Access your Bitwarden vault without a password

Update Sept 19, 2025: All Bitwarden clients (excluding the CLI) support approving new logins for Log in with device and new trusted devices for SSO with trusted devices.

Use another device to approve a login to your Bitwarden vault to easily and securely access your accounts without needing to type a master password. For enterprise customers using

, the same workflow approves new devices as trusted for future logins. Logins can be approved from the web app, mobile apps, or desktop app.

Before getting started, you will need to be logged into your Bitwarden account in any of your Bitwarden apps.

Open the client where you want to log in. For this example, the

, and enter your account’s email address. On the next screen you will see an option to Log in with device. Selecting this will send a push notification to your Bitwarden mobile and desktop apps for approval, and the request will appear in the web app in Security > Devices.

(Above) The sequence for approving a new login to the Bitwarden web app using the mobile Android app

Open your Bitwarden mobile app, compare the fingerprint phrases, then confirm the login request within the notification. The web app in your browser will automatically log in. Fast and easy!

To extend the passwordless experience to your mobile app you should set up

or

Unlock with PIN Code

, and be sure that the Vault timeout action is set to Lock. Now you can quickly unlock your mobile app using your fingerprint, Face ID, or a short PIN number, and by extension, access the web vault without entering your password.

Note: Log in with Device will only be available for devices that have been logged into your Bitwarden account at least once before.

Users of an enterprise organization utilizing

can initiate the same process for adding a new device as trusted. After authenticating with the SSO process on the new device, select Approve from another device, then go to your currently logged Bitwarden app to approve. View more detailed steps in

Help Center: Add a Trusted Device

.

Several technology safeguards keep this process safe:

End-to-end, zero knowledge encryption - the communication between the web vault client and the mobile app are completely encrypted with a public and private key pair, with data encrypted before it even leaves the device.

Client fingerprint phrase - the web vault login will show a Fingerprint Phrase that identifies the login attempt. It might look something like juniper-sandbar-footnote-improve-evolution. This phrase will also appear in the login request on the mobile app. You should make sure that they match before approving the request.

Two-step Login - if you have

turned on (and you should!) you will still need to complete the second step after approving the login.

Note: If you’re a member of an organization that has enabled Single Sign-On policies, you will use the the Enterprise single sign-on process instead of Log in with device.

Recognized devices only - the option to log in with a device will only be available to a Bitwarden client that has logged into your Bitwarden account before. This does not apply to adding a new device with SSO with trusted devices.

If you’re interested in the more technical aspects of how it works and the flow of encrypted data, more information is available here:

.

Visit the page on

to learn more about how Bitwarden supports a wide range of passwordless options. Key technologies such as biometric login, passkeys, SSO with trusted devices, and more help provide strong security while bringing convenience to users everywhere.

Interested in

? Get started with Bitwarden today with a free

7-day trial for business plans

or a

free individual account

today!

Editor's note: This blog was originally published on Dec 5, 2022 and updated on September 19, 2025 with new features and descriptions.