:
- LastPass
- 1Password
- Dashlane
- Chrome
- Firefox
- KeePass
- Many others

# Import steps:
Tools > Import Data
Select format
Choose file or paste
Import

# Export for backup:
Tools > Export Vault
Choose encrypted JSON
Store securely

# Migration tips:
Export from old manager
Import to Bitwarden
Verify all items
Update browser autofill settings
Uninstall old manager

Conclusion

Bitwarden demonstrates that security and accessibility can coexist, providing enterprise-grade password management with the transparency of open source. Its cross-platform availability, robust feature set, and commitment to user privacy make it the ideal choice for individuals and organizations seeking secure credential management. Whether using the free tier or premium features, Bitwarden delivers the protection needed in today’s digital landscape.