Release Notes
Bitwarden believes source code transparency is an absolute requirement for security solutions like ours. View full, detailed Release Notes in GitHub using any of the following links:
Bitwarden incrementally updates each client application (Desktop, Browser Extension, Mobile, etc.) and for self-hosted servers following the initial release to ensure feature efficacy and stability. As a result, client applications and self-hosted servers should expect listed features following the initial release. Please review Bitwarden software release support documentation.
tip
Want Release Announcements delivered straight to your inbox? Sign up to receive an email update with the latest Bitwarden release notes.
You can also subscribe to the Bitwarden Status RSS Feed for service updates, including announcements of release windows.
This release includes:
My Account
Email verification during sign up for all clients: Users who create a new Bitwarden account using any Bitwarden client will now be asked to verify their email before creating a master password. Learn more here.
Password Manager
Inline autofill menu password generation: The inline autofill menu can now be used to easily generate passwords when filling out account creation or password update fields. Learn more here.
Inline autofill menu options for cards and identities: You can now turn on and off the option to include cards and identities as suggestions in the inline autofill menu. Learn more here.
iOS copy & paste updates: Several updates have been added to Bitwarden on iOS copy & paste functionality for ease of use.
Improved error handling for non-official servers: To help users who are using non-official Bitwarden servers, new error messaging has been added to help identify errors when connecting to a non-official server.
Temporarily remove 'Allow screen capture' toggle on desktop apps: To improve the experience with this feature, it has been temporarily removed from macOS and Windows desktop apps. Desktops apps will, for now, be captured by screenshots and screen sharing.
Increase min number of words for passphrases: The passphrase generator will now require that generated passphrases include at least 6 words, except on mobile clients. Learn more here.
Admin Console
Collection management settings update: The limit collection creation and deletion to owners and admins setting has been separated into two individual settings for each action respectively. Learn more about collection management here.
Can manage permission required for deleting collection items: The Can manage permission is now required in order to delete collection items. Users with Can edit will not longer have the capability. Learn more about member permissions here.
This release includes:
Admin Console
Restrict access to
bw list org-members
command: This command, and the equivalent endpoint in the Vault Management API, is now restricted to owners, admins, and custom users with the "Manage users" permission.
Provider Portal
Billing system migration: Starting this month, existing providers will begin to be migrated to the updated client organization billing system. Learn more here.
This release includes:
My Account
Email verification during sign up: Users who create Bitwarden accounts through the web app will now be asked to verify their email before they create a master password. Learn more here.
Password Manager
Unlock with biometrics - Linux browser extension: Unlock with biometrics for the Bitwarden browser extension is now available for Linux users on Chromium-based browsers. Learn more here.
Desktop apps prevent screen capture: By default, desktop apps for Windows and macOS will now prevent screen capture and recording. Learn more here.
Sync a locked vault on desktop: Desktop apps can now manually sync even when the active account is locked. Learn more here.
Admin Console
Microsoft Sentinel integration: A new native integration is available for security information and event management (SIEM) with Microsoft Sentinel. The integration offers comprehensive event coverage across authentication, organizational activities, and vault items. Learn more here.
Ping Identity SCIM support: System for cross-domain identity management (SCIM) with Ping Identity is now officially supported for Bitwarden organizations. Use the Ping Identity SCIM integration to automatically provision members and groups in your Bitwarden organization. Learn more here.
Upgrade plan UI improvements: Improvements have been made to streamline the process for upgrading your organization to another plan. Learn more here.
Automatically log in users for allowed applications policy: This new policy will allow IdP administrators to enable non-SSO applications to automatically log in users when launched from their IdP dashboard. Learn more here.
This release includes:
Password Manager
PDF attachments now downloaded by default on web app: PDFs stored as item attachments will be downloaded to your device for viewing, rather than opening in a new browser tab. Learn more here.
Secrets Manager
New Machine account view: Machine accounts have a new Config tab, which provides a quick view of information that might be required when configuring an application to use a machine account. Learn more here.
This release includes:
Password Manager
Inline autofill menu for passkeys: Use the inline autofill menu to authenticate with passkeys. Learn more here.
Admin Console
Member access report: Enterprise organizations can use the member access report to monitor organization member's access to groups, collections and items. Learn more here.
Fix for removed user events: Events are now properly logged for users removed via the Public API or Directory Connector.
This release includes:
Password Manager
Native mobile app for iOS: Password Manager mobile apps downloaded via the Apple App Store have been upgraded to native mobile applications. Learn more here.
Password generator for password-protected exports: Bitwarden can now generate unique passwords for password-protected exports. Learn more about password-protected exports here.
Admin Console
Rapid7 SIEM integration: Bitwarden organizations can now use Rapid7 for security information and event management (SIEM). Learn more here.
note
In a future release, Password Manager mobile apps downloaded via the Apple App Store and Google Play Store will be upgraded to native mobile applications. Learn more here.
This release includes:
Password Manager
Autofill cards and identities: Additional autofill methods can now fill cards and identities:
Unlock with biometrics Linux desktop app: Unlock with biometrics on the Bitwarden desktop app is now available for Linux users using Polkit. Learn more here.
Secrets Manager
Display total amount of machine accounts, projects and secrets: The Secrets Manager navigation bar will now display the total number of machine accounts, projects, and secrets that you have access to.
Admin Console
Additional supported options when changing member decryption options: If your organization moves from SSO with trusted devices to master password decryption, users will be prompted on next log in to create a master password instead of requiring administrators to issue one beforehand. Learn more here.
Provider Portal
UI improvements: The "People" page has been renamed to the "Members" page and the color scheme of the Provider Portal has been changed to match the Admin Console.
This release includes:
Secrets Manager
New Secrets Manager landing page: Quickly learn more about Secrets Manager and sign up for the product directly from the web app. Learn more here.
Provider Portal
Limiting provider access to vault items: For added security and privacy for clients, provider users may no longer directly view, manage, or create items in client organizations' vaults. Provider users may, however, import vault data directly to client organizations.
This release includes:
Provider Portal
Consolidated billing for new providers: Billing procedures for providers that join Bitwarden after this release are now streamlined and managed exclusively from the Provider Portal. Existing providers will be migrated to the new billing system in a future release. Learn more here.
This release includes:
Password Manager
Remove user verification for passkeys: The recent update requiring user verification for using a passkey on the browser extension has been temporarily rolled back.
PRF-Enabled Passkeys will persist through account encryption key rotation: PRF keys used when logging into Bitwarden with a passkey will now persist if users rotate their account encryption key. Learn more here.
Invite clarification for emergency contacts and Providers: Trusted emergency contacts and Provider users will now move to a "Needs confirmation" state after they've accepted an invitation to make your next steps clearer.
Bulk assign items to collections: From the Vaults view, you can now bulk assign items to an organization's collections. A previous version of this feature was called "Move to organization". Learn more here.
Renamed adding items to folders: From the Vaults view, the option to add item to a folder has been renamed from "Move selected" to "Add to folder". Learn more here.
Deprecate desktop app setting: The desktop app can now approve device logins by default. Learn more here.
Improved SSO identifier workflow: Admins can now distribute the URL of the Enterprise single sign-on screen with their SSO identifier included as a query parameter to automatically redirect organizations members to the IdP for a more streamlined SSO experience. Learn more here.
Secrets Manager
Add direct access to a secret: People and machine accounts can now be directly granted access to a secret rather than requiring a project as an intermediary. Learn more here.
Self-hosting
note
Users should upgrade self-hosted servers to at least this version prior to the 2024.10.x release to ensure compatibility with clients using vault item keys.
Support for bulk device approval: Self-hosted Bitwarden servers now support bulk device approval for SSO with trusted devices. Learn more here.
Security
Vault item keys: An extra layer of encryption in the form of a new encryption key generated for each individual vault item has been added. Learn more here.
Plans and Pricing
Invoicing update, monthly-billed organizations: Teams and Enterprise organizations billed monthly will see any prorated seat count adjustments included in their next occurring monthly invoice, rather than in a newly generated invoice per seat count change.
Invoicing update, annually-billed organizations: Teams and Enterprise organizations billed annually will see any prorated seat count adjustments included in a once-a-month adjustment invoice, rather than in an immediately-generated separate invoice per seat count change.
This release includes:
Password Manager
SSO with trusted device bulk approval: Admins and owners may now approve trusted device requests in bulk using the web app or CLI.
Legacy user encryption key migration: Bitwarden accounts created prior to 2021 will have their account encryption keys migrated to Bitwarden's modern user symmetric key. These users will be logged out of non-web Bitwarden clients until they have completed the migration by logging into the Bitwarden web client. Learn more about Bitwarden encryption here.
Self-hosting
Support for more collection management options: Self-hosted Bitwarden servers now support the Owners and admins can manage all collections and items collection management option. Learn more here.
This release includes:
Password Manager
Collections management update: A collection management option has been added that allows you to determine whether admins and owners are automatically provided management permissions to all collections, and the items therein, in your organization. Learn more here.
This release includes:
Password Manager
User verification for passkeys: Browser extensions may now prompt users to verify with biometrics, PIN, or master password when using a stored passkey to login. Learn more here.
In-product getting started: Users that are new to Password Manager will now be shown a getting started module to help them get started protecting credentials quickly.
Browser extension settings reorganization: Use the newly reorganized settings screen on browser extensions to quickly locate and modify browser extension settings.
Firefox extension gains full functionality in private windows: Bitwarden browser extensions used in Firefox private windows no longer have any limitations. Learn more here.
Additional location for product switcher: The product switcher, used to move between Password Manager, Admin Console, Secrets Manager, and Provider Portal can now also be found in the bottom left of your navigation.
Password-protected export for browser extensions and desktop: Browser extensions and desktop apps can now export password protected encrypted exports. Learn more here.
Bitwarden Authenticator
Import to Bitwarden Authenticator: Import data directly to Bitwarden Authenticator from a variety of other authenticator apps, including Google Authenticator, LastPass Authenticator, Raivo, and 2FAS. Learn more here.
Secrets Manager
Start a Secrets Manager trial: Start a Secrets Manager enterprise trial to test a proof-of-concept and gain access to enterprise features like SSO and SCIM integrations, enterprise policies, self-hosting, event logs, and priority support. Sign-up for a free 7-day trial of Secrets Manager today.
Secrets Manager Kubernetes Operator (beta): Use the Bitwarden Secrets Manager Kubernetes Operator to securely and efficiently integrate Secrets Manager into Kubernetes workflows. Learn more here.
Admin Console
Configure custom users via API: Organization members' custom role permissions can now be configured via the Public API. Learn more here.
This release includes:
Password Manager
Clone organization items from My vault: Users with Can manage permission can now clone organization-owned items from their Vaults view. Learn more here.
Browser extension platform upgrade: Starting this week, Password Manager browser extensions will begin a gradual upgrade to a new extension platform called Manifest V3, beginning with 1% of users and increasing incrementally throughout the month of May. You do not need to take action either to initiate this upgrade or once it’s completed.
Admin Console
Splunk Cloud integration: The Bitwarden Event Logs app is available for information and event management on Splunk Cloud Classic and Splunk Cloud Victoria. Learn more here.
Self-hosting
Collection management and deprecation of manager role: Self-hosted servers can now access collections management functionality and will have users with the Manager role migrated to the User role with a new Can manage permission. Learn more here.
tip
If you're self-hosting, set your collection management settings in your cloud organization and then update your self-hosted server's license to carry those settings over to your self-hosted organization.
This release includes:
Password Manager
Use passkeys on mobile apps: Password Manager mobile apps can now be used to create and sign in with passkeys. This feature is available for iOS and as a beta for Android. Learn more here.
Delete stored passkeys: Passkeys that have been stored with Bitwarden login items can now be deleted using the Bitwarden browser extension and desktop app. Learn more here.
Additional permission for browser extensions: Browser extensions in this version require a new permission from Manifest V2 browsers to better manage content script injection. Learn more here.
