1Password started as an Apple-only application, but since then has made its way to.
What is the Best Password Manager for 2020? Welcome back to another review! This time we're taking a look at what is the Best Password Manager, in 2020. Click on the ‘+’ button at the bottom, and you can add new items on Bitwarden. New item types are limited to Login, Card, Identity, and Secure Note only. Compared to that, Dashlane offers Business.
That’s the end of the post. You can go home, now.
If you want a further breakdown, consider these points:
Security, most important, most overlooked
From a pure security standpoint, it’s a toss-up between Dashlane and Bitwarden. Both offer best-in-class security, so your passwords are safe on both.
Bitwarden offers 2FA auditing at the organization level for business users, while Dashlane does not. Enforcing is on the roadmap.
I would add that Bitwarden can offer a little more peace of mind for two reasons:
1. It’s open source.
A great many of you just sighed, but it being open source means it can be checked constantly for issues. The source for all their software is here.
This also means that if Bitwarden doesn’t have a feature you like, or something works in a way you don’t like, you can just change it.
2. It’s self-hostable.
Some hacker is far more likely to attack the behemoth that is Dashlane with it’s millions of user passwords, than they are to attack your little server with your 1000 passwords (at best). This also means that you are in control of your data, which is good news for the tin-foil hat wearers out there.
You can even get Bitwarden’s paid features for the price of hosting your server by following this guide
Nobody cares about security, though, right? So let’s move on to the good stuff:
Features, the good stuff (also price)
Dashlane Bitwarden Lastpass
Bitwarden offers every feature Dashlane does with loads more on top of those, and more of them for free. It’s paid version is also cheaper than Dashlane’s.
Here’s a table I stole, that compares both service’s features:
| Feature | Dashlane | Bitwarden |
|---|---|---|
| Chrome support | yes | yes |
| Firefox support | yes | yes |
| Edge support | yes | yes |
| Safari support | yes | yes |
| Mac OS, Windows support | yes | yes |
| Linux support | poor | yes |
| Mac OS command-line client | no | yes |
| Windows command-line client | no | yes |
| Linux command-line client | no | yes |
| Android support, including auto-fill | yes | yes |
| Android auto-fill in Chrome | yes | yes |
| Auto-fill in Android work profile | yes | yes (1) |
| Android auto-fill shows full usernames | yes | yes |
| iOS support, including auto-fill | yes | yes |
| Two-factor authentication | yes | yes |
| YubiKey support in browser (Enterprise) | no | yes ($) |
| YubiKey support in browser (Personal) | no | yes ($) |
| YubiKey support in Android | no | yes ($) |
| YubiKey support in iOS | no | yes ($) |
| Saved password in Android, iOS | yes | yes |
| Fingerprint login in Android, iOS | yes | yes |
| Synchronization across devices | yes | yes |
| Import from LastPass | yes | yes |
| LastPass import distinguishes work from personal items | no | no |
| Preserves LastPass folders in some way when importing | doubtful | yes |
| Personal linked account support (or the equivalent) | poor | yes |
| Save location (personal vs. work) specified at creation time | no | yes |
| Save location (folder / collection / space) editable in web app | no | yes |
| Sensible password quality checks for master password | no | yes |
| Password history on Linux | no | yes |
| Password history on Windows, Mac OS | yes | yes |
| Secure notes | yes | yes |
| Attachments on notes on Linux | no | yes |
| Attachments on notes on Windows, Mac OS | yes | yes |
| Shared folders with access control on Linux | no | yes |
| Shared folders with access control on Windows | yes | yes |
| Shared folders with access control on Mac OS | yes | yes |
| Items can exist in multiple groups with distinct access control | no | yes |
| Nested folders | no | yes |
| Resists auto-filling invisible forms | yes | yes |
| Browser plugin only fills selected form | unknown | no |
| Browser plugin displays icon in form fields | yes | no |
| Browser plugin prompts to save new sites on Linux | yes | yes |
| Browser plugin prompts to save new sites on Windows, Mac OS | yes | yes |
| 2FA integrated into login entries in vault (Mac OS, Windows, iOS, Android) | no | yes |
| 2FA integrated into login entries in vault (Linux) | no | yes |
| Auto-fill in browser disabled by default | no | yes |
| Auto-fill in browser can be disabled by preference | no | yes |
| Admins can reset passwords | yes | no |
| Admins can access other people’s unshared credentials | no | no |
| Admins can reset other people’s 2fa | no | no |
