We take the security of Bitwarden seriously. In addition to our 100% open source codebase and public bug bounty program, we also understand the need for official security assessments and penetration testing from reputable third parties. We are pleased to announce that Bitwarden has completed a thorough security audit and cryptographic analysis from the security experts at Cure53.

In the interest of providing full disclosure, below you will find the technical report that was compiled from the team at Cure53 along with an internal report containing a summary of each issue, impact analysis, and the actions taken/planned by Bitwarden regarding the identified issues and vulnerabilities. Some issues are informational and no action is currently planned or necessary. We are happy to report that no major issues were identified during this audit and that all impactful issues have already been resolved in recent Bitwarden application updates.

We hope that this assessment reiterates our commitment to the security and integrity of the entire Bitwarden platform and helps further strengthen the trust that our users place in Bitwarden every day.

If you have any questions regarding this security audit feel free to contact us.