Bitwarden Glossary of Terms
Terminology | Definition |
|---|---|
Autofill | A software feature that automatically enters previously stored information into a form field. Using Bitwarden, you can autofill logins via browser extensions and mobile devices, and autofill cards and identities via browser extensions. |
Collections | A unit to store one or more vault items together (logins, notes, cards, and identities for secure sharing) by an Organization. |
Directory Connector | An application to sync users and groups from a directory service to a Bitwarden Organization. The Bitwarden Directory Connector automatically provisions and deprovisions users, groups, and group associations from the source directory. |
Groups | A set of Organization members. Groups relate together users, and provide a scalable way to assign permissions, including access to Collections, as well as permissions within each separate Collection. When provisioning new users, add them to a Group to have them automatically inherit that Group’s configured permissions. |
Items | Items are the individual secrets that can be saved and shared in Bitwarden such as logins, notes, cards, and identities. |
Vault | The secure storage area that provides a unified interface and tight access control to any items. |
Organization | An entity (company, institution, group of people) that relates Bitwarden users to an Organization Vault for secure sharing of items. |
Organization Vault | The protected area for shared items. Every user (also called a “member”) who is part of an Organization can find shared items in their My Vault view, alongside personal items. Organization Vaults allow administrators to manage the Organization’s items, users, and settings. |
Organization Member | An end user such as an employee or family member that has access to shared Organization items within their vaults, alongside personal items. |
Individual Vault | The Individual vault is the protected area for every user that stores unlimited logins, notes, cards, and identities. Users can access their Bitwarden Individual Vaults on any device and platform. Within a work context For users that are part of a Bitwarden Teams or Enterprise plan, Individual Vaults are connected to a work email address. Individual Vaults are often associated with an Organization, which allows a user to securely share credentials with teams and colleagues. Within a personal context For users that are part of a Bitwarden personal or family plan, Individual Vaults are connected to a personal email address. If part of a family plan, Individual Vaults are associated with an Organization, which allows a user to securely share credentials with family members and those they trust. |
Single Sign On (SSO) | A session and user authentication service that grants employees or users access to applications with one set of login credentials that are based on their identity and permissions. |
Master Password | Also known as a Bitwarden password, main password, account password, or vault password. In 2021, Bitwarden introduced Admin Password Reset, which enables users and organizations to implement a new policy that allows Administrators and Owners to reset passwords. |
Terminology | Definition |
|---|---|
Account | A Bitwarden account is the record defined by your username and master password (to which Bitwarden never has access.) Your Bitwarden account is used to access your Bitwarden vaults and vault items, and contains information such as billing, settings, language preference, organizations, and more. |
Account Switching | The Bitwarden feature for desktop that enables you to easily switch between multiple accounts, such as your personal or work accounts. This allows you to maintain separation of personal and work vault items, while allowing convenient access to vault items from either account. For example, your personal account will continue to remain accessible only to you as your Bitwarden Teams or Enterprise admin is never able to view your personal vault items. |
Personal Account | A personal Bitwarden account is the record defined by your username and master password (to which Bitwarden never has access) that is not associated with an Organizational Vault related to a company or business entity. A personal account is generally set up with a personal email address and contains vault items over which only you have ownership and control. |
Business Account | A business Bitwarden account is the record defined by your username and master password (to which Bitwarden never has access) that is associated with an Organizational Vault related to a company or business entity. A business account is generally set up with a business email address. |
Terminology | Definition |
|---|---|
Passwordless | Passwordless is the umbrella term used to describe a variety of authentication technologies that do not rely on passwords, including: something a user has (a security key, token, device), something they are (biometrics), and passkeys. |
FIDO | FIDO is the acronym for Fast Identity Online. It represents a consortium that develops secure, open passwordless authentication standards that are phishing proof. The FIDO protocols, which was developed by the FIDO Alliance, includes: |
Passkeys | Passkeys – the credentials derived from the FIDO2 standard for each website that a user registers to – enable users to create and store cryptographic tokens instead of traditional passwords. Today, passkeys are used to log users into an app or website with pre-authenticated device specific tokens. In the future, the process could be used with shareable or transferable cryptographic tokens. |
Terminology | Definition |
|---|---|
Secret | Sensitive key-value pairs, like API keys, that your organization needs securely stored and should never be exposed in plain code or transmitted over unencrypted channels. |
Project | Collections of secrets logically grouped together for management access by your DevOps and cybersecurity teams. |
Service account | Non-human machine users, like applications or deployment pipelines, that require programmatic access to a discreet set of secrets. |
Access token | A set of keys that facilitates service account access to, and the ability to decrypt, secrets stored in your vault. |