Ditching Bitwarden: Could RoboForm Be My Next Password Manager?

Before starting, I admit there are multiple password managers recommended on the PG site, but none fit my requirements, so I want to know if there is any good, reliable, trusted password manager beyond the PG‑recommended ones.

I was a paid Bitwarden user, but the paid plan doesn’t justify what it offers. I’ve used other popular password managers and found their user experience much better than Bitwarden’s. I know privacy and security should be my top priorities, but user experience matters too, especially for an app used every day. Also, Bitwarden’s autofill sometimes stops working; toggling the autofill service off and on in settings makes it start again. Autofill accuracy isn’t very reliable, but that’s still acceptable for me.

I don’t plan to self‑host, and because I use multiple devices I’m looking for cloud‑based options only. I’ve tried all the cloud‑based password managers recommended on the PG site, but unfortunately I have at least one problem with each of them.

• 1Password - No complaints except price. I feel uncomfortable paying nearly $50 for a single online service, so it’s off my list.
• Proton Pass - I dislike ecosystem lock-in. I started using multiple Google services for this convenience and don’t want to make the same mistake again this time. Though Proton is more private than Google, I oppose the “all eggs in one basket” approach. I’m using Proton Mail and might use their VPN in the future, so I don’t want to go with Proton Pass. I also dislike the SimpleLogin integration—there’s no option to permanently disable it.
• Psono - After my Bitwarden paid plan expired, I started using Psono as my regular manager. The setup was painful; it didn’t accept Bitwarden’s encrypted JSON format. It accepts mostly CSV format from other password managers excluding Bitwarden, Enpass, KeePass.info and Password Manager Pro. The app feels unreliable: new entries don’t appear immediately—I have to pull down to refresh. The web vault (and possibly the extension) has no auto‑lock: if you’re signed in on the site, it stays unlocked until you log out. That’s a serious security flaw for me, since I sometimes access my password manager from my workplace system; if it stays unlocked, anyone can view my credentials.

Since options were limited, I followed Reddit posts and found RoboForm is well known there. Some users say they are using it from the last 20 years; some even tried 1Password but returned to RoboForm. There are other password managers mentioned as well, such as NordPass, Enpass, Keeper, etc.

Because of those comments on Reddit, I’m thinking of RoboForm as my next password manager. I haven’t found any posts about RoboForm or any other password managers in the PG community, but I did find a comment that claimed –

RoboForm has apparently only been audited once, and the report doesn’t give any details about the actual findings, so not very transparent behavior from them.

Both are also using PBKDF2, when more modern alternatives are available and RoboForm’s 100,00 iterations are insufficient.

Regarding RoboForm, I also noticed that their Android app requires a whopping 62 permissions, which is a pretty insane number for a password manager.

As the comment is one year old, I cross-checked the claims and found that -

RoboForm has successfully undergone two comprehensive security audit and penetration tests conducted by Secfault Security.

To protect against dictionary, brute force, or other attacks, RoboForm uses AES256 bit encryption with PBKDF2 SHA256 and 8,388,608 iterations. PBKDF2 is a key stretching algorithm used to hash passwords with a salt.

Based on Permission Pilot, RoboForm android app requires total 65 permissions.

So, should I switch to RoboForm or are there any better options available?

What you didn’t like about Bitwarden and Proton Pass? Proton is not locking you into its own environment. If you wanna go, export your vault and done. BW Premium is like 20 USD, how much cheaper would it be for you?

What are your expectations from a password manager?

What are you talking about? You can use or upgrade to Proton Pass Plus and not sign up for Unlimited. There is no lock in. It’s you who has to choose how you use their service(s).

Reading your post, it is my opinion that you’re discounting all the good ones for one reason or another and that to me implies you’re simply looking for a community approval on your preference here for RoboForm.

I also don’t think you’re evaluating it properly for yourself. Nitpicking issues that annoy is not the way to go. No software is 100% the way you like it. But you choose the one that provides good value, excellent privacy and security, and usable UI/UX. That’s it.

This is not at all true. I use the same settings and my extension works just as well. Brave or on FF.

Except the issues I’ve mentioned earlier, I’ve faced one more issue with Proton Pass — every time a browser’s site data is cleared, the account is signed out automatically from the Proton Pass extension. It’s very frustrating: I use multiple browser profiles and have “Clear data on exit” turned on in most of them. So when using the Proton Pass extension I have to log in to my Proton account after every browser restart.

And about Bitwarden: the price of the paid plan is never a problem for me. But after paying for a service, I don’t want to encounter issues like sudden autofill failures, a UI that still looks dated, and autofill not working on many sites I use daily even after adding the exact same web address — forcing me to paste credentials manually. These issues are acceptable for a free service, but after paying I don’t want to struggle in my everyday use.

But I’ve faced this issue several times: to use the extension I have to keep my Proton account logged into my browser, and if I clear site data I have to sign in again.

