Your Master Password
About Your Master Password
Your Master Password is the primary method for accessing your Vault. It’s critically important that your Master Password is:
Memorable: Bitwarden is a Zero Knowledge/Zero Trust solution. This means that the team at Bitwarden, as well as Bitwarden systems themselves, have no knowledge of, way to retrieve, or way to reset your Master Password. Don’t forget your Master Password! Bitwarden won’t be able to reset it or recover your Vault data if you do.
For our technically-inclined users, see the article on Encryption to find out how we accomplish Zero Trust.
Strong: The longer, more complex, and less common your Master Password is, the safer your Vault data will be. Using something like
passwordfor your Master Password could let a capable attacker crack your Vault in less than a second!
Use Bitwarden’s free Password Strength Testing Tool to test the strength of some Master Passwords you’d consider using.
For our technically-inclined users, learn about the tool we use to calculate password strength, called zxcvbn.
If you’re worried about forgetting your Master Password, the team at Bitwarden has a few recommendations for you:
- Setup a Master Password Hint. Once setup, a Master Password Hint can be requested on the Login Screen. The hint will be emailed to you, not displayed on the web page, so as long as your inbox isn’t compromised you won’t have to worry about prying eyes (that said, we don’t recommend using a hint that would give away your Master Password to anyone other than yourself).
- Designate a Trusted Emergency Contact. If you have a Premium subscription, you can proactively configure your Vault to grant access in the case of emergency to another Bitwarden user.
Changing Your Master Password
- Log in to your Web Vault.
- Select the Settings tab from the top navigation.
- On the My Account page, scroll down and locate the Change Master Password section.
- Enter your Current Master Password.
- Enter and Confirm your New Master Password.
- Select the Change Master Password button.
Completing these steps will log you out of your current session, requiring you to log back in with you new Master Password. Currently logged-in client applications (Mobile Apps, Browser Extensions, etc.) may remain active for up to an hour, however they will eventually also require you to log back in with your new Master Password.
Opting to rotate account’s encryption key is a potentially dangerous operation. Read the article on Account Encryption Keys before doing so to fully understand the ramifications and required follow-up procedures.
I Forgot My Master Password
As described in the About Your Master Password section, Bitwarden has no knowledge of, way to retrieve, or way to reset your Master Password. If you’ve already lost your Master Password, there is unfortunately no way for the team to recover the account or the data therein. You will need to delete your account and start a new one.
If you’re using any Bitwarden client applications (Mobile Apps, Browser Extensions, etc.) you should check whether any of these sessions are still logged in prior to deleting your account. If a client application is still logged in, you should manually catalogue your Vault items to preserve your data.
Complete the following steps to delete your account:
- Navigate to vault.bitwarden.com/#/recover-delete.
- Enter the Email Address associated with your account.
- In your email inbox, open the email and verify that you want to delete this Bitwarden account.
Once deleted, you’re free to create a new Bitwarden account with that email address. If you delete a Bitwarden account that has a Premium subscription associated with it, Contact Us and we’ll reapply your existing subscription to the new account.