Secrets Manager
New integrations page: Get quick access to Secrets Manager integrations through the new page available from the Secrets Manager web app.
Secrets Manager CLI Docker image: The Bitwarden Secrets Manager CLI is now available as a Docker image. Learn more here.
Introducing the new Bitwarden Authenticator standalone mobile app. Use Bitwarden Authenticator to generate verification codes for two factor authentication for apps and websites. Download from app stores or learn more.
This release includes:
Password Manager
Delete stored passkeys: Passkeys that have been stored on Bitwarden login items can now be deleted from the Vault item → Edit screen of the Bitwarden web app. Learn more here.
Secrets Manager
"Service accounts" now "Machine accounts": Service accounts have been renamed to machine accounts.
tip
With recent migrations to a new permissions structure that brings greater collections management flexibility to your organization, vault items that are not assigned to a specific collection are now no longer displayed in your Password Manager All vaults view. Learn how to access these items.
This release includes:
Password Manager
New languages available for Bitwarden apps: With the contributions of community translators, new language options are now available across Bitwarden apps! See a complete list of languages here. Learn more about contributing to Bitwarden localization here.
Desktop app hardware acceleration: Bitwarden desktop apps now have an option to turn on or off hardware acceleration to optimize performance. This setting is enabled by default.
Admin Console
Bulk assign items to collections: Organization items can be assigned to collections in bulk from the Admin Console. Learn more here.
This release includes:
Self-hosting
New logs functionality for Linux deployments: Linux deployments using the standard
bitwarden.sh
shell script can now use a new option to download compressed log files (see here).
This release includes:
Password Manager
Web app navigation update: The Bitwarden web app has been totally redesigned! We hope you enjoy the new experience (learn more).
Duo 2FA login update: Duo has introduced Universal Prompt for users and admins. Duo admins who have enabled the service will see slight changes to the Duo 2FA login process. See here.
Self-hosting
Support for log in with passkeys (beta): Self-hosted Bitwarden servers now support the log in with passkeys feature (see here).
This release includes:
Admin Console
Collection management for end-users: Organizations now have the option to allow all users to create and manage their own collections. This option, located on the Organization info screen, is opt-in for existing organizations and opt-out for organizations created after 2024.2.2 (see here).
Deprecation of Manager role: When you turn on collection management, organization users with the Manager role will be migrated to the User role with a new Can manage permission over their assigned collections (see here).
Secrets Manager
Ansible integration: Use Bitwarden Secrets Manager to retrieve secrets and inject them into your Ansible playbook (see here).
This release includes:
Password Manager
Browser extension TOTP capture: Use the Bitwarden browser extension to scan a webpage and save TOTP authenticator QR codes (see here).
Increased import item quantity maximum: Imports made to Bitwarden Password Manager can now contain roughly double the amount of data (see here).
Admin Console
Unique SP entity IDs per organization: Organizations using SAML for SSO can now upgrade their entity IDs to be unique for their organization. Doing so will require re-configuring on the IdP (see here).
Plans & Pricing
Automatic tax calculation: Tax rates for subscriptions will now be automatically calculated based on geography by our payments sub-processor. The subtotal charged by Bitwarden will remain the same, however you may notice a change in your tax-inclusive monthly invoice.
This release includes:
Password Manager
Passkey storage for self-hosted: Passkeys can now be stored in self-hosted Bitwarden servers (see here).
Admin Console
More collections permissions via Public API: You can now use the Public API to hide passwords from users for any collection (see here).
This release includes:
My Account
Log in with passkeys (beta): Passkeys can be used to log in to the Bitwarden web app as an alternative to using your master password and email (see here).
Password Manager
Account switching for browser extensions: Log in to up to 5 accounts and switch seamlessly between them when using Bitwarden browser extensions (see here).
Admin Console
Configure subscription via Public API: Use new Public API endpoints to configure subscription information like seat count, maximum auto-scaling, and storage (see here).
More organization upgrade paths: More Bitwarden organizations can now upgrade to a different subscription without needing to contact support.
Bitwarden can now be self-hosted in Kubernetes deployments using a Helm Chart (see here).
This release includes:
Password Manager
Auto-fill menu: Auto-fill credentials while browsing the web by turning on the new inline auto-fill menu (see here).
This release includes:
Password Manager
Option to turn off prompt to use passkeys: You can now choose whether or not your browser extension will ask to save and use passkeys. (see here).
Forward Email support on mobile: Forward Email can now be used on mobile apps as a forwarded email alias provider for the username generator (see here).
Vault health reports update: Organization members will now see organization-owned items which they have Can edit access to in their individual vault health reports.
Admin Console
Elastic integration: Bitwarden organizations can now use Elastic for security information and event management (SIEM) (see here).
CLI event logs: Event logs viewed from the web app will now specify which events were logged by the Bitwarden CLI.
Secrets Manager
Secrets manager CLI output: A new format has been added to output secrets as key-value pairs in the Secrets Manager CLI (v0.4.0) (see here).
This release includes:
Password Manager
Save passkeys to your vault: Passkeys can now be stored in your Bitwarden vault! Store and log in with passkeys using the Bitwarden browser extension (see here).
Direct LastPass importer: Import data from LastPass directly to Bitwarden using browser extensions or desktop apps, including if you're a member of a team using SSO with LastPass (see here).
Import from browser extensions and desktop apps: Data can now be imported to Bitwarden from browser extensions and desktop apps (see here).
Mobile settings reorganization: The Settings tab on mobile apps has been reorganized into more intuitive categories.
Support for self-hosted alias providers: The username generator on Password Manager clients can now be connected to self-hosted Addy.io and SimpleLogin instances (see here).
Auto-fill cards and identities via context menu: Cards and identities can now be auto-filled by browser extensions using the context menu (see here).
Secrets Manager
Support for self-hosting: Enterprise organizations can now self-host Secrets Manager (see here).
New event logs view: Service account event logs can now be accessed directly from the service accounts view (see here).
