# Trusted Password Manager for Government and Public Sector | Bitwarden Secure your agency with compliant and trusted password and secrets management. Deploy to your own infrastructure by self-hosting or utilize an audited, secure cloud solution. --- CREDENTIAL MANAGEMENT FOR GOVERNMENT AND PUBLIC SECTOR ## Protect public sector systems from credential-based attacks ![cisco security hero.jpg](https://bitwarden.com/assets/4E5Xga3crTDDLy4Jsks6Tv/c9e6b716f951b1cf37905b4759a6cad9/cisco_security_hero.jpg) [Contatta il reparto vendite](https://bitwarden.com/go/contact-bitwarden-sales-gov/) ## Trusted by governments and the public sector ![NASA-Logo-Large](https://bitwarden.com/assets/GmXHxB2fVxi6ee8iRUszU/5206fc150b445ac60f7afddad613d347/NASA-Logo-Large.png) ![ga state seal](https://bitwarden.com/assets/2RqqedIVGYrPp0gM6V3vUV/04df3bc239177aa69f31026ce000f23c/ga_state_seal.jpg) ![Maricopa County](https://bitwarden.com/assets/3wfPuNHlPAcpxW7W72oeFe/b6093ea2828f7ecfd4f780db06a693a8/Maricopa_County.png) ![city of albany black](https://bitwarden.com/assets/6pxwi3E0mOq8TDdskJZvfD/1587f98b9a4a0a78d861d8b3faaa1724/city_of_albany_black.svg?fm=png&w=800&q=90) “Abbiamo scelto Bitwarden perché soddisfaceva tutti i nostri requisiti. L’interfaccia web era eccellente e il processo di migrazione ci ha permesso di distribuire rapidamente Bitwarden in tutta l’organizzazione. Non siamo mai tornati indietro.” - Mark Miller | Ingegnere dei sistemi, NASA ![NASA-Logo-Large](https://bitwarden.com/assets/GmXHxB2fVxi6ee8iRUszU/5206fc150b445ac60f7afddad613d347/NASA-Logo-Large.png) ## Bitwarden helps government agencies secure the credentials that keep public systems running ### Credential security for all systems Whether using modern passkeys, SSO-integration, or password-based legacy systems, Bitwarden secures it all from one central location. ![icon-secure-devices-blue](https://bitwarden.com/assets/6hwkQEq9k9K1F3jF3YKHlw/df9d3773a9e5e7bcb6f96594fbeb2751/icon-secure-devices.png) ### Secure collaboration across departments and contractors Bitwarden lets IT grant granular, need-to-know access to the right credentials for the right people without exposing everything to everyone. ![icon-msp-partner-trust-blue-1](https://bitwarden.com/assets/6BWl4KAa8bbEBB2ooTYRxO/74fa904b88456bbefa78630d2401516b/icon-msp-partner-trust.png) ### Employee transitions covered When staff change roles or leave, shared credentials remain in the vault. Centralized ownership ensures that sensitive items stay secure and can be easily reassigned without disruption. ![icon-admin-user-blue](https://bitwarden.com/assets/5pVcD8kjS0D1th1EuCeZFc/02c94dfcae8f113a2fff1e75b789131b/icon-admin-user.png) ### Security employees will actually use Intuitive interface, cross-platform compatibility, and availability in 40+ languages means high adoption across your agency. Employees take home a separate free Families plan to reinforce security habits. ![icon-training-blue](https://bitwarden.com/assets/3HuiqQJ1hF6oAxiBHBzh3t/4031fbf8f262415981ddb759cd65bf48/icon-training.png) ## Fulfill FedRAMP or GovRAMP compliance Self-host Bitwarden on your own compliant infrastructure. Bitwarden clients and apps are fully compatible with a self-hosted installation, and many government agencies use this successfully today. As a municipality responsible for securing critical systems across departments, the City of Albany needed greater control and visibility into how credentials were shared. **“We can limit access to credentials on a need-to-know, privileged basis, which is important for government agencies. On the IT side... we knew we needed to self host... to have a secure on-premises password management solution backed by a vendor dedicated to the on-premises model is of paramount importance."