Should I use Bitwarden, Proton Pass, or 1Password?

I don’t use password managers and want to start using them, which is your preference and why?

If you prefer Open source software and want a low cost subscription then go for Bitwarden. It’s just 10$ per year. However, the UI/UX belongs to 2010s.

If you prefer good UI/UX and if you are ready to pay more, then go for 1Password. It’s not Opensource but very intuitive. It’s aesthetically pleasing and the quick access option is magical.

ProtonPass :thinking: I just tried it once but didn’t really like the apps.

So far I have tried lastpass, dashlane, protonpass, bitwarden and 1password. For me it’s 1Password > Bitwarden > Protonpass > Dashlane. Don’t use lastpass.

2 Likes

1Password > Bitwarden > Proton Pass.

1Password, better UI, better features, better security
Bitwarden, moderate UI, enough features but less compared to 1Password. Open-source and cheap.
Proton Pass, well, it needs A LOT of improvement, but if you have a subscription already you can use it. Otherwise wait for it to mature.

1 Like

I used to use Bitwarden for many years until this year when I switched to Proton Pass which I really like. Their UI and UX are comparable to 1Password while being much better than Bitwarden who also recently updated their UI but still cannot match these other two.

Personally, I don’t use 1Password because it’s not open source like Proton or Bitwarden, and it doesn’t have a free built-in aliasing feature that I really like in Proton. Since I also use Proton Pass with my family, I appreciate how easy Proton has made it to create new aliases for logins.

I would still suggest that you try them all out for yourself to see which one you like best. I think they’re all really good options, although there are definitely some people here who don’t like that PrivacyGuides recommends 1Password because of its closed source nature. But you have to decide for yourself if that is something that is important to you.

4 Likes

Proton Pass has improved a lot. Have you used it recently - works like a charm. Even the extension.

Bitwarden apps have always been simple and utilitarian. But with their new updates, they do look nice. It’s still not the prettiest but that’s not a dealbreaker in any way.

4 Likes

Yes, it is installed on my computer. Still it is not able to perform auto update. No file attachment support. No ability to multi select items like 1Password, or Explorer style.No support for importing SSH keys, licenses, IDs. No ability to unlock browser extension via biometrics and it is not connected to desktop app via native messaging. Simplelogin integration is there but it is a mess.

Many of the website autofills are not working. Icon is simply missing on login fields. It can’t even unlock Proton Pass vault webpage.

My Windows desktop app version is 1.2.7 and Brave browser extension version is 1.2.6, even they couldn’t make that same.

Passkeys are also hit and miss.

Hmm.

You seem have highly specific reasons with nitpicks. That’s okay, not everyone is a power user with specific requirements they want.

But for the vast majority or even up to 90% of people, Proton Pass and Bitwarden are fantastic options where they do what they’re supposed to do and more.

The apps may function a little differently on different OSs but Proton has been improving their products a lot and will continue doing so.

Passkeys work just fine. Apps update just fine too - auto updating is not an issue for me since I like to perform updates manually because I get to learn what new updates bring to the apps. Multi select does work but you seem to want it to work differently or your way which is not always possible with any app as there will always be some functionally different ways each app works for how a user may want it to work.

2 Likes

Source? I’m sure 1Password’s security IS NOT superior to Bitwarden or Proton Pass.

3 Likes

Multiselect is selecting every item one by one at the moment. Try to select all items from letter A to D for example, or try to select via CTRL or SHIFT key, it won’t work in PP.

File attachments are a must. It can’t be even a topic for questioning. Auto-update should be there too. In the app logs it is getting the update but in reality it does nothing.

For alias management, it is nice thing to have aliases in one place, and I am assuming Proton will migrate SL to Proton Pass completely, but basic things are missing. For example, you have an alias, and you want to assign it to a login item. You can’t. You want to create a login item from an alias, and PP creates another item, and leaving alias alone instead of assigning to the new login, causing duplicates.

