# Trusted Password Manager for Government and Public Sector | Bitwarden Secure your agency with compliant and trusted password and secrets management. Deploy to your own infrastructure by self-hosting or utilize an audited, secure cloud solution. --- CREDENTIAL MANAGEMENT FOR GOVERNMENT AND PUBLIC SECTOR ## Protect public sector systems from credential-based attacks ![cisco security hero.jpg](https://bitwarden.com/assets/4E5Xga3crTDDLy4Jsks6Tv/c9e6b716f951b1cf37905b4759a6cad9/cisco_security_hero.jpg) [Talk to Sales](https://bitwarden.com/go/contact-bitwarden-sales-gov/) ## Trusted by governments and the public sector ![NASA-Logo-Large](https://bitwarden.com/assets/GmXHxB2fVxi6ee8iRUszU/5206fc150b445ac60f7afddad613d347/NASA-Logo-Large.png) ![ga state seal](https://bitwarden.com/assets/2RqqedIVGYrPp0gM6V3vUV/04df3bc239177aa69f31026ce000f23c/ga_state_seal.jpg) ![Maricopa County](https://bitwarden.com/assets/3wfPuNHlPAcpxW7W72oeFe/b6093ea2828f7ecfd4f780db06a693a8/Maricopa_County.png) ![city of albany black](https://bitwarden.com/assets/6pxwi3E0mOq8TDdskJZvfD/1587f98b9a4a0a78d861d8b3faaa1724/city_of_albany_black.svg?fm=png&w=800&q=90) “We selected Bitwarden because it met all of our requirements. The web UI was fantastic, and the migration process allowed us to rapidly deploy Bitwarden across our organisation. We never looked back.” - Mark Miller | NASA Systems Engineer ![NASA-Logo-Large](https://bitwarden.com/assets/GmXHxB2fVxi6ee8iRUszU/5206fc150b445ac60f7afddad613d347/NASA-Logo-Large.png) ## Bitwarden helps government agencies secure the credentials that keep public systems running ### Credential security for all systems Whether using modern passkeys, SSO-integration, or password-based legacy systems, Bitwarden secures it all from one central location. ![icon-secure-devices-blue](https://bitwarden.com/assets/6hwkQEq9k9K1F3jF3YKHlw/df9d3773a9e5e7bcb6f96594fbeb2751/icon-secure-devices.png) ### Secure collaboration across departments and contractors Bitwarden lets IT grant granular, need-to-know access to the right credentials for the right people without exposing everything to everyone. ![icon-msp-partner-trust-blue-1](https://bitwarden.com/assets/6BWl4KAa8bbEBB2ooTYRxO/74fa904b88456bbefa78630d2401516b/icon-msp-partner-trust.png) ### Employee transitions covered When staff change roles or leave, shared credentials remain in the vault. Centralized ownership ensures that sensitive items stay secure and can be easily reassigned without disruption. ![icon-admin-user-blue](https://bitwarden.com/assets/5pVcD8kjS0D1th1EuCeZFc/02c94dfcae8f113a2fff1e75b789131b/icon-admin-user.png) ### Security employees will actually use Intuitive interface, cross-platform compatibility, and availability in 40+ languages means high adoption across your agency. Employees take home a separate free Families plan to reinforce security habits. ![icon-training-blue](https://bitwarden.com/assets/3HuiqQJ1hF6oAxiBHBzh3t/4031fbf8f262415981ddb759cd65bf48/icon-training.png) ## Fulfill FedRAMP or GovRAMP compliance Self-host Bitwarden on your own compliant infrastructure. Bitwarden clients and apps are fully compatible with a self-hosted installation, and many government agencies use this successfully today. As a municipality responsible for securing critical systems across departments, the City of Albany needed greater control and visibility into how credentials were shared. **“We can limit access to credentials on a need-to-know, privileged basis, which is important for government agencies. On the IT side... we knew we needed to self host... to have a secure on-premises password management solution backed by a vendor dedicated to the on-premises model is of paramount importance."