Bitwarden serves customers globally, helping them protect, store and share their sensitive data. Protecting customer data remains paramount to our company mission and Bitwarden complies with industry standards, conducting regular audits shared transparently with users. Through an open source approach, Bitwarden software is viewed and scrutinized by an engaged community around the world.
Bitwarden complies with the EU-U.S., Swiss-U.S. Privacy Shield Frameworks.Privacy Shield Framework
Bitwarden is officially HIPAA-compliant after receiving a HIPAA Security Rule Assessment Report from AuditOne in December 2020.Bitwarden HIPAA Compliance
Bitwarden is compliant with the California Consumer Privacy Act (CCPA).
Bitwarden has completed SOC 2 Type 2 and SOC 3 compliance.Bitwarden SOC 2 certification
Bitwarden completed a thorough security assessment and penetration test.Bitwarden 2020 Security Audit
Bitwarden completed a thorough security audit and cryptographic analysis.Bitwarden 2018 Security Audit
Bitwarden is a member of the FIDO Alliance.FIDO Alliance
Bitwarden partners with leading security researchers through HackerOne to improve our software.Bug Bounty Program
The Bitwarden cloud service is hosted on Microsoft Azure.Microsoft Azure Compliance Offerings
Bitwarden takes a zero knowledge encryption approach to password management, meaning every piece of information in your Vault Is encrypted. For more information on this approach, please see:How End-to-End Encryption Paves the Way for Zero Knowledge
For information on how Bitwarden Vaults are protected, including options for Bitwarden client applications, please see:Vault Security in the Bitwarden Password Manager
Visit the Security section of our help site for more information on Bitwarden security, or jump directly to one of the following: