Firefox Bitwarden

Posted on by



  1. Bitwarden Firefox Android Autofill
  2. Bitwarden Firefox Private
  3. Bitwarden Extension Edge
  4. Vault Bitwarden
  5. Firefox Bitwarden
56 downloadsUpdated: March 18, 2021GPL / Freemium

I switched from Firefox’s Password Manager to Bitwarden for a trivial reason: I disliked how the former operated: 1- I want to enable/disable the Password Manager at any time: Bitwarden makes it easy, Firefox (given a Master Password is set of course) has no switch to disable the Master Password during a session unless to call ‘Clear Recent History’ with ctrl+shift+del and select. Reviews and ratings for Bitwarden - Free Password Manager. Find out what other users think about Bitwarden - Free Password Manager and add it to your Firefox Browser. Browser add-ons are available Chrome, Firefox, Vivaldi, Opera, Brave, and Microsoft Edge. A Firefox link is provided for the Tor Browser, but we do not recommend this as using any browser add-on with Tor Browser makes it more susceptible to browser fingerprinting. The add-ons look like the Bitwarden apps and provide the same core functionally. Bitwarden has many plus points. It’s free, albeit with a modestly priced ($10 a year) premium offering that brings additional features. It’s not pulling the same trick that some better-known.

n/a

Another password manager with plenty features to enjoy, premium features for the more demanding users, and an overall pleasantly secure experience

What's new in Bitwarden for Firefox 1.49.1:

  • Resolve FF < 77 not working (#1706)
  • Bitwarden Send - Added pop out banner for linux os (#1713)
  • Add support for browser biometrics on Firefox >= 87 (#1668)
Read the full changelog

Remembering all the passwords you use for your accounts can be a total drag. In fact, it has become more and more difficult to keep track of all the passwords we use with streaming, chat, or download services. It's even more difficult if you're trying to achieve a higher security level by having a different password for each. Bitwarden for Firefox could be one particular option amongst dozens of other similar solutions.

It works like others but for free

Now this extension's most valued asset is its price. You can enjoy all the basic or necessary features for free. Yes, you'll have to pay for premium features like the 1 GB encrypted storage for file attachments, two-step login options, and data breach reports, but you won't really need those if you're a general user. It is indeed worth a try if you're having problems with keeping track of your passwords.

If you're a basic user and don't wish to pay for premium privileges, there's still quite a lot for you to do. After creating an account on Bitwarden's client website, proceed to access the extension from the right-hand corner. Log in, as you would with any other service, and begin adding login, card, identity, or secure note information.

Included features and settings

Regardless of your choice, you'll have to fill in the service you're using, the password, and other more specific information, like card number if adding a card or name, phone number, social security no. if opting to add an identity. This password manager goes beyond saving passwords.

It can help organize and make your credentials more accessible. Amongst other useful features, one can mention the password generator, for individuals looking to create secure, hard-to-crack passwords. The generator will randomize the elements you allow it to add in the password, presenting you with an option that you'll be able to change if unsatisfied, over and over again.

Your AES-256 bit encrypted data is so secure that not even Bitwarden can access it. Still, you've got plenty of options to access the data yourself when needed. You can import vaults and have access to passwords no matter what machine you're logged on. You can also share your vault with individuals you trust or if working on a project with someone else and so on.

Bitwarden for Firefox, just like the service itself, is definitely one of the more interesting password-managing options. The amount of features it offers for free is convincing enough. Add the premium aspects and the small fee and you've got yourself a pretty sweet and secure deal.