This release includes:
FIDO2 WebAuthn now a free two-step login option: The FIDO2 WebAuthn method for two-step login has been expanded to free accounts. Now every Bitwarden user can improve login security using compatible FIDO2 WebAuthn credentials, such as those device-bound to hardware security keys (see here).
Organization member email verification: Organization members will have their email automatically verified when they accept an invitation to join or if they are a member of an organization using domain verification.
Export update: JSON exports of vault data will now include the password history for applicable items (see here).
CLI password generator options: Generating a password using the CLI has additional option flags for customizing password complexity (see here).
ProtonPass JSON importer: ProtonPass JSON has been added to the list of formats available for direct import into Bitwarden Password Manager (see here).
Desktop app theme update: The desktop app's dark theme has been updated!
This release includes:
SSO with trusted devices: SSO with trusted devices allows users to authenticate using SSO and decrypt their vault-stored encryption key without entering a master password (see here).
Manager collection access: To reduce visibility to non-essential data, managers can now only see collections that they are assigned to.
This release includes:
Secrets Manager - General availability: Bitwarden Secrets Manager is now generally available for empowering developers, DevOps, and cybersecurity teams to centrally store, manage, automate, and deploy secrets at scale. Learn more about Secrets Manager plans and sign up today.
Import to a folder or collection: Import data directly to an existing folder, or if you're a member of an organization directly to a collection, from the Tools → Import data screen.
This release includes:
Secrets Manager - CLI updates: New commands were added for editing and creating projects and secrets, and the syntax used by the CLI has been restructured (see here).
EU Cloud: Bitwarden cloud servers are now available with vault data storage in the European Union (see here).
This release includes:
Login with device for self-hosted: Bitwarden applications connected to self-hosted servers can now log in by sending an authentication request to a registered device instead of using a master password (see here).
Forward Email alias integration: Connect the Bitwarden username generator to Forward Email for easy creation of email aliases (see here).
Browser extension TOTP auto-fill: Browser extensions will now auto-fill TOTP codes automatically unless you're using auto-fill on page load (see here).
Policies - Renamed Admin password reset: The Admin password reset policy is now named Account recovery administration (see here).
Use auto-fill in <textarea>s: Bitwarden apps can now auto-fill credentials into HTML
<textarea>
elements.Create folders and collections from Vaults page: Folders and collections can now be created from the main Vaults page using the New button.
This release includes:
Secrets Manager - Service account write access: Service accounts can now be granted write access to projects and secrets (see here).
tip
Fully utilizing write access for machine accounts is dependent on a forthcoming CLI release. For now, this simply makes the option available in the UI. Stay tuned to the Release Notes for more information.
Secrets Manager - Bulk user management: Organization members can now be added to Secrets Manager in bulk (see here).
warning
Beginning with the 2023.5.0 release, Password Manager desktop apps will no longer support Windows 8.1 and older or Windows Server 2012 and older.
Users of these operating systems may download a 2023.4.0 desktop app here and must disable automatic updates (learn more here). We recommend upgrading to a supported operating system, as old client versions are not guaranteed to be supported by Bitwarden cloud servers long-term and may present security risks to you in the future.
This release includes:
Environment selector: The workflow for connecting Bitwarden apps to self-hosted servers was improved. See here.
Password Manager - Improved auto-fill for German HTML: German-language HTML fields are now available for auto-fill. See here.
Self-hosting - Clarification to language around server licensing: There is a grace period of 60 days to upload a new license to replace an expired one. See here.
Low KDF alert: A new alert will appear in the web app when a user's KDF iterations are lower than industry recommendations, currently 600,000 iterations. See here.
This release includes:
Secrets Manager - Create project during secret creation: You can now create a new project in the secret creation menu. See here.
This release includes:
Splunk integration: Bitwarden organizations can now use self-hosted Splunk Enterprise for security information and event management (SIEM). Learn how to get started with Splunk here.
Improved reseller billing: Bitwarden resellers will now be the only entities with access to see billing, subscription, or payment information for their customer organizations. See here.
Master password requirements policy update: If enabled, the master password requirements policy can now be set to prompt pre-existing non-compliant users to update their master passwords. See here.
Vault timeout policy update: The vault timeout policy now provides the option to designate vault timeout actions. See here.
Desktop - New biometrics options: You can now choose whether to require a master password on app start or allow biometrics on launch. See here.
Desktop - Windows Hello security improvements: A vulnerability related to Windows Hello and Windows Credential Manager has been addressed. As an additional measure, we recommend using the new option to require a master password on app start. See here.
Browser extension - Improved form detection: The logic for form detection has been improved and bug reports addressed for the browser extension’s notification bar. For a technical breakdown, see here.
This release includes:
Domain verification: Organizations can verify ownership of domains (e.g.
mycompany.com
), allowing users to skip the organization identifier step when using login with SSO. See here.Browser Extension - Improved auto-fill security: Browser extensions will now disallow auto-fill on page load for untrusted iframes. Browser extensions will also warn users about untrusted iframes when manually auto-filling, using the context menu, or using keyboard shortcuts, and will warn users when auto-filling HTTP sites that expect HTTPS based on that item's saved URI(s). See here.
Master password security checks: Users can now check known data breaches for their prospective master password via Have I Been Pwned when creating an account or changing their master password on the web vault. See here.
Master password length requirement: Master passwords must now be at least 12 characters long. This rule will be enforced for new Bitwarden accounts and for any users that change their master password.
Activate auto-fill policy: For Enterprise organizations, the Activate auto-fill policy will automatically turn on auto-fill on page load for new and existing members of your organization. See here.
Browser Extension - Improved notification bars: Notification bars for adding undetected items to your vault now have more intuitive workflows for users subject to the Remove individual vault policy. See here.
iOS - Choose Bitwarden for verification codes: Users on iOS 16+ can now set Bitwarden as their default application for storing verification codes when scanned codes directly from the camera app. See here.
Mobile - Change language in-app: Users can change the language in the Bitwarden mobile app to differ from the language set on their device OS. See here.
