The Bitwarden Blog
Expanded two-factor authentication with FIDO2 and broader biometrics add security and usability options to Bitwarden
May 12, 2021
This latest release continues the Bitwarden mission of making password management easy and accessible for individuals and businesses. New features, such as FIDO2 WebAuthn Support for Browser Extensions and Biometrics for Safari, provide more flexibility for users to be productive on the devices and browsers they prefer. Bitwarden Send also includes enhancements based on community feedback and cybersecurity needs.
More details of what’s included in the release are outlined in the release notes.
Bitwarden Browser Extensions now support FIDO2 with the WebAuthn (Web Authentication) specification. This furthers our commitment to authentication standards, especially WebAuthn as a published World Wide Web Consortium (W3C) specification with broad industry support. FIDO2 with WebAuthn carries forward the FIDO Universal 2nd Factor (U2F) protocol, a standard for using two-factor authentication with physical security tokens, such as YubiKeys or SoloKeys. FIDO2 with WebAuthn expands two-factor login support to include biometrics and mobile devices, in addition to FIDO U2F security tokens.
FIDO2 with WebAuthn remains backwards-compatible with FIDO U2F and users with U2F security tokens should experience a seamless transition. FIDO2 with WebAuthn is supported in the Web Vault and browser extensions on any FIDO2-supported browsers including Google Chrome, Mozilla Firefox, Microsoft Edge, and Safari. Desktop support includes Windows 10 and above with future support coming for MacOS and Linux.
To learn more, check out our latest help article here.
An earlier release integrated Touch ID and Windows Hello to unlock extensions for Chromium and Firefox-based browsers including Chrome, Edge, Opera, Brave, Firefox, and Tor. Safari now joins this group as another supported browser extension. Choose any combination of login, log out, lock and timed sequences to secure your Vault the way you like.
Learn more about how to unlock your Vault with biometrics and how to get started in our help article.
Your feedback is part of this release! To accommodate email privacy, users can now choose to hide their email address when creating or editing a Bitwarden Send. If enabled, the sender’s email address will not appear on the Send landing page and the recipient will only see a warning dialogue.
Organizations also have a new enterprise policy to disable anonymous Sends. This provides more control to companies wanting to share sensitive data externally and provide recipients with the sender’s email address as another visual verification layer.
Bitwarden search capability now supports one-character searching, thanks to an open-source contributor from Guangzhou, China. This is important, given that there are many one-character words in Chinese.
For longer user and domain names, email address length now increases from 50 to 256 characters max.
Based on user input, demand for multi-language support continues and your contributions are welcomed! Bitwarden uses a translation tool called Crowdin to manage our localization effort across different languages (no programming knowledge required). You can read more in our blog post, Security is a universal language.
- To contribute to or make corrections to an existing translation, join our project.
- To start a new translation, contact the Project Owner.
Learn more about Bitwarden localization efforts in our help article.
These updates are currently being rolled out across Bitwarden clients.
Bitwarden empowers organizations and individuals to safely store and share sensitive data. With a transparent, open source approach to password management, Bitwarden makes it easy for users to extend robust security practices to all of their online experiences—no matter their location or device. Cloud and self-hosted options give customers flexibility to meet the most stringent security requirements. Bitwarden is available in nearly 40 languages with a passionate global community of security experts and enthusiasts. The company is headquartered in Santa Barbara, California and has a globally distributed team. Learn more at bitwarden.com
Start a free 7-day trial for business plans at https://bitwarden.com/pricing/business/.
Individuals can access a Bitwarden Premium Account for just $10/year or a free account at https://bitwarden.com/pricing/.
Back to Blog