If you clear all the data in a browser, how could a standalone browser extension should save your account details? One way to achieve is to add exceptions under Cookies and Website Data, add Bitwarden and Proton sites like below

https://vault.bitwarden.com
https://bitwarden.com
https://account.proton.me
https://pass.proton.me
https://proton.me

For autofill issues, no password is perfect and no password manager can know every website on the planet. Are you reporting autofill issues via their Github page? Sign in to GitHub · GitHub > Report auto-fill failure in browser

I think this is how it works for me. But I have not tested it to confirm. But doing this also keeps you logged into Proton Web. Not just the extension.

Even if I ignore the SimpleLogin integration in Proton Pass, other issues hold me back from using it.

First, I strongly support decentralisation - I already use Proton Mail and might use Proton VPN in future, so I don’t want to store my passwords with the same provider.

Second, every time a browser’s site data is cleared, the Proton Pass extension signs me out automatically. It’s very frustrating: I use multiple browser profiles and have “Clear data on exit” enabled in most of them. So I have to log in to my Proton account after every browser restart. To use the extension I must keep my Proton account logged into the browser, and clearing site data forces me to sign in again.

Third, there is a strong possibility Proton might be banned in our country sooner or later. Even if there will ways to access Proton services after the ban, it won’t be very convenient for daily use.

I’m not preferring RoboForm over other password managers; I was just surprised to read that some RoboForm users have used it for the past 20 years, which is a long time. I haven’t used Bitwarden for more than 10 years either. I’ve never tried RoboForm. If you suggest any better solution, I’ll welcome it.

Yes, you are absolutely right, no service is 100% compatible with every user’s requirements. I’m currently using Psono and prefer it over Proton Pass any day, but Psono has issues that make me uncomfortable, so I’m looking for a better option.

You’re contradicting yourself already. Don’t think you’re going to like anything I say here. You do you.

You’re practically discounting all valid usable tools. I don’t know what else to say.

I don’t know how, but I’ve used extensions of other password managers and I’ve never faced this issue with them — specifically Bitwarden and NordPass. I couldn’t test 1Password because they don’t offer a permanent account (only a 14‑day trial).

To recheck my claim, I asked a friend who is a Proton Unlimited user and he has encountered the same issue.

If this were common across most password managers, I wouldn’t complain, but I’ve encountered it only with Proton Pass.

I know that, but even after adding the exact web address, Bitwarden still doesn’t show the autofill suggestion. It has the same issue with app logins, but that’s okay since I don’t log in to apps more frequently.

No, I never reported these issues on their GitHub page. I’m not interested in holding a GitHub account for myself.

Yes, I support decentralisation. But when it comes to VPNs, only Proton VPN provides a sustainable speed. I’ve used all three VPNs — Proton VPN, IVPN, and Mullvad — and Proton has the most stable speed with the lowest latency.

As for Proton Mail, I plan to switch to another provider, but it’s not a one‑day job; it will take months to migrate completely.

So I won’t pause using Proton VPN just to support decentralisation while I finish moving away from Proton Mail.

If I could have figured it out myself, do you think I would have made this post? There are only four PG‑recommended cloud‑based password managers; I want to move away from one of them, and the other three either don’t fit my requirements or are not well developed yet.

I read a comment about Filen that said -

just because it’s not mentioned doesn’t necessarily mean it’s not recommended.

So I thought: if Filen can be recommended despite not being on the list, there are probably other password managers that are not as highly rated as the top four but that many people still use.

To address the original post: I still would not personally place RoboForm in the same trust tier as 1Password, Bitwarden, or KeePassXC, etc. ecosystems. Their architecture reputation, transparency and external security scrutiny seem subpar / not ideal? That does not mean RoboForm is insecure, to me it looks like there is significantly less collective confidence around it.

Though given everything you wrote in this thread, I have no idea what to recommend to you

I can say this is probably the most suitable answer for this post—thanks for truly understanding my problem.

As I want to pay for a password manager, I’m thinking of using RoboForm for now; when I can afford $50 for a single service, I’ll switch to 1Password.

Do you recommend any other password manager besides those I’ve mentioned? I mentioned RoboForm specifically because I saw it mentioned in almost every Reddit thread about password managers, so I thought it’s very popular there so why not I ask about it here also.

But it looks like I made a mistake.

I too am migrating from bitwarden. It’s not user friendly enough for me, I’ve at least twice committed a new password and saved a different version in bitwarden. I know how it happens now and it didn’t ought to be that error prone. Mainly though it’s the fact that the android app doesn’t deliver full functionality. Some things, important things like changing password, have to be done on the website and using that on an android phone is awful.

I agree with the OP 100% about proton, pass/mail plus/Simplelogin is a dogs dinner designed around coercion into unlimited. I already use free mail and paid vpn and no way do I want to share their login credentials with my password manager.

I’m moving to keepassdx. No cloud and everything managed from android.

As for Roboform, all I know about it is I have a very techically and security minded friend who has used it on apple and windows for decades and speaks very highly of it.