** — Sean Park, CIO, City of Albany ![city of albany black](https://bitwarden.com/assets/6pxwi3E0mOq8TDdskJZvfD/1587f98b9a4a0a78d861d8b3faaa1724/city_of_albany_black.svg?fm=png&w=800&q=90) ## Enterprise features for the public sector ### Enforce security policies Set organization-wide security controls, enforce least-privilege access through RBAC, and set up the core for a zero-trust security strategy ![icon-secure-enterprise-blue](https://bitwarden.com/assets/1PoW1bWdy9WXLcLG2ZAlrP/cae9154d5ca29ecc3fd7c80349f4d3d2/icon-secure-enterprise.png) ### Auditable event logs Capture detailed records of over 50 event types with timestamps, IP addresses, user identity, and client type retained indefinitely. Exportable for compliance reporting. ![icon-report-blue](https://bitwarden.com/assets/4oFSk9IOX9dJnpPf4taqdK/feb7550a379ca746d39fbbd534ec587a/icon-report.png) ### Use your existing stack Connect to your existing tools for identity services, SIEM, SCIM, SSO and more. Build your own integrations and automations with Bitwarden APIs. ![icon-api-blue](https://bitwarden.com/assets/1pANf6q3DlQt9HdYyIXClt/3ab997c069114627352c1299e7b2e05f/icon-api.png) ### Secrets management Bitwarden Secrets Manager protects developer secrets and secures AI agentic processes. Available as part of the Bitwarden portfolio. ![icon-secure-password-blue](https://bitwarden.com/assets/23sInJQTL0gvxZnXp3tiAW/6fe12543781bb7a49c88916d40082b6d/icon-secure-password.png) ### Scopri lo shadow IT e riduci i rischi legati alle credenziali *Access Intelligence* Identifica le applicazioni utilizzate nella tua organizzazione e proteggi in modo proattivo la tua azienda dai rischi legati alle credenziali. ## Why agencies at all levels trust Bitwarden ![badge-compliance-iso27001](https://bitwarden.com/assets/3Q1bRprPg8qBybfl8myUou/d60fd3aeb85668dcdb0f386d9081d1a9/badge-compliance-iso27001_1_.svg?fm=png&w=800&q=90) ![soc2-color](https://bitwarden.com/assets/5qmV5rn9DTKKMsMskBs9Cv/dc310737497ba3d1b649dcde127c8756/badge-compliance-soc2-color.webp) ![gdpr-color](https://bitwarden.com/assets/3JONk7fDxmJ78aQyIyYWHW/8f2a1809e44dbc27af335b4eebaa19b6/gdpr-compliant.webp) ![data-privacy-framework](https://bitwarden.com/assets/2nkWHG7l2ksezkL4dbMp3R/14ac3b59e6798291bbd6cad1729bc9c6/DPF-logo-certifications-page.png) ![hipaa-color](https://bitwarden.com/assets/7emd1yp1u4qICPVWm5xQ4O/6ed576b7b9e57fe684dbcd969d9d97f5/hipaa-compliant.webp) ![ccpa-color](https://bitwarden.com/assets/3BK0h7RmAmz2aXRpsCpnkF/e66d7d8a990fd1c7648364aa017c39fd/badge-compliance-ccpa-color.webp) **Meets public sector security standards**Bitwarden is certified for ISO 27001, SOC 2 Type II, and SOC 3, and supports compliance with NIST Cybersecurity Framework, NIST SP 800-63B, NERC CIP, and HIPAA requirements. **Supports the frameworks government teams are measured against**The security controls in Bitwarden support compliance with key government and critical infrastructure framework, directly addressing requirements under the NIST Cybersecurity Framework and NERC CIP. **Provides full control with self-host flexibility** Enables secure credential management on your own verified infrastructure or air-gap requirements. **Open source, third-party audited** Bitwarden code is available for anyone to inspect, and audited annually by third-party agencies. **Protects with zero-knowledge encryption** Only authorized users can access sensitive information, critical for zero-trust environments. ## Protect your agency with Bitwarden ### Enterprise *Per aziende che necessitano di protezione e controllo avanzati.