Filed under

Bitwarden for FirefoxFirefox Bitwarden was reviewed by Tudor Sprinceana
4.0/5
LIMITATIONS IN THE UNREGISTERED VERSION
  • Basic users will not have:
  • 1 GB encrypted storage for file attachments
  • Additional two-step login options such as YubiKey, FIDO, USF and Duo
  • Password hygiene, account health, and data breach reports to keep your vault safe
  • TOTP verification code (2FA) generator for logins in your vault
  • Priority customer support
  • All future premium features
This enables Disqus, Inc. to process some of your data. Disqus privacy policy

Bitwarden for Firefox 1.49.1

Bitwarden Firefox Android Autofill

add to watchlistFirefox bitwardensend us an update
buy now$10.00Premium (Yearly)
buy now$40.00Family Premium (6 Users)
runs on:
Windows 10 32/64 bit
Windows 8 32/64 bit
Windows 7 32/64 bit
file size:
4.2 MB
main category:
Internet
developer:
visit homepage
Firefox Bitwarden

top alternatives FREE

top alternatives PAID

I’ve been using anOpenBSDlaptopas my workstation a lot more lately, probably because most of my hardware justworks now and I don’t have to think too much about it.The touchpadworkswhen I touch it, I can be confident that when I close the lid, the laptopwill fully suspend and then fully resume again when I open it,WiFi works all throughout my house (although it’s not terribly fast), and myweb browseris fast and stable.What amazing times we live in.

In the past, one thing that frequently kept me going back to myMac,aside fromiOS and Androiddevelopment, was1Password.I have a ton of logins for websites and servers, and because mybrowsersare all configured toclear cookiesfor most websites after I close their tabs,I need frequent access to passwords synced across my laptops and phones, and1Password has great apps for all of those except OpenBSD.

All of 1Password’s syncing currently works through my Dropbox account.My Mac has 1Password configured to store its encrypted database in my localDropbox directory, Dropbox does its automatic syncing of that directory to theirservers, and 1Password on my phone uses Dropbox’s API to pick up any changedfiles.It’s been reliable for years, I have local versioned backups of my database, itworks when my devices are offline, and I know I can access that data years in thefuture.

Using 1Password on OpenBSD

To bring OpenBSD into the mix, there are 3rd-party command-line apps which canread local 1Password files such as1passwritten in Go.Getting the 1Password files onto OpenBSD was left as an exercise to the reader, sending me down the rabbit hole of trying to add OpenBSD support tovariousFUSE-basedpackages that could provide a local filesystem view of my Dropbox directory.I managed tohackone of them into semi-working shape, but eventually I gave up and usedrcloneto do one-way fetching of my Dropbox directory on demand.

While this allowed me to at least view and copy passwords, the process was lessthan ideal.Browsing in Firefox, I’d have to open a terminal, type1pass copy <some website>,choose the right one,and then go back to Firefox and paste it in the proper field.Tedious, error-prone, vulnerable to phishing, and now my password is hanging outin clear-text on the clipboard.

A Firefox add-on calledPasscardsfrom the developer of 1pass seemed encouraging, as it did Dropbox syncing on itsown and supported auto-filling passwords in the browser, but I could never get it to work.The hard-coded Dropbox API token in the add-on doesn’t work and the mess ofNode dependencies to build a local version failed miserably on OpenBSD.

1Password Lock-In

Meanwhile, AgileBits, the80-personcompany developing 1Password, has been pushing their new hosted,subscription-based model for 1Password going forward.Instead of users being in control of their data files, 1Password will store themon AgileBits’ servers and users pay a monthly subscription fee for the privilege,forever.

I’m anapp developer,I get it.A big company can’t sustain development of a product that users only pay for once.However, I’ve paid for 1Password and all of its major version upgrades, and the$10 or whatever it was to unlock the “pro” features of the iOS app.I’m not opposed to paying money for apps, or for upgrades, or even for asubscription, but I don’t want to pay to host my passwords on AgileBits’ servers.Security concernsaside, there is an issue of lock-in and now having to make my OpenBSD hacks workwith AgileBits’ new API (is there even one?) instead of just accessing and backing up files from Dropbox.

Since I wasn’t sure how long 1Password would keep working with itsnon-subscription-based syncing and I was still missing first-class OpenBSDsupport, I started looked into migrating to something else.

Finding Bitwarden

The main competitor to 1Password isLastPass,which looks nice and works well as a standaloneFirefox add-onon OpenBSD, but it has the same lock-in problem and server-sidesecurity concernsas 1Password.