** — Sean Park, CIO, City of Albany ![city of albany black](https://bitwarden.com/assets/6pxwi3E0mOq8TDdskJZvfD/1587f98b9a4a0a78d861d8b3faaa1724/city_of_albany_black.svg?fm=png&w=800&q=90) ## Enterprise features for the public sector ### Enforce security policies Set organization-wide security controls, enforce least-privilege access through RBAC, and set up the core for a zero-trust security strategy ![icon-secure-enterprise-blue](https://bitwarden.com/assets/1PoW1bWdy9WXLcLG2ZAlrP/cae9154d5ca29ecc3fd7c80349f4d3d2/icon-secure-enterprise.png) ### Auditable event logs Capture detailed records of over 50 event types with timestamps, IP addresses, user identity, and client type retained indefinitely. Exportable for compliance reporting. ![icon-report-blue](https://bitwarden.com/assets/4oFSk9IOX9dJnpPf4taqdK/feb7550a379ca746d39fbbd534ec587a/icon-report.png) ### Use your existing stack Connect to your existing tools for identity services, SIEM, SCIM, SSO and more. Build your own integrations and automations with Bitwarden APIs. ![icon-api-blue](https://bitwarden.com/assets/1pANf6q3DlQt9HdYyIXClt/3ab997c069114627352c1299e7b2e05f/icon-api.png) ### Secrets management Bitwarden Secrets Manager protects developer secrets and secures AI agentic processes. Available as part of the Bitwarden portfolio. ![icon-secure-password-blue](https://bitwarden.com/assets/23sInJQTL0gvxZnXp3tiAW/6fe12543781bb7a49c88916d40082b6d/icon-secure-password.png) ### Uncover shadow IT and reduce credential risks *Access Intelligence* Identify the applications being used in your organisation and proactively protect your business from credential risks. ## Why agencies at all levels trust Bitwarden ![badge-compliance-iso27001](https://bitwarden.com/assets/3Q1bRprPg8qBybfl8myUou/d60fd3aeb85668dcdb0f386d9081d1a9/badge-compliance-iso27001_1_.svg?fm=png&w=800&q=90) ![soc2-color](https://bitwarden.com/assets/5qmV5rn9DTKKMsMskBs9Cv/dc310737497ba3d1b649dcde127c8756/badge-compliance-soc2-color.webp) ![gdpr-color](https://bitwarden.com/assets/3JONk7fDxmJ78aQyIyYWHW/8f2a1809e44dbc27af335b4eebaa19b6/gdpr-compliant.webp) ![data-privacy-framework](https://bitwarden.com/assets/2nkWHG7l2ksezkL4dbMp3R/14ac3b59e6798291bbd6cad1729bc9c6/DPF-logo-certifications-page.png) ![hipaa-color](https://bitwarden.com/assets/7emd1yp1u4qICPVWm5xQ4O/6ed576b7b9e57fe684dbcd969d9d97f5/hipaa-compliant.webp) ![ccpa-color](https://bitwarden.com/assets/3BK0h7RmAmz2aXRpsCpnkF/e66d7d8a990fd1c7648364aa017c39fd/badge-compliance-ccpa-color.webp) **Meets public sector security standards**Bitwarden is certified for ISO 27001, SOC 2 Type II, and SOC 3, and supports compliance with NIST Cybersecurity Framework, NIST SP 800-63B, NERC CIP, and HIPAA requirements. **Supports the frameworks government teams are measured against**The security controls in Bitwarden support compliance with key government and critical infrastructure framework, directly addressing requirements under the NIST Cybersecurity Framework and NERC CIP. **Provides full control with self-host flexibility** Enables secure credential management on your own verified infrastructure or air-gap requirements. **Open source, third-party audited** Bitwarden code is available for anyone to inspect, and audited annually by third-party agencies. **Protects with zero-knowledge encryption** Only authorized users can access sensitive information, critical for zero-trust environments. ## Protect your agency with Bitwarden ### Enterprise *For businesses that need advanced protection and control.* **$6** *per month / per user, billed annually* **Maximum protection** All Premium and Teams features, plus enterprise-level capabilities such as: - Granular access control - Passwordless SSO integration - Easy account recovery - Flexibility to self-host - Access Intelligence risk remediation [new] - Free Families plan for all users [Talk to Sales](https://bitwarden.com/go/contact-bitwarden-sales-gov/) --- ### Request a quote *For agencies with hundreds or thousands of employees contact sales for a custom quote and see how Bitwarden can:* *per month* - Reduce cybersecurity risk - Boost productivity - Integrate seamlessly Bitwarden scales with any sized business to bring password security to your organization [Get Free Quote](https://bitwarden.com/go/contact-bitwarden-sales-gov/) --- Pricing shown in USD and based on an annual subscription. Taxes not included. ## Resources for government IT and security teams **BLOG** ### How state and local government