* **$6** *al mese / per utente, con fatturazione annuale* **Massima protezione** Tutte le funzionalità Premium e Teams, più funzionalità di livello enterprise come: - Controllo granulare degli accessi - Integrazione SSO senza password - Recupero account semplificato - Flessibilità di self-hosting - Mitigazione dei rischi con Access Intelligence [novità] - Piano Families gratuito per tutti gli utenti [Contatta il reparto vendite](https://bitwarden.com/go/contact-bitwarden-sales-gov/) --- ### Request a quote *For agencies with hundreds or thousands of employees contact sales for a custom quote and see how Bitwarden can:* *per month* - Reduce cybersecurity risk - Boost productivity - Integrate seamlessly Bitwarden scales with any sized business to bring password security to your organization [Get Free Quote](https://bitwarden.com/go/contact-bitwarden-sales-gov/) --- Pricing shown in USD and based on an annual subscription. Taxes not included. ## Resources for government IT and security teams **BLOG** ### How state and local government benefits from password management With ransomware attacks on the rise the time to secure passwords is now [Read more](https://bitwarden.com/it-it/blog/how-state-and-local-goverment-benefits-from-password-management/) **CASE STUDY** ### Un ente pubblico passa a Bitwarden per il suo modello di condivisione sicuro e scalabile La città di Albany, Oregon, conferma la propria reputazione orientata alla sicurezza con una gestione delle password on-premises. [Read more](https://bitwarden.com/it-it/resources/public-government-agency-moves-to-bitwarden/) **CASE STUDY** ### Password manager basato sul cloud o self-hosted: qual è la scelta migliore per un'organizzazione? La combinazione di crittografia zero-knowledge, aggiornamenti di sicurezza automatici, architettura ad alta disponibilità e certificazioni di conformità complete rende l'implementazione cloud la scelta pratica per i team che cercano la massima sicurezza. [Read more](https://bitwarden.com/it-it/resources/cloud-based-password-manager-or-self-hosted/) ## Awards and Recognition ![Milioni di clienti si affidano a Bitwarden](https://bitwarden.com/assets/6PLCdWI1MGA3pjrDYaqlC/a94aa530aaad1fad7c4166839df9790f/millions-customers-trust-bitwarden.png) ![Valutazioni Chrome e Apple](https://bitwarden.com/assets/pnhB8Fu1vhLkbFF3iEmXa/f073ebf18f517b694270448f2dfb7b1b/chrome-apple-ratings.png) ![Tre badge G2](https://bitwarden.com/assets/5B81Aj9KW1iMdSFYT87ZpC/26b03acb58973069f90a6bc1e3af7404/three-g2-badges.png) ![Valutazione G2: Top 50](https://bitwarden.com/assets/1I86PvwiYWVVayP7kPUvka/5e53b4cb3403ac07f8d925ce85eb1344/g2-rating-start-top-50.png) ![Centomila membri della community](https://bitwarden.com/assets/Xn4u9CQNuogrUx6grSLjo/617f74d213192ff2e8dcee5442ac0273/hundred-thousand-community_memebers.png) ## Frequently Asked Questions ### Is Bitwarden FedRAMP compliant? While Bitwarden itself is not certified, agencies subject to FedRAMP or GovRAMP requirements are able to deploy a self-hosted version of Bitwarden on their own compliant servers. This deployment works in offline and air-gapped environments as well. ### What reports are available for vault data? [Vault health reports](https://bitwarden.com/it-it/help/reports/) (available on all paid plans) can be used to evaluate the security of your Bitwarden individual or organization vault and include exposed, resused, and weak passwords, unsecure websites, inactive two-step login, and data breach reports. - [https://bitwarden.com/help/reports/](https://bitwarden.com/it-it/help/reports/) ### What encryption is used? Bitwarden uses [AES-CBC](https://bitwarden.com/it-it/help/what-encryption-is-used/#aes-cbc/) 256-bit encryption for your Vault data, and [PBKDF2](https://bitwarden.com/it-it/help/what-encryption-is-used/#pbkdf2/) SHA-256 to derive your encryption key. For more information, see the [Bitwarden Security Whitepaper](https://bitwarden.com/it-it/help/bitwarden-security-white-paper/). - [https://bitwarden.com/help/what-encryption-is-used](https://bitwarden.com/it-it/help/what-encryption-is-used/) - [https://bitwarden.com/help/bitwarden-security-white-paper/](https://bitwarden.com/it-it/help/bitwarden-security-white-paper/) ### Does Bitwarden support Single Sign-on? (SSO) Yes, [login with SSO](https://bitwarden.com/it-it/help/about-sso/) allows Enterprise organizations to leverage their existing Identity Provider to authenticate users with Bitwarden using the [SAML 2.0](https://bitwarden.com/it-it/help/configure-sso-saml/) or [Open ID Connect (OIDC)](https://bitwarden.com/it-it/help/configure-sso-oidc/) protocols. - [https://bitwarden.com/help/about-sso/](https://bitwarden.com/it-it/help/about-sso/) - [https://bitwarden.com/help/configure-sso-saml/](https://bitwarden.com/it-it/help/configure-sso-saml/) - [https://bitwarden.com/help/configure-sso-oidc/](https://bitwarden.com/it-it/help/configure-sso-oidc/) ### Does Bitwarden have event logs? [Event logs](https://bitwarden.com/it-it/help/event-logs/) are timestamped records of events that occur within your Teams or Enterprise organization. Events logs are exportable, accessible from the /events endpoint of the [Bitwarden Public API](https://bitwarden.com/it-it/help/public-api/), and are retained indefinitely. Event logs record over 50 different types of events and captures a Timestamp for the event, client app information including application type and IP (accessed by hovering over the globe icon), the User connected to the event, and an Event description. - [https://bitwarden.com/help/event-logs/](https://bitwarden.com/it-it/help/event-logs/) - [https://bitwarden.com/help/public-api/](https://bitwarden.com/it-it/help/public-api/) ### What types of integrations are supported? Bitwarden supports a comprehensive set  of integrations to enhance security and streamline operations, including: - **Single sign-on integrations**: Connect Bitwarden with leading identity providers for seamless authentication. - **Directory integrations**: Synchronize users and groups effortlessly from your directory services. - **Event monitoring integrations**: Link Bitwarden with your preferred SIEM tools for enhanced monitoring and analysis. - **Multi-factor authentication (MFA) integrations**: Add an extra layer of security with various MFA options. - **Email alias integrations**: Simplify privacy with integrated email alias providers. - **Bitwarden Secrets Manager integrations**: Securely integrate your CI/CD pipelines and infrastructure with Bitwarden Secrets Manager. ### Where can I learn about Bitwarden security and architecture? For information on the Bitwarden approach to security and underlying architecture (including data flow diagrams) see: - [Bitwarden Architecture presentation in Google Slides ](https://docs.google.com/presentation/d/e/2PACX-1vQ6TYugqWe341Df0_HHpr--9s8TfL8B2KsNWKRI1zKZYDQ9kkxi_eIubeOsgb4RouxmwXbO_UzgQRUr/pub?start=false&loop=false&delayms=3000) - [Bitwarden Security Whitepaper](https://bitwarden.com/it-it/help/bitwarden-security-white-paper/) ### What is the difference between Bitwarden Secrets Manager and Bitwarden Password Manager? Bitwarden Secrets Manager is built for developer teams to centrally store, manage, and deploy privileged secrets. Secrets Manager is tailored for infrastructure secrets and is supported only by the web app and the CLI clients. If you are looking to help your employees manage their personal credentials, check out [Bitwarden Password Manager](https://bitwarden.com/it-it/products/business/). ### How does Bitwarden Secrets Manager support agentic AI? Bitwarden Secrets Manager enables teams to securely provision AI agent access to pre-determined development secrets to use in scripts and CI/CD pipelines. By replacing plaintext API keys and other secrets with Bitwarden generated secret ID strings, you can help prevent AI agents from gaining unauthorized access to credentials and ecosystems. Learn more about [how to use Bitwarden Secrets Manager to protect environment variables from agent access](https://bitwarden.com/it-it/blog/secure-ai-agent-access-with-secrets-manager/). ### Che cos'è Bitwarden Access Intelligence? Bitwarden Access Intelligence è una soluzione completa progettata per proteggere l'intera organizzazione dai rischi legati alle credenziali. Con Bitwarden Access Intelligence, puoi identificare in modo proattivo i rischi relativi alle credenziali, dare priorità alle applicazioni critiche, guidare i dipendenti nell'aggiornamento delle password e misurare i miglioramenti della sicurezza. ### In che modo Bitwarden protegge le credenziali della mia azienda? Bitwarden protegge le credenziali aziendali tramite diverse funzionalità chiave: 1. Crittografia end-to-end: Bitwarden offre un vault sicuro con crittografia end-to-end per archiviare e condividere credenziali come nomi utente, password e altri dati sensibili. In questo modo, solo gli utenti autorizzati possono decrittografare e accedere alle informazioni usando la propria password principale. 