There are no domain rules, so if you try to login proton.me website, PP shows all logins which has proton.me as domain in it. I have several aliases created under proton.me domain and they are showing up whenever app sees a Proton domain because extension is searching for :proton.me when trying to login.

There are no favourites option. There are no categories or tags or folders. It also doesn’t remember latest sort option. It resets itself to Recent all the time. There is also no Apple Watch support.

Bitwarden is good, but their latest UI changes are bad. I am using it as a backup for my 1Password vault.

If Proton Pass really wants to be a competitor to 1Password and Bitwarden, they should deliver at least the same functionalities as those two password managers.

Why not? Because it is not open-source?

Whitepaper: https://1passwordstatic.com/files/security/1password-white-paper.pdf

Audits: Security audits of 1Password

It also has Travel Mode, Secret Key and unlimited support for security keys, unlike BW and Proton Pass

Secret Key is an additional security feature? I hope you know what that is.

How much time you have given for this? I remember that Proton has stated before that they are rolling updates in different times for everyone, so it can take a while before you are receiving the update.

Both of these should be coming early next year.

This is working correctly for me, not sure why it is not working for you. Are you using the extra password feature for Pass? That Proton cannot autofill.

Do you have a typo here? The latest versions should be either 1.26.0 or 1.27.0.

Refreshing the page could help but also pressing the passkey button if a website has implemented it.

You can copy the alias and paste it to the email field of the login item. But sure, this could be improved to make it even more easier.

The way how Proton Pass currently works is to always create two separate items, the alias and the login item, and there are some specific alias managing features that you can only do with the alias item, so it is definitely still needed in addition to being stored by the login item.

You can pin items to the top where they are always accessible, which should achieve the same thing. Also, Proton Pass has vaults that basically work like folders.

You need to remember that Proton Pass is still a very new password manager compared to Bitwarden and 1Password, and unlike those two, Proton Pass isn’t funded by VC money.

1 Like

@Anon47486929 BW and PP have 5 security key limit, 1Password doesn’t have a limitation. As for Secret Key (not security key) is additional mandatory password, generated automatically when creating an account, which is 128bit extra characters. You can’t login without it. Others don’t have this feature. So, to login your account, you need your username, password, secret key and 2FA method. Also Travel Mode is very beneficial Use Travel Mode to remove vaults from your devices when you travel | 1Password

@Critical_Crab5543

For auto updates I am waiting for months. I have to install every update manually because auto update never worked.

Sorry, you are right. That was a typo. Desktop app is 1.27.0 and Brave extension is 1.26.0

Try to login pass.proton.me, and after logging in, lock your vault and try to login again. PP autofill icon disappears. Similar issue is happening on some other sites like Broadcom, Reddit, and some more. I didn’t made a list but I can make it if needed.

Yeah, they should improve alias management but they are not providing any roadmaps and plans for the aliases, or I couldn’t find one yet.

Pinning might work as a workaround, but I hoped better favs management. If you have like 20-25 favs like me, pinned items lose their visibility.

Also Proton is not a new company and have no funding issues. They have around 400 employees and they should be aware of the market and the competitors.

I still got this to work. Maybe you should contact Proton directly to ask about this and your update issue.

This is the latest update about this, which would indicate that Proton is planning to improve the integration in the future. They have already done some of this for their mobile apps, so it would be great to see these features landing to the other apps soon.

Secret key is mostly useful for people who don’t know how to create a strong master password. If you know how, the secret key becomes more like an annoyance and another secret to secure.

It is also worth pointing out that Proton has the extra password feature for Proton Pass that would also mean that a potential attacker would need to know your Proton account password and your Proton Pass extra password to get access to your passwords. This is not used for the encryption unlike the secret key but could still be useful for people who want it.