benefits from password management With ransomware attacks on the rise the time to secure passwords is now [Read more](https://bitwarden.com/en-gb/blog/how-state-and-local-goverment-benefits-from-password-management/) **CASE STUDY** ### Public sector agency moves to Bitwarden for its secure, scalable sharing model The City of Albany, Oregon, upholds its security-first reputation with on-premises password management. [Read more](https://bitwarden.com/en-gb/resources/public-government-agency-moves-to-bitwarden/) **CASE STUDY** ### Cloud-based password manager or self-hosted: Which is better for an organisation? The combination of zero-knowledge encryption, automatic security updates, high availability architecture, and comprehensive compliance certifications makes cloud deployment the practical choice for teams seeking maximum security. [Read more](https://bitwarden.com/en-gb/resources/cloud-based-password-manager-or-self-hosted/) ## Awards and Recognition ![millions-customers-trust-bitwarden](https://bitwarden.com/assets/6PLCdWI1MGA3pjrDYaqlC/a94aa530aaad1fad7c4166839df9790f/millions-customers-trust-bitwarden.png) ![chrome-apple-ratings](https://bitwarden.com/assets/pnhB8Fu1vhLkbFF3iEmXa/f073ebf18f517b694270448f2dfb7b1b/chrome-apple-ratings.png) ![three-g2-badges](https://bitwarden.com/assets/5B81Aj9KW1iMdSFYT87ZpC/26b03acb58973069f90a6bc1e3af7404/three-g2-badges.png) ![g2-rating-start-top-50](https://bitwarden.com/assets/1I86PvwiYWVVayP7kPUvka/5e53b4cb3403ac07f8d925ce85eb1344/g2-rating-start-top-50.png) ![hundred-thousand-community memebers](https://bitwarden.com/assets/Xn4u9CQNuogrUx6grSLjo/617f74d213192ff2e8dcee5442ac0273/hundred-thousand-community_memebers.png) ## Frequently Asked Questions ### Is Bitwarden FedRAMP compliant? While Bitwarden itself is not certified, agencies subject to FedRAMP or GovRAMP requirements are able to deploy a self-hosted version of Bitwarden on their own compliant servers. This deployment works in offline and air-gapped environments as well. ### What reports are available for vault data? [Vault health reports](https://bitwarden.com/en-gb/help/reports/) (available on all paid plans) can be used to evaluate the security of your Bitwarden individual or organization vault and include exposed, resused, and weak passwords, unsecure websites, inactive two-step login, and data breach reports. - [https://bitwarden.com/help/reports/](https://bitwarden.com/en-gb/help/reports/) ### What encryption is used? Bitwarden uses [AES-CBC](https://bitwarden.com/en-gb/help/what-encryption-is-used/#aes-cbc/) 256-bit encryption for your Vault data, and [PBKDF2](https://bitwarden.com/en-gb/help/what-encryption-is-used/#pbkdf2/) SHA-256 to derive your encryption key. For more information, see the [Bitwarden Security Whitepaper](https://bitwarden.com/en-gb/help/bitwarden-security-white-paper/). - [https://bitwarden.com/help/what-encryption-is-used](https://bitwarden.com/en-gb/help/what-encryption-is-used/) - [https://bitwarden.com/help/bitwarden-security-white-paper/](https://bitwarden.com/en-gb/help/bitwarden-security-white-paper/) ### Does Bitwarden support Single Sign-on? (SSO) Yes, [login with SSO](https://bitwarden.com/en-gb/help/about-sso/) allows Enterprise organizations to leverage their existing Identity Provider to authenticate users with Bitwarden using the [SAML 2.0](https://bitwarden.com/en-gb/help/configure-sso-saml/) or [Open ID Connect (OIDC)](https://bitwarden.com/en-gb/help/configure-sso-oidc/) protocols. - [https://bitwarden.com/help/about-sso/](https://bitwarden.com/en-gb/help/about-sso/) - [https://bitwarden.com/help/configure-sso-saml/](https://bitwarden.com/en-gb/help/configure-sso-saml/) - [https://bitwarden.com/help/configure-sso-oidc/](https://bitwarden.com/en-gb/help/configure-sso-oidc/) ### Does Bitwarden have event logs? [Event logs](https://bitwarden.com/en-gb/help/event-logs/) are timestamped records of events that occur within your Teams or Enterprise organization. Events logs are exportable, accessible from the /events endpoint of the [Bitwarden Public