2. Gestione delle password: Bitwarden aiuta le aziende a gestire le password consentendo ai dipendenti di generare, archiviare e condividere password forti e univoche. È fondamentale per proteggersi dalle violazioni dei dati, soprattutto se combinato con l'autenticazione a due fattori (2FA). 3. Funzionalità di sicurezza: Bitwarden offre report sullo stato del vault per rilevare credenziali a rischio, come password esposte, riutilizzate o deboli. Questo consente agli amministratori IT di avvisare i dipendenti e sostituire le credenziali deboli con credenziali forti e univoche usando il generatore di password integrato. 4. Single Sign-On (SSO) e autenticazione a più fattori (MFA): Bitwarden si integra con provider SSO come Duo, aumentando la sicurezza riducendo il numero di password che i dipendenti devono gestire e offrendo livelli di autenticazione aggiuntivi. 5. Controlli amministrativi: Bitwarden consente controlli amministrativi completi, permettendo alle organizzazioni di gestire le credenziali a livello centralizzato pur mantenendo un utilizzo orientato all'utente. Include funzionalità di monitoraggio e reportistica per tracciare l'uso e la sicurezza delle credenziali. 6. Gestione del ciclo di vita delle credenziali: Bitwarden offre strumenti per gestire l'intero ciclo di vita delle credenziali, dalla creazione all'eliminazione, garantendo che siano gestite in modo sicuro e che l'accesso venga revocato quando non è più necessario. ### Bitwarden è conforme agli standard normativi? Sì, Bitwarden è conforme a diversi standard normativi. Aderisce agli standard di sicurezza del settore e possiede certificazioni come ISO 27001, SOC 2 Type II e SOC 3. Bitwarden è inoltre conforme alle normative sulla privacy, come il Regolamento generale sulla protezione dei dati (GDPR), il California Consumer Privacy Act (CCPA) e l'Health Insurance Portability and Accountability Act (HIPAA). Inoltre, Bitwarden è conforme al Data Privacy Framework (DPF), precedentemente noto come Privacy Shield, garantendo il trasferimento sicuro dei dati personali. ### Possiamo ospitare Bitwarden autonomamente per avere il pieno controllo dei dati? Sì, puoi ospitare Bitwarden autonomamente per avere il pieno controllo sui tuoi dati. Il self-hosting ti consente di gestire le credenziali aziendali e criteri di sicurezza personalizzati sul tuo server. Questa configurazione offre una vera sovranità dei dati, permettendoti di applicare il tuo modello di sicurezza, controllare i backup e garantire la disponibilità in base alle tue esigenze specifiche. Puoi posizionare la tua installazione di Bitwarden dietro un proxy, un firewall e altre misure di protezione per una maggiore sicurezza dei dati. Ospitare Bitwarden autonomamente è particolarmente vantaggioso per le organizzazioni con requisiti rigorosi di conformità dei dati, poiché consente di soddisfare specifiche politiche di conformità e di residenza interna dei dati. Offre inoltre la flessibilità di integrarsi con l'infrastruttura IT esistente, inclusi servizi di directory e provider di identità. Tuttavia, richiede risorse tecniche e competenze per gestire la manutenzione del server, la sicurezza e gli aggiornamenti. ### Bitwarden si integra con i servizi di directory? [Directory Connector](https://bitwarden.com/it-it/help/directory-sync/) (applicazione scaricabile disponibile per tutti i piani aziendali) interroga la directory