3 Likes

When I first started using password managers, I tried a LOT of them (more than 20, maybe as many as 30 of them). One of the criteria I set was that of the about 200 logins I had, it should not fail to fill on more than 6 sites. My reasoning was that to prevent phishing, it should always fill. A failure to fill should indicate a fake site. If it fails to fill on a valid site, then it is not providing the phishing protection that it should be providing.

Bitwarden fills all sites (though some needed additional setup to work). KeepassXC fills all sites (with more special setups than Bitwarden). Proton pass when it was first released failed on 32 sites. Now it fails on 11 sites. Proton Pass does not provide a way of tweaking the fill to fix the “problem sites”. It also does not support sites with anything other than a username + password format, so things like 3 field sites are not supported. It also only appears to match the base domain of the site, so suggests multiple logins for sites with different subdomains, though I have not investigated this further. 1Password when I tried it some years ago also has issues with subdomains (matching just the base domain like Proton Pass).

As for UI, 1Password is the nicest one, though like all the others it has some less obvious things. Original Bitwarden was plain but highly functional, the newer UI is prettier but not as quick to use (in my opinion of course). Proton Pass is prettier than Bitwarden, but for usability I would rate it worse than 1Password and Bitwarden original. Also the integration with Simple Login has traps, like making it easy to delete an alias which can then never be recovered. I run Proton Pass unlinked from Simple Login for this reason.

As others have stated the 1Password Secret Key is a left over from the days 1Password was a local password manager. All it does is similar to adding some extra characters to your password so if you use a weak password it will not be too weak. If you know how to create and use a complex password it is more hindrance than benefit as it is another way to get locked out of your passwords.

All of these better known password managers are evolving so my comments apply to the versions available now for Bitwarden and Proton Pass, and to a few years ago for 1Password.

Hi @privacy, welcome to the forum. I feel like a lot of the replies here are confusing and don’t all directly answer your question, so I figure I’ll give it a shot. As you are on to, Privacy Guides recommends four cloud-based options: Bitwarden, Proton Pass, 1Password, and Psono.

Psono:
I would not recommend Psono given that it is more geared towards enterprise users but also has the most dated UI and is missing important features like email aliasing support, among others. Psono is probably a better fit if you are looking to self-host your password manager, since it provides many enterprise-specific features for free for up to 10 users (only applies to self-hosted Psono, and I generally don’t recommend self-hosting a password manager).

1Password:
Among the most popular options on the list, especially among less tech-savvy users. It consistently provides the best UI/UX, although the gap is slowly shrinking. I would consider 1Password a perfectly acceptable solution for users who either already use 1Password or need specific features like the developer CLI and SSH key support. That being said, 1Password has some drawbacks which range from minor to serious depending on your use case / beliefs. As others have mentioned, 1Password is the only closed-source cloud-based password manager recommended by Privacy Guides, which is a non-starter for some users. Still, 1Password has a flawless security reputation; otherwise, it would not be recommended here. Other drawbacks include the price, which is at least double what rivals cost, and lack of robust email-aliasing support (without a Fastmail subscription). The last two reasons are really why I would not recommend using 1Password unless you can justify the extra cost with the developer tools.

Bitwarden and Proton Pass:
You can’t really go wrong with either option. Both are open-source with Proton Pass being the newer of the two. Proton Pass is really a no-brainer if you already have a Proton account with a Proton Unlimited subscription. Both offer robust email-aliasing support, with Proton having integrated SimpleLogin aliases (included with the subscription, with a limited number of aliases for the free tier). Bitwarden has the same robust email-alising support, just without an integrated solution, so you need to buy a separate SimpleLogin or Addy subscription if you want unlimited aliases. As for UI/UX, Bitwarden is refreshing their native mobile clients with a much more modern UI, which personally I find to be, together with the Proton Pass clients, very close to as good as 1Password.

5 Likes

Try Bitwarden and Proton Pass and see whichever you like more.

I find Proton Pass to have the best UI and UX. Email aliasing integration is very nice too.

2 Likes