API](https://bitwarden.com/en-gb/help/public-api/), and are retained indefinitely. Event logs record over 50 different types of events and captures a Timestamp for the event, client app information including application type and IP (accessed by hovering over the globe icon), the User connected to the event, and an Event description. - [https://bitwarden.com/help/event-logs/](https://bitwarden.com/en-gb/help/event-logs/) - [https://bitwarden.com/help/public-api/](https://bitwarden.com/en-gb/help/public-api/) ### What types of integrations are supported? Bitwarden supports a comprehensive set  of integrations to enhance security and streamline operations, including: - **Single sign-on integrations**: Connect Bitwarden with leading identity providers for seamless authentication. - **Directory integrations**: Synchronize users and groups effortlessly from your directory services. - **Event monitoring integrations**: Link Bitwarden with your preferred SIEM tools for enhanced monitoring and analysis. - **Multi-factor authentication (MFA) integrations**: Add an extra layer of security with various MFA options. - **Email alias integrations**: Simplify privacy with integrated email alias providers. - **Bitwarden Secrets Manager integrations**: Securely integrate your CI/CD pipelines and infrastructure with Bitwarden Secrets Manager. ### Where can I learn about Bitwarden security and architecture? For information on the Bitwarden approach to security and underlying architecture (including data flow diagrams) see: - [Bitwarden Architecture presentation in Google Slides ](https://docs.google.com/presentation/d/e/2PACX-1vQ6TYugqWe341Df0_HHpr--9s8TfL8B2KsNWKRI1zKZYDQ9kkxi_eIubeOsgb4RouxmwXbO_UzgQRUr/pub?start=false&loop=false&delayms=3000) - [Bitwarden Security Whitepaper](https://bitwarden.com/en-gb/help/bitwarden-security-white-paper/) ### What is the difference between Bitwarden Secrets Manager and Bitwarden Password Manager? Bitwarden Secrets Manager is built for developer teams to centrally store, manage, and deploy privileged secrets. Secrets Manager is tailored for infrastructure secrets and is supported only by the web app and the CLI clients. If you are looking to help your employees manage their personal credentials, check out [Bitwarden Password Manager](https://bitwarden.com/en-gb/products/business/). ### How does Bitwarden Secrets Manager support agentic AI? Bitwarden Secrets Manager enables teams to securely provision AI agent access to pre-determined development secrets to use in scripts and CI/CD pipelines. By replacing plaintext API keys and other secrets with Bitwarden generated secret ID strings, you can help prevent AI agents from gaining unauthorized access to credentials and ecosystems. Learn more about [how to use Bitwarden Secrets Manager to protect environment variables from agent access](https://bitwarden.com/en-gb/blog/secure-ai-agent-access-with-secrets-manager/). ### What is Bitwarden Access Intelligence? Bitwarden Access Intelligence is a comprehensive offering built to protect the whole organisation from credential-related risks. With Bitwarden Access Intelligence, proactively identify credential risks, prioritise critical applications, guide employees to update passwords, and measure security improvements. ### How does Bitwarden protect my business credentials? Bitwarden protects your business credentials through several key features: 1. End-to-End Encryption: Bitwarden provides a secure, end-to-end encrypted vault for storing and sharing credentials such as usernames, passwords, and other sensitive data. This ensures that only authorised users can decrypt and access the information using their master password. 2. Password Management: Bitwarden helps businesses manage passwords by allowing employees to generate, store, and share strong and unique passwords. This is crucial for protecting against data breaches, especially when combined with two-factor authentication (2FA). 3. Security Features: Bitwarden offers vault health reports to detect at-risk credentials, such as exposed, reused, or weak passwords. This enables IT admins to notify employees and replace weak credentials with strong, unique ones using the built-in password generator. 