Bitwarden Secrets Manager is now available as an open beta. Learn how to get started here.
This release includes:
note
Self-host Announcement
In this release, we've migrated to a new SQL client which expects either a valid certificate or the presence of TrustServerCertificate=True
in the connection string set in global.override.env
. Please check for one of these before updating your server.
Argon2: You can now change the algorithm used to derive your account's master key to Argon2id from the Account settings → Security → Keys page. See here.
note
2023-02-14: Argon2 is supported by Bitwarden clients version 2023.2.0 and later, and switching to Argon2 via the web vault could mean other clients will not be able to load your vault until they’re updated, typically within a week after release.
Increased default KDF iterations for PBKDF2: New Bitwarden accounts will use 600,000 KDF iterations for PBKDF2, as recommended by OWASP. Existing accounts can manually increase this number. See here.
Master password security checks: New users who create their accounts on mobile apps, browser extensions, and desktop apps can now check known data breaches for their prospective master password via HIBP. This will be brought to the web vault in a future release. See here.
Organization vault updates: As part of an ongoing effort to improve the web vault UI, some organization administration functions were redesigned, for example a consolidated Vault view for item and collection management as well as dedicated Members and Groups views.
Log in with device on additional clients: Log in with device is now available on additional clients. Login requests can now also be initiated from browser extensions, desktop apps, and mobile apps and can now also be approved from desktop apps. See here.
Automatic license sync for self-hosted organizations: Self-hosted organizations can enable automatic license sync in order to automatically update billing and subscription changes instead of having to manually re-upload licenses. See here.
SQLite DB option for Bitwarden unified: SQLite is now an available database option for Bitwarden unified self-hosted deployments. See here.
Updated self-hosted installer URLs: The URLs for downloading self-hosted server installers have changed. See here for Linux and here for Windows.
Psono importer (json): A new import option is available for Psono (json) exports. See here.
This release includes:
Bitwarden on Apple Watch: Bitwarden has added Apple Watch support to provide an additional option for accessing TOTP login codes. See here.
New environment variable: An environment variable to enforce the Require SSO authentication policy for owners and admins is now available for self-hosted servers. See here.
Bitwarden unified - Support for custom database ports: Unified deployments now support running the database on a custom port using a new environment variable. See here.
Passky importer (json): A new import option is available for unencrypted Passky (json) exports. See here.
Custom avatar colors: Change the color of your avatar from the web vault Account settings → My account page.
This release includes:
Browser Extension - Themed notification bars: Themed notification bars have been added to the Bitwarden browser extension to match the popular color themes.
Browser Extension - UI update: UI updates have been made to the Bitwarden browser extensions.
Bitwarden on Apple Watch (beta): Bitwarden on the Apple Watch will be available in beta to users who sign up through TestFlight and will provide an additional option for accessing TOTP login codes. Learn more here.
Bitwarden is excited to announce the beta release for a new option available to self-host users. The Bitwarden unified deployment is light weight and flexible option for users who wish to control and deploy Bitwarden on their own server. For more information on the beta, see here.
This release includes:
Log in with device: Log in to the web vault by sending an authentication request to your registered mobile device instead of using your master password (see here).
note
This release does not include updates to the browser extension, which will remain at version 2022.10.1.
This release includes:
Organization vault updates: As part of an ongoing effort to improve the web vault UI, some organization administration functions have been moved, for example into dedicated Billing and Reporting tabs.
Login flow updates: To accommodate new log in options, the log in process has been separated into two screens.
SCIM updates: SCIM-triggered events will now log from
SCIM
instead ofUnknown
, and the SCIM API key will now be obfuscated by default.Generate username & password from iOS app extension: "On-the-fly" generation of usernames and passwords can now be done from the iOS app extension, accessible from the Share menu while using apps like browsers.
New theme for mobile: The popular Solarized Dark theme has been brought to mobile.
Directory Connector - Group filter queries for Google Workspace: Query parameters can be used in group filters for Google Workspace (see here).
Performance Optimization: We've improved web vault load times and experience for accounts with access to thousands of vault items.
This release includes:
Password protected encrypted export: Encrypted
.json
exports can now be encrypted with a password of your choosing. Password protected exports can be imported to any Bitwarden account (see here).Mobile username generator: The username generator is now available for use on Bitwarden mobile apps (see here).
DuckDuckGo email alias integration: Connect the Bitwarden username generator to DuckDuckGo for easy creation of email aliases (see here).
DuckDuckGo macOS browser integration: We've partnered with DuckDuckGo to create an integration with their forthcoming macOS browser! Stay tuned for more information on when they'll launch this feature.
SCIM update: Revoked users will no longer occupy licensed seats in your organization (see here).
This release includes:
Fastmail email alias integration: Connect the Bitwarden username generator to Fastmail for easy creation of email aliases (see here).
Provider Portal update: The main Provider Portal screen now has at-a-glance seat and plan reporting for each client organization.
Organization vault export event: When an owner or admin performs a vault export, the action will now be recorded on the organization's event logs (see here).
Browser Extension - Support for pre-configured environment URLs: Self-hosting customers can now pre-configure environment URLs for browser extensions, streamlining rollout for end users by using endpoint management to deploy your configuration (see here).
Mobile - Update to Bitwarden Authenticator: Mobile apps now have a Verification Codes screen that provides quick and easy access to your TOTPs (see here). We've also improved the process for adding TOTP codes to vault items through the mobile app (see here).
CLI -
serve
Origin protection: Theserve
command will now block any requests made with anOrigin
header by default (see here).
This release includes:
SCIM for Enterprise Organizations: Enterprise Organizations can now use System of Cross-domain Identity Management (SCIM) to automatically provision members and groups from a source directory (see here).
hCaptcha for Failed Login Attempts: You'll now receive an email and be required to complete hCaptcha validation if we detect 9 consecutive failed login attempts.
This release includes:
User Revocation: Organizations can now temporarily revoke user access to an Organization without fully removing them (see here).
