# Product highlights and recent updates

## Advancing Bitwarden

Bitwarden continuously adds new capabilities and is packed with features to keep businesses secure and delight admins.

### Save and share anything

How business uses stored items:

- Logins and passkeys - websites, apps, servers, routers, SSH Keys
- Cards - Company credit cards, purchasing cards (P-cards)
- Identities - Shipping addresses, mail stops, executive travel info for assistants
- Secure notes - Sensitive information, security procedures, backup codes

### Access your vault quickly without passwords

- Log in with device
- SSO with trusted devices
- Passkey login
- Biometric unlock for desktop, mobile apps and browser extension
- PIN unlock

### Make accessing websites easy for everyone

- Activate autofill policy - Autofills logins when webpage loads
- Automatic login with SSO policy - Use shortcuts in your Identity Provider’s dashboard for fast access to websites and a universal SSO experience

### Let users self-approve new SSO logins

- SSO with trusted devices allows for users to login without a password
- Users self-approve new logins from other trusted logged-in Bitwarden apps
- Approve from web, mobile and desktop apps, and browser extension

### Customize your organization with policies

- Account recovery administration policy
- Session timeout policy 
- Set other security requirements such as master password and password generator complexity

### Decide who can create and access collections

Use Collection management settings to decide how collections work. Note: adjustable only by the organization owner.

- Choose to allow admins and owners to access all items in the organization
- Decide if creating or deleting a collection can only be done by admins
- Give users the power to self-serve directly

### Enhance security for your organization

Set these policies for tighter control

- Account recovery administration
- Single organization
- Remove export
- Require Single Sign-on authentication
- Centralize organization ownership

Then

- Claim your domain
- Integrate with SIEM tools
- Run Access Intelligence reports

### Assign URIs and URI matching for internal pages

The URI (URL or mobile app identifier) verifies the page for autofill

- Create custom URI controls to adjust how autofill matching works
- Block autofill from running on specified domains (compatibility)

### Give Bitwarden to your employees

- Free Bitwarden families plan for every organization member
- Non-members, such as factory workers, can have plans sponsored too
- Reinforces good security practices outside work

### Integrate your tech stack

Set up Bitwarden to use your existing technology infrastructure

- Support for Directory integration, SCIM, SSO Identity Providers, Managed devices, SIEM
- Use Public API and Vault Management API to create your own integratio

## New in 2025

Select innovations and new business features for Bitwarden in 2025.

### Access Intelligence

Included in all Enterprise subscriptions, take action on at-risk credentials associated with high priority applications. Uncover shadow IT and unauthorized applications your members are using, prioritize risk resolution by application, guide employees to make password changes, and track security improvements.

Learn more: [Access Intelligence](https://bitwarden.com/en-gb/help/access-intelligence/)

### Vault health alerts and password coaching

Users receive proactive notifications about credential security issues directly in their vault. Bitwarden redirects users to the website’s change password form and helps generate and save a new secure password.

Learn more: [Change at-risk passwords](https://bitwarden.com/en-gb/help/change-at-risk-passwords/)

### Centralize data ownership policy

Ensure all items saved in Bitwarden are owned by the organization. Users receive a **My items** location inside the organization vault.

- Allows for complete reporting
- When employees leave the organization, admins are granted access to the user’s **My items**

Learn more: [Enterprise policies](https://bitwarden.com/en-gb/help/policies/#centralize-organization-ownership/)

### Use Bitwarden with AI - Bitwarden MCP Server

Model Context Protocol (MCP) server is the foundation for secure AI authentication with password management. Use it to write plain text commands to interact with Bitwarden. Designed for use locally with self-hosted Bitwarden servers.

Learn more: [Bitwarden sets foundation for secure AI authentication with MCP server](https://bitwarden.com/en-gb/blog/bitwarden-mcp-server/)

### Improvements to collection management settings

Additional event logging and clearer naming make it easier to understand how the settings affect the organization. In addition, a new option allowing for owners to choose whether members with the Manage collection permission may be allowed to fully delete items from the organization vault.

Learn more: [Collection settings](https://bitwarden.com/en-gb/help/collection-management/)

### New enterprise policies

Additional enterprise policies have been added to provide additional control over how Bitwarden organizations work.

- Block account creation for claimed domains
- Remove card item type
- Remove Unlock with PIN
- Default URI match detection
- Remove free Bitwarden Families sponsorship

Learn more: [Enterprise policies](https://bitwarden.com/en-gb/help/policies/)

### Log in with passkeys

Access the Bitwarden vault quickly with any passkey that supports the WebAuthn PRF extension, such as a YubiKey

- Supported in the web app and Bitwarden browser extension
- Does not need the username, password, or two-step login verification - an excellent option for an administrative break-glass account.

Learn more: [Log in with passkeys](https://bitwarden.com/en-gb/help/login-with-passkeys/)

### Browser direct import

Import credentials directly from Chromium-based browsers to the Bitwarden vault without needing to export and manage a CSV file. Improves user onboarding experience and admin deployment. Requires the Bitwarden desktop application.

Learn more: [Import directly from browser](https://bitwarden.com/en-gb/help/import-from-chrome/#import-directly-from-browser/)

### Streamlined SSO login

Simplified SSO authentication flow that reduces login steps and improves the user experience. Users that must login using SSO will have other login options grayed out.

### SSH Agent

The Bitwarden SSH Agent is built into the Bitwarden desktop application and can be used for authenticating to servers, signing Git commits, and interacting with other SSH based services. This streamlines developer workflows while maintaining centralized organization ownership.

Learn more: [SSH Agent](https://bitwarden.com/en-gb/help/ssh-agent/)

### Approve SSO logins from other devices

When using SSO with trusted devices, users can self-approve new device logins from an already-authenticated Bitwarden web, mobile and desktop application, and the browser extension. This provides flexible, secure device verification without IT intervention.

Learn more: [Approve a trusted device](https://bitwarden.com/en-gb/help/approve-a-trusted-device/)

### Claimed accounts

When an Enterprise organization claims a domain, onboarded organization member accounts that use an email address with a matching domain (e.g. jdoe@mycompany.com) will be claimed by the organization, allowing for greater control of member accounts.

Learn more: [Claimed domains](https://bitwarden.com/en-gb/help/claimed-domains/#claimed-member-accounts/)

> [!NOTE] See more
> For a full list of updates and features, visit the [Bitwarden release notes page](https://bitwarden.com/en-gb/help/releasenotes/). For monthly updates about new features and security tips, subscribe to the [Bitwarden newsletter](https://bitwarden.com/en-gb/newsletter-subscribe/).