How to Evaluate Recent Changes at Bitwarden for Continued Trustworthiness

By

Introduction

Bitwarden has long been a trusted name in password management, especially after the LastPass exodus. Its open-source code, generous free tier, and transparent operations built a strong user base. However, recent quiet shifts in leadership, missing marketing promises, and altered company values have raised eyebrows. This step-by-step guide will help you investigate these changes yourself, so you can decide whether Bitwarden still meets your security and trust standards.

What You Need

• A Bitwarden account (free or paid) – for firsthand interface checks
• Access to the Wayback Machine (web.archive.org) – to compare historical content
• Basic familiarity with LinkedIn – to verify executive roles and moves
• Ability to browse Bitwarden's official blog and Reddit community (r/Bitwarden)

1. Step 1: Investigate Leadership Changes

   Start by checking the top management. Bitwarden's long-time CEO Michael Crandell quietly stepped into an advisory role in February 2026, with no public announcement. The new CEO, Michael Sullivan, brought a background heavy in M&A and private equity. To verify:

   • Visit LinkedIn and search for Michael Crandell – his current position should show 'Advisor' rather than 'CEO'.
   • Look up Michael Sullivan – note his previous roles at Acquia and InsightSoftware, and his references to M&A with firms like Hg and Vista Equity Partners. This background is unusual for a password manager leader.
   • Check the CFO change: Stephen Morrison left in April 2026, replaced by Michael Shenkman (ex-InVision). Again, no formal announcement.
   • Search Bitwarden's own blog or newsroom – the absence of press releases about these transitions is telling.
2. Step 2: Verify the “Always Free” Promise

   The free tier is central to Bitwarden's appeal. In mid-April 2026, the phrase "Always free" disappeared from the Bitwarden Personal product page. It returned around May 14, 2026, after user outcry. To check the timeline:

   • Go to web.archive.org and enter Bitwarden's product page URL (e.g., https://bitwarden.com/pricing/personal/).
   • Look at snapshots from March 2026 (before disappearance) – confirm presence of "Always free".
   • Examine snapshots from mid-April to mid-May – note if it's missing.
   • Check a snapshot after May 14 – see that it was restored.
   • A Bitwarden employee claimed the removal was a marketing oversight; judge whether that explanation aligns with other changes.
3. Step 3: Scrutinize the Official Company Values

   Bitwarden's culture was defined by the acronym GRIT: Gratitude, Responsibility, Inclusion, Transparency. As of March 14, 2026, these values were intact on the website. Sometime after, Inclusion became Innovation and Transparency became Trust. To confirm:

   • Visit the Bitwarden about page or culture page (e.g., https://bitwarden.com/about/).
   • Use the Wayback Machine to view the same URL from March 2026 – note the original GRIT.
   • Compare with a snapshot from May 2026 onwards – see the altered GRIT.
   • Read the old blog post by Crandell (from 2022) that explained the original values – it was edited but only halfway, leaving contradictory paragraphs. This inconsistency suggests a rushed change.
4. Step 4: Read Official Clarifications

   New CEO Michael Sullivan published a blog post covering his first 100 days. Key points to find and evaluate:

   

   • Search for Sullivan's blog post on Bitwarden's official blog (likely titled something like "My first 100 days").
   • Look for explicit statements: the free tier will remain; no trial or bait-and-switch; open-source code will stay auditable; self-hosting remains possible.
   • Note the tone – is it defensive, reassuring, or vague? Compare his promises to the actual behavior observed.
   • Cross-reference with any public comments from Bitwarden on Reddit or social media.
5. Step 5: Form Your Own Conclusion

   After gathering all evidence, decide if Bitwarden still aligns with your expectations for a password manager. Consider:

   • Are the leadership changes concerning given the M&A background?
   • Was the missing “Always free” label a genuine mistake or a test of user reaction?
   • Does changing core values signal a shift in priorities away from community trust?
   • Are Sullivan's public reassurances credible in light of the other changes?
   • Do you need self-hosting or code audit capabilities? If yes, verify those are still fully supported.

   Based on your risk tolerance, you may choose to stay with Bitwarden, look for alternatives (e.g., KeePass, 1Password, ProtonPass), or monitor future developments before deciding.

Tips

• Stay subscribed to r/Bitwarden: The community often catches unannounced changes before official news.
• Use browser extensions: Tools like Visualping or Distill can alert you to changes on Bitwarden's pricing page without manual checking.
• Keep a local backup: Export your vault periodically (encrypted) so you can migrate quickly if needed.
• Read between the lines: A lack of transparency during transitions is often a red flag for password managers.
• Consider self-hosting: If you rely on Bitwarden, self-hosting gives you more control over updates and privacy.

Related Articles

• Mastering Java Algorithms: A Comprehensive Guide to Core Techniques
• The Leader's Guide to Building Trust in a World of Information Overload
• Kubernetes v1.36: 7 Essential Insights Into Manifest-Based Admission Control
• Mastering MCP Tool Governance in .NET: A Q&A on the Agent Governance Toolkit
• Mastering Swift Internals: A Developer’s Guide
• Python Security Response Team: New Governance and Growing Membership
• How to Get Started with Python 3.15.0a5: A Developer's Guide
• Supply Chain Attack on SAP npm Packages Exposes Developer Tool Vulnerabilities