Enterprise Policies Updates: Enterprise policy names and descriptions have been updated to better describe their impact on your Organization (see here).
Settings and Preferences Updates: The names and descriptions of some app settings and preferences have been updated to be more intuitive.
This release includes key features and usability improvements that make Bitwarden even better on-the-go:
Account Switch during Auto-fill (iOS): Quickly switch to another account during auto-fill by tapping the avatar button, now available on Android and iOS (see here).
Vault Filter for Mobile: On mobile apps, you can now filter items by vault.
Org Member Premium Status: Organization members can now use premium features like advanced 2FA methods as soon as they're invited, rather than confirmed.
Accessibility Improvements: This release includes a few changes that will improve the performance of Bitwarden with assistive technologies, including the ability for users with hCaptcha Accessibility Access to use their Accessibility Cookie to skip hCaptcha challenges (now available for desktop and mobile apps).
note
We've got new version numbering!
To make it easier to track versions of the many Bitwarden apps as we move to a near-monthly release cycle, we've adopted a new version numbering system that will be shared by all clients. This release is 2022.5.0
because it's the base release (.0
) of May (.5.
) 2022 (2022.
).
This release includes:
Web Vault UI Updates: The Web Vault has received design updates, some of which improve filtering between individual and Organization vault items. This is the first phase of a multi-part project to update the Web Vault for both individual users and Organizations.
Families Sponsorships for Self-hosted Enterprise Orgs: Families Organization Sponsorships can now be issued for members of self-hosted Enterprise Organizations (see here).
Username Generator - Forwarded Email Alias Type: Integrate the username generator with SimpleLogin, Addy.io, or Firefox Relay to automate simultaneous creation of usernames and corresponding email aliases (see here).
Item Linking: Copy the URL of an item for use as a direct link to provide to Organization members or in documentation (see here).
Account Switch during Auto-fill: On Android, quickly switch to another account during auto-fill by tapping the avatar bubble (see here).
Changes to Client Organization Billing: As of this release, only Provider users can view billing information for Client Organizations.
Desktop 1.330, Browser Extension 1.58.0, Mobile 2.18.0, CLI 1.22.1, Directory Connector 2.10.1
note
Supportability Announcement
As of this release, macOS desktop apps downloaded from the App Store will require macOS Mojave (10.14) or greater. .dmg
installers, available from bitwarden.com/download and Github, are not subject to the same restriction.
Username Generator for Browser and Desktop: Generate usernames for new credentials using email-based conventions like plus addressing or using random words (see here).
CLI - New
serve
Option: Use the—hostname
option to securely bind your API web server to a host (see here).
Server 1.48.0, Web 2.28.0
The latest release includes community-requested features and the beginning of a multi-part effort to update the web vault UI. Updates to client apps (browser extension, mobile, desktop, and CLI) will come in a follow-on release:
Username Generator for Web Vault: Generate usernames for new credentials using email-based conventions like plus addressing or using random words. A follow-on release will include the username generator for browser extensions and desktop apps (see here).
Web Vault - Reports Page: We've updated the location and feel of the Reports page to make it easier to find and take action on report results (see here).
Improvements to macOS & Safari Importer: We've fixed some issues that resulted in the macOS and Safari importer failing to import URLs and notes properly.
Accessibility Improvements: This release includes a few changes that will improve the performance of Bitwarden with assistive technologies like screen readers.
Browser Extension 1.57.0, Mobile 2.17.0
Following last week's release, the following has been released for mobile apps and browser extensions:
Account Switching added to Mobile: Log in to up to 5 accounts and switch seamlessly between them when using Bitwarden on Android and iOS (see here).
Support for Firefox Private Mode: This release includes more robust support for Firefox Private Windows (see here).
Server 1.47.0, Web 2.27.0, Desktop 1.32.0, CLI 1.22.0, Directory Connector 2.9.11
The latest release focuses on improvements to individual applications so that you can use Bitwarden exactly the way you need to. Updates to mobile apps and browser extensions will come in a follow-on release:
Vault Management API via CLI: Using the new
serve
CLI command, you can make API calls to a full suite of Vault Management endpoints (see here).Changes to export CLI Command:
export
no longer requires a master password, however you can now use a--password
argument to set a custom encryption/decryption password for encrypted exports (see here).New Importers: We've added custom importers for Dashlane
.csv
files and 1Password.1pux
files (requires 1Password v8.5+).Improvements to Myki Importer: Learn more.
Deprecation of Artifact Binding: Due to security concerns, Artifact binding for SAML SSO configurations has been removed (learn more).
Support for Docker Compose v2
Server 1.46.0, Web 2.26.0, Desktop 1.31.0, Browser Extension 1.56.0, Mobile 2.16.0, CLI 1.21.0, Directory Connector 2.9.9
To kickoff 2022, Bitwarden is pleased to release:
Account Switching for Desktop: Log in to up to 5 accounts at once in the Bitwarden desktop app. This is the beginning of a phased rollout of this feature across Bitwarden apps, with more to come soon (see here).
Send on iOS: You can now share a Bitwarden Send directly from the iOS share menu (see here).
Delete Account from Mobile: You can now delete your Bitwarden account from the mobile app, but why would you (see here)?
New Icons: We've updated the look and feel of all Bitwarden apps with all-new icons. Feast your eyes!
Directory Connector - Azure AD Sync Performance: Performance for Directory Connector syncs against Azure Active Directory has been improved. Organizations syncing with Azure AD will not need to change their sync configuration.
Back End Improvements: We've been hard at work improving the general performance and stability of the Bitwarden platform, which will springboard some great new features in the future.
Server 1.45.0, Web 2.25.0, Desktop 1.30.0, Browser Extension 1.55.0, Mobile 2.15.0, CLI 1.20.0
Bitwarden is proud to announce new enterprise features in the December release that add flexibility and value to the enterprise plans:
Key Connector: (Only available to Self-hosted Organizations) When using Login with SSO with customer-managed encryption, the self-hosted Key Connector application serves cryptographic keys to Bitwarden clients as an alternative to requiring a Master Password for Vault decryption (see here).
