# Onboarding checklist Use this onboarding checklist to track progress and make sure nothing is missed during your onboarding process ## Account setup - Confirm and review with users the 3-step account set up process: Invite > Accept > Confirm  - Log in with existing account or create new account using invited email - Complete SSO login set up if applicable - Create strong master password (14 to 16+ characters with mixed cases, numbers, symbols) Optional if you’re using SSO with trusted devices - Review company-specific password policies and guidelines - Follow company password guidelines, consider using passphrase - Set up 2FA using preferred methods (authenticator app, hardware key, or email) - Save and securely store 2FA recovery codes **Support links:** - [Using login with SSO](https://bitwarden.com/help/using-sso/) - [Setup SSO with Trusted Devices](https://bitwarden.com/help/setup-sso-with-trusted-devices/) ## Client installations - Install browser extension and pin it to the navigation toolbar - Download and install desktop application (Windows, Mac, Linux) - Download mobile app (iOS, Android) - Log into all installed clients with master password and 2FA, or SSO (if applicable) - Adjust login settings to preferences (biometric setup, timeout settings) **Support links:** - [Client downloads](https://bitwarden.com/download/) - [Automatic logout or lock](https://bitwarden.com/help/vault-timeout/) ## Get to know Bitwarden vault - Explore web app, browser extension, mobile and desktop apps interface and main navigation elements - Understand the differences between My vault (individual items) and Organization vault (shared items) - Learn to use search function - Familiarize with item types (logins, notes, cards, identities) **Support links:** - [Vault item types](https://bitwarden.com/help/managing-items/) - [Search your vault](https://bitwarden.com/help/searching-vault/) ## Password management fundamentals - Practice adding new login items (Click + or Add Item) - Learn to edit existing items - click Edit (pencil icon) - Set up extension autofill through browser settings - Practice using autofill from browser extension (hotkey, inline autofill, fill button) - Use built in password generator for creating strong passwords (in extension, click on password field or Generator tab) **Support links:** - [Browser autofill](https://bitwarden.com/help/auto-fill-browser/) - [Generating a strong password](https://bitwarden.com/help/getting-started-browserext/#generate-a-strong-password/) ## Secure credential sharing and collaboration - Understand collections concept for shared items: Collections act as shared folders for passwords/notes in organization vault - Practice accessing shared items through collections - Learn about groups and permission levels: Groups assign collection access to multiple users (eg. "Marketing Team") - Practice organizing individual My Vault items with folders **Support links:** - [Understanding collections](https://bitwarden.com/help/about-collections/) - [Collection access management](https://bitwarden.com/help/teams-enterprise-migration-guide/#step-5-configure-access-to-collections-and-items/) ## Features beyond password management - Explore Bitwarden Send for encrypted sharing to anyone, even non-Bitwarden users - Review password history for login items (Password History tab in login items) - Configure biometric unlock on desktop and mobile (if applicable) - Explore TOTP storage and generation **Support links:** - [Bitwarden Send](https://bitwarden.com/help/about-send/) - [Unlock with biometrics ](https://bitwarden.com/help/biometrics/) - [Generate TOTP codes](https://bitwarden.com/help/integrated-authenticator/#generate-totp-codes/) ## Recovery planning - Understand account recovery options of master password is lost or forgotten - Document account recovery procedures - Verify secure storage of recovery codes and master password backup **Support links:** - [Recover user access ](https://bitwarden.com/help/account-recovery/) - [Get my recovery code](https://bitwarden.com/help/two-step-recovery-code/) ## Best practices - Emphasize Bitwarden in improving organizational security posture - Explain how Bitwarden reduces breach risks, aids compliance, and promotes safe practices - Schedule regular vault maintenance and security reviews - Send regular reminders for users to accept invitation to set up Bitwarden account - Use Vault Health reports to audit password health across company **Support links:** - [Vault health reports](https://bitwarden.com/help/reports/)