| 2fa can be enforced at the organization level | no | no (3) |
| 2fa can be audited at the organization level | no | yes |
| Exporting items on Linux | no | yes |
| Exporting items on Windows, Mac OS | yes | yes |
| Password health reports | yes | yes ($) |
| App export includes attachments | unknown | no |
| CLI export includes attachments | no | poor (2) |
| Responsive to bug reports and feature requests | unknown | yes |
| Open source | no | yes |
| Option to self-host | no | yes |
| Users can delete own account (customer service not needed) | yes | yes |
| Admins can delete business account (customer service not needed) | yes | yes |
| Has a useful status page that can be subscribed to | yes | no |
| Number of outages in the past six months (since December, 2018) | 12 | 0 |
| Enterprise price per user per month | 4 | 3 |
| Personal price per user per month (no Attachments or YubiKey) | 4.99 | 0 |
| Personal price per user per month (w/Attachments & YubiKey) | 4.99 | 0.84 |
Note 1: In work profile apps Bitwarden might not pop up a dialog automatically inviting you to auto-fill, but it’ll display a notification you can tap to do it.
Note 2: CLI allows individual attachments to be exported. The user would have to write a script to iterate through and export all of them.
Note 3: On the product roadmap, not yet implemented as of writing (Click to see the feature request)
If you aren’t interested in either Bitwarden or Dashlane, or just want to see what else is out there, Consumer Advocate wrote a great article breaking down a bunch of password managers by their price, feature-set, overall user experience and more. It’s a great read, click here to check it out.
I’ve been using Dashlanefor years, it’s the best password management software I ever used, even when I made the decision that migrating all my passwords to Bitwarden, I still believe no other password management software can compete with Dashlane. So why did I abandon Dashlane anyway and embrace an ugly, incomplete, open-source password management Bitwarden?
pros and cons
Dashlane gives me the best experience of managing thousands of passwords. I used lasspass and 1Password before. All of them just lack the smooth and convenient autofill functionality. When you click on a form, Dashlane will pop up a complete list of credentials. This functionality does not only work on password forms but also work on payment forms, personal information, and it can even autofill 2FA!
Why did I switch?
For so many years, I put down all my personal data, events notice, backup notes, bank accounts, and credit card information in Dashlane. I would have been still using Dashlane if it chooses not to deprecate the desktop version.
To maintain the secure state of my passwords in Dashlane, I created a robust master password. I cannot memorize the whole master password because it’s too long and very complicated, so I kept it in my Yubikey. Every time I just need a slight touch and my Yubikey will fill it out for me. Also, I can enable Windows Hello as my alternative login method instead of the complicated master password. But all of them disappeared after Dashlane abandoned the desktop version. Now I have to check out my master password every time after booting my computer (I only need to type 4 digit PIN when I can utilize Windows Hello on desktop version)
Dashlane To Bitwarden
To be honest, Dashlane is definitely going on downhill. It used to be the best one among other password management software. It’s the first one that invents the popup menu for autofill, it’s the first one that created the floating bulb on Android so we don’t need to switch between Dashlane and the app we were using. It used to be so creative, but now everyone else is catching up while Dashlane starts panicking.
The $50 annual subscription fee is not very expensive comparing to it’s importance in my life. The problem is that Dashlane is becoming a tyrant. It totally ignores customers’ suggestions and do what they think is right.
Secure Setup of Bitwarden
Let’s switch to Bitwarden!
The original Bitwarden limits free users from accessing serval “premium” features such as 2FA and TOTP, even you setup a self-hosting server. I don’t really get the point since Bitwarden was already open source. I choose Bitwarden_rs which is a Rust version of a full-feature Bitwarden server. A funny part is that some fundamental libraries on Rust seem do not support TLS and thus we have to use a reverse proxy to safely handle all HTTPS requests.
Export Dashlane To Bitwarden
I build my own Bitwarden server on a home server. To prevent potential harmful attacks and scanning, I made my IP address hide behind Cloudflare with full strict end-to-end encryption, and only allows Cloudflare’s IP pools to send requests to my server.