Families for Enterprise: (Only available to Cloud-hosted Organizations, self-hosted in a future release) Starting with this release, members of Enterprise Organizations can redeem a free Bitwarden Families Organization for sharing with up to 5 friends or family members. Families Organizations include all premium features for all 6 users and unlimited secure data sharing (see here for details).
MacOS and Safari Importer: We've added a custom importer for passwords exported from Safari and macOS (see here for details).
New Custom Field Type: Linked custom fields can be used to solve issues where your Browser Extension has trouble auto-filling usernames and passwords for a particular site by linking usernames and passwords to bespoke form elements (see here for details).
Browser Extension - Unlock Vault while Auto-filling: Trying to auto-fill with the context menu or keyboard shortcut when your Vault is locked will now prompt you to unlock your Vault and automatically auto-fill your credentials once it's unlocked.
Server 1.44.0, Web 2.24.0, Desktop 1.29.0, Browser Extension 1.54.0, Mobile 2.14.0, CLI 1.19.0
The Bitwarden team is pleased to release a set of features and updates continuing our mission of making password management easy and accessible for individuals and businesses:
note
Deprecation Announcement: The Business Portal has been deprecated. Enterprise Organizations can configure Policies and Login with SSO from the Organization Manage tab.
Vault Timeout Policy: The Vault Timeout policy will apply a maximum Vault timeout duration for all members of your Organization (see here for details).
Disable Personal Vault Export Policy: The Disable Personal Vault Export policy will prohibit non-Owner/non-Admin members of your Organization from exporting private Vault data (see here for details).
Auto-scale Organization Seats: Teams and Enterprise Organizations will automatically scale up user seats as new users are invited. Organizations can set a limit on scaling to prevent the seat count from exceeding a specified number (see here for details).
Custom Vault Timeout: You can now specify a custom timeframe (Hours and Minutes) for Vault Timeout (see here for details).
Custom Role - Improved Collection Permissions: Collection-management permissions for the Custom role have been expanded to include granular controls over whether the user can create, edit, or delete assigned or all Collections (see here for details).
Admin Password Reset - Update Password after Reset: Passwords reset by an Admin must now be updated by the user they belong to immediately when they log in to Bitwarden (see here for details).
Browser Extension - Autofill Span Elements: The Browser Extension can now auto-fill custom fields in the innerText of HTML
<span>
elements (see here for details).Browser Extension - Automatic Biometrics Prompt: The Browser Extension can now automatically prompt for your biometric input when opened. You can toggle this behavior from the here for details).
Settings menu (seeWeb Vault - Dark Mode: The Web Vault now has dark mode (see here for details)!
CLI -
generate
Passphrase Options: Thebw generate --passphrase
command now includes the options--capitalize
and--includeNumber
(see here for details).
Server 1.43.0, Web 2.23.0, Desktop 1.28.3, Browser Extension 1.53.0, Mobile 2.13.0, CLI 1.18.1
The latest release of Bitwarden focuses on often requested improvements to existing functionality:
FIDO2 WebAuthn on Mobile: Two-step Login via FIDO2 WebAuthn is now supported on iOS and Android (see here for details).
Admin Password Reset - Automatic Enrollment Improvement: The Automatic Enrollment policy option will now prevent users from withdrawing from Admin Password Reset (see here for details).
Browser Extension - Select Folder from Save Bar: You can now select which Folder to save an item to directly from the Browser Extension's save prompt (see here for details).
Browser Extension - Custom Field Context Menu Item: You can now copy an HTML element name directly from the Browser Extension's context menu for easy custom field creation (see here for details).
Web Vault - Policies Relocation: Enterprise Policies can now only be configured from your Organization's Manage → Policies screen, rather than from the Business Portal.
CAPTCHA Validation: Starting with this release, we're turning on hCaptcha validation to protect against bot attacks like credential stuffing. Please note, challenges in the CLI are delivered differently than in other client applications (see here for CLI details).
tip
Interested in becoming a Provider? To get started, we ask that:
Your business has an active Enterprise Organization.
Your business has a client ready to be onboarded under your Provider.
The latest release of Bitwarden is focused on enabling Managed Service Providers (MSPs) to support their customers' password management needs:
Provider Portal: The Provider Portal allows Managed Service Providers (MSPs) and Resellers to create and administer Organizations on behalf of customers. Using the Portal, Providers can seamlessly support credential management across multiple customers (see here for details).
Share Verbiage Change: We've updated the
Share button to Move to Organization to make it cleared that shared items are owned by the Organization. Additionally, we've updated the "shared item" indicator ( ) to match the Collections indicator ( ).CLI
move
Command: In keeping with the above item, the CLIshare
command has been changed tomove
(see here for details).
The Bitwarden team is happy to announce the rollout of Admin Password Reset, the latest feature purpose-built to help enterprises seeking to ensure password security at scale. This release includes:
Admin Password Reset: Enterprise Organizations can enroll in Admin Password Reset to allow designated administrators to reset the Master Password of Organization users (see here for details).
Master Password Re-prompt: Use the new Master Password re-prompt option to require verification of your Master Password to access sensitive Vault items as designated by the user (see here for details).
Bulk User Management: Organization Owners and Admins can now re-send invitations, confirm accepted users, and remove users from an Organization in-bulk (see here for details).
Event Log Export: Export event logs directly from the Web Vault (see here for details).
Directory Connector API Key Authentication: Starting with this release, users of Directory Connector will need to use the Organization API Key to login.
Directory Connector Sync Limit Increase: Directory Connector can now sync an unlimited number of users or groups, where previously the limit was set at 2000 of either. To sync more than 2000 users or groups, toggle the new Sync Option (see here for details).
Autofill On Page Load Enhancements: The Browser Extension's Auto-fill on page load feature has been upgraded to more flexibly fit users' unique needs (see here for details).