KeePassis a popular open-source alternative but its use case seems focused on a singlemachine.I don’t need a stand-alone GUI and I do need browser extensions and mobile appsthat can all sync reliably.And honestly, looking at theirpluginspage left me with a bit of decision fatigue: which ones are good, which ones aresecure, which ones are still maintained?Does the browser extension have to read files from my home directory or talk toa daemon that my unprivileged Firefox won’t be able to do?

There are various command-line concoctions such aspasswhich stores PGP-encrypted files in a Git repo, but that doesn’t improve mysituation over 1Password.I would still have to manually look up passwords and copy them to the clipboard.These command-line packages also lack mobile apps and syncing.

Bitwarden Firefox Private

Eventually I stumbled uponBitwardenwhich is similar to LastPass but is entirelyopen-sourceand its primary developer is funded by users paying for subscriptions to storetheir data on Bitwarden’s servers.However, all of their browser extensions and phone apps supportsetting a custom API URLbefore logging in, to allow for private installations.The iOS app and Firefox extension that I tried out looked fairly well polished,but I was more concerned with it being an open platform so I could fix bugs,add features, and host my own data.

Unfortunately, the open-sourcebackendfor these apps is written in .NET and expects to talk to a Microsoft SQL Server,requiring a big Docker image to deploy a private installation on Linux.

Since I was expecting to run my own API server on OpenBSD without all of thatoverhead, I decided to write my own compatible server.Sadly, there is no documentation on Bitwarden’s API (outside of its .NET code) soI was not even able to figure out what my server would need to provide.

Rubywarden

Bitwarden Extension Edge

Rather than wade through lots of .NET code, I decided to go for a black-boxapproach.I wrote asimple proxyin Sinatra that I could point the Bitwarden Firefox add-on to as its private APIURL.The proxy would intercept each request, print it out to the console, then send itto Bitwarden’s actual API, print out the response, and send it back to the Firefoxadd-on.

With that tool I was able todocument all of the API calls that the Firefox extension and iOS app made and the responseeach was expecting.The encryption key derivation scheme used to actually encrypt and decrypt allof the data took a bit longer to figure out, but because everything is opensource, I was able to read theJavascript codeof the Firefox add-on to understand what it was doing to encrypt a string with agiven password.

With my documentation in-hand, I wrote anew Sinatra serverthat implements all of the API calls needed by the Firefox extension and iOS app.I deployed it to a server with Unicorn behind nginx, and used Let’s Encrypt to geta TLS certificate for it.

Firefox

My API server is now small and easy to understand, it has a much smaller attacksurface than the .NET version, and all of my data is stored in a SQLite databasethat I can backup and version with cp.No lock-in, a first-class experience on OpenBSD and Firefox, and I feel betterunderstanding the details of how my data is encrypted.

Migrating from 1Password

The Bitwarden web client (not the Firefox add-on) supports directly importing1Password data files for users subcribed to Bitwarden’s hosted service.Since I’m not using Bitwarden’s web client, I wrote a command-line1Password conversion toolthat can read a 1Password Interchange Format file, encrypt the passwords usingBitwarden’s format, and insert them into the database that bitwarden-ruby uses.

After importing more than 700 logins from my 1Password file, I noticed that theBitwarden Firefox add-on was quite sluggish on OpenBSD.Unlocking it with my master password would take four or five seconds to parseeverything before showing the large list of logins.

Since this data was years of migrated 1Password installations and otherpassword stores, I decided to spend a few hours cleaning it up.After deleting some 300 logins and moving others into various folders, the add-on seems a bit snappier though still leaves something to be desired.I’d also like to change its keyboard shortcut to Alt+ like Cmd+ is for1Password, but Firefox’s new WebExtension system doesn’t support changing thesehard-coded keyboard shortcuts yet like Chrome does.

Vault Bitwarden

At this point I’ve been using Bitwarden’s iOS app and Firefox extensionexclusively.

Firefox Bitwarden

I have some minor things left to implement in my server

My server now hasTOTP support,and everythingseems to be working well.

Fetch the Rubywarden code from GitHubif you want to check it out.