4. Single Sign-On (SSO) and Multi-Factor Authentication (MFA): Bitwarden integrates with SSO providers like Duo, enhancing security by reducing the number of passwords employees need to manage and providing additional authentication layers. 5. Administrative Controls: Bitwarden allows for comprehensive administrative controls, enabling organisations to manage credentials centrally while allowing user-centric usage. This includes monitoring and reporting features to track credential usage and security. 6. Credential Lifecycle Management: Bitwarden provides tools for managing the entire lifecycle of credentials, from creation to deletion, ensuring that credentials are securely managed and that access is revoked when no longer needed.  These features collectively help businesses maintain a strong security posture by protecting sensitive credentials from unauthorised access and potential cyber threats. ### Is Bitwarden compliant with regulatory standards? Yes, Bitwarden is compliant with several regulatory standards. It adheres to industry security standards and holds certifications such as ISO 27001, SOC 2 Type II and SOC 3. Bitwarden is also compliant with privacy regulations such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and the Health Insurance Portability and Accountability Act (HIPAA). Additionally, Bitwarden complies with the Data Privacy Framework (DPF), which was previously known as Privacy Shield, ensuring the safe transfer of personal data. ### Can we self-host Bitwarden for complete data control? Yes, you can self-host Bitwarden to have complete control over your data. Self-hosting allows you to manage business credentials and custom security policies on your own server. This setup provides true data sovereignty, enabling you to apply your own security model, control backups, and ensure availability according to your specific needs. You can place your Bitwarden installation behind a proxy, firewall, and other safeguards for enhanced data security. Self-hosting Bitwarden is particularly beneficial for organisations with strict data compliance requirements, as it allows you to meet specific compliance and internal data residency policies. It also offers the flexibility to integrate with your existing IT infrastructure, including directory services and identity providers. However, it requires technical resources and expertise to manage server maintenance, security, and updates. ### Does Bitwarden integrate with Directory Services? [Directory Connector](https://bitwarden.com/en-gb/help/directory-sync/) (downloadable application available for all business plans) will query the source directory and provision and deprovision users, groups, and associations. [SCIM](https://bitwarden.com/en-gb/help/about-scim/) (available in the web vault for business plans) will automatically push updates to Bitwarden, to provision or revoke users. - [https://bitwarden.com/help/directory-sync/](https://bitwarden.com/en-gb/help/directory-sync/) - [https://bitwarden.com/help/about-scim/](https://bitwarden.com/en-gb/help/about-scim/) ### What policies can admins enforce? Bitwarden administrators can enforce [enterprise policies](https://bitwarden.com/en-gb/help/policies/#what-are-enterprise-policies/), including master password complexity requirements, two-factor authentication mandates, personal vault usage restrictions, password generator settings, single organisation limitations, vault export controls, SSO authentication requirements, account recovery options, and passwordless login enforcement. Policies are configured before user onboarding and apply organisation-wide to maintain security standards. ### Is Bitwarden audited? Bitwarden regularly conducts comprehensive third-party security audits with notable security firms. These annual audits include source code assessments and penetration testing across Bitwarden IPs, servers and web applications. [Learn more >](https://bitwarden.com/en-gb/help/is-bitwarden-audited/)