More CLI Options: We've added a few new CLI options, including easy retrieval of Vault item notes (
bw get notes <id>
) and the ability to set maximum access count for Sends (bw send create --maxAccessCount <#>
).Web Developer Autofill Exclusion: Web Development contributors can now prevent the Browser Extension from auto-filling a given form element by adding a
data-bwignore
attribute (e.g.data-bwignore="true"
) to an<input>
element.
The Bitwarden team is pleased to release a set of features and updates continuing our mission of making password management easy and accessible for individuals and businesses:
Privacy & Security Options for Send: Use a new Send Privacy option to hide your email from recipients (see here for details). To prevent abuse, File Sends will now require a verified email address. Additionally, Enterprise Organizations can implement a new policy to set the availability of the Hide Email option (see here for details).
FIDO Updates & Expanded Support: Our FIDO implementation has been upgraded from FIDO U2F to FIDO2 WebAuthn, but existing FIDO U2F keys will retain their integrity. FIDO support has been expanded to more Browser Extensions and the Windows Desktop App (see here for details).
Custom Fields for Keys: Custom Field values have been upgraded to support up to 5000 characters, allowing storage of keys like RSA 4096-bit SSH keys (see here for details).
File Size Increases: You can now create File Attachments or File Sends that are up to 500 MB each. Due to device restrictions, the old 100 MB limit is still in place for Mobile Apps.
warning
As a result of the Attachment upgrade, Attachments uploaded on the newest clients cannot be opened on older client versions. If you find you're unable to access a recently-created Attachment, upgrade your client to the newest version. (Hint: The Cloud Web Vault is always on the newest version.) Frozen or legacy client versions, including the Safari 13 (or earlier) macOS Desktop App & App Extension, will not support accessing these attachments.
Disable Browser Extension Counter: Disable the Browser Extension badge counter using a new toggle in the here for details).
Settings → Options menu (seeBiometrics for Safari: The Safari Web Extension now includes support for Unlock with Biometrics for Safari 14+ (see here for details).
Search Internationalization: Vaults can now be searched against 1 character, improving the experience for languages with 1-character words like Simplified and Traditional Chinese.
Sorted Weak Passwords Report: The Weak Passwords Report is now sorted by the severity of the password's weakness (see here for details)
tip
Since implementing Soft Delete back in 2020, we've been patient to take out the Trash. Starting 5/15/2021, we'll activate the nightly job that will permanently delete items that have been in your trash for 30 days or more.
Prior to 5/15/2021, we recommend digging through your Trash for anything you might want to Restore!
Bitwarden is proud to announce the release of Bitwarden Send, and end-to-end encrypted solution for ephemeral sharing. This release includes:
Bitwarden Send: Bitwarden Send is end-to-end encrypted solution for ephemeral sharing. There's lot of material about Send on our website and Help Center, but you can start here or here.
FIDO U2F Support for Edge: Two-step Login via FIDO U2F is now available for the Web Vault and Browser Extensions in Microsoft Edge (see here for details).
Domain Exclusion in Browser Extensions: Bitwarden Browser Extensions can now be configured with domains to explicitly not offer to remember passwords for (see here for details).
Improved Import Error Messages: We've had lots of folks migrating to Bitwarden recently, so we cleaned up an import error message to help you reconcile issues faster (see here for details).
Safari Web Extension Port: Our Safari App Extension has officially been ported to a Web Extension for use with Safari 14+. Due to changes to Safari, Web Extension use is now limited to only those obtained through Mac App Store downloads (see here for details).
note
Biometric Unlock for Browser Extensions is available for only Chromium-based browsers (e.g. Chrome, Edge) with v1.48.0 of the Browser Extension, provided you have the latest version (2021-01-19) of the Desktop App.
When your Browser Extension updates to this version, you may be asked to accept a new permission for Bitwarden to Communicate with cooperating native applications
. This permission is safe, but optional, and will enable the Browser Extension to communicate with the Bitwarden Desktop App, which is required to enable Biometric Unlock (see here for details). Declining this permission will allow you to use v1.48.0 without Biometric Unlock functionality.
Biometric Unlock is currently not available for:
Firefox Browser Extensions below version 87.
Microsoft App Store Desktop Apps (a side-loaded Windows Desktop App, available at bitwarden.com/download/ will work fine).
Side-loaded MacOS Desktop Apps (an App Store Desktop app will work fine).
The Bitwarden team is investigating these and will provide updates as things progress.
For the first major release of 2021, the Bitwarden team combined multiple major enhancements to address the critical needs of all users, including:
Emergency Access: Bitwarden's new Emergency Access feature enables users to designate and manage trusted emergency contacts, who may request access to their Vault in a zero knowledge encryption environment (see here for details).here
Encrypted Exports: Personal users and Organizations can now export Vault data in an encrypted
.json
file (see here for details).New Role: A Custom role is now available to allow for granular control over user permissions (see here for details).
New Enterprise Policy: The Personal Ownership policy is now available for use by Enterprise Organization (see here for details).
Biometric Unlock for Browser Extensions: Using an integration with a native Desktop application, you can now use Biometric input to unlock Chromium-based Browser Extensions (see here for details).
The latest release of Bitwarden adds SSO-related enhancements to all client applications, including:
New Enterprise Policies: The Single Organization and Single Sign-On Authentication polices are now available for use by Enterprise Organizations (see here for details).
API Key for CLI: Authenticate into the Bitwarden CLI using an API Key newly available from your Web Vault (see here for details).
Improvements to SSO Onboarding: We've made some improvements to the way users are onboarded via SSO to prevent potential security risks (see here for details).
GDPR Acknowledgement: From now on, new users of Bitwarden will be asked to acknowledge a Privacy Policy on registration.
Android 11 Inline Auto-fill: For devices using Android 11+, enabling the Auto-fill Service will display suggestions inline for IMEs that also support this feature (see here for details).
The latest release of Bitwarden adds much-anticipated Login with SSO functionality for all client applications, and the Business Portal for Web Vaults. Read this blog post for more information about Login with SSO, and refer to our documentation.
The following items were released between March and September of 2020.
Suggest changes to this page
How can we improve this page for you?
For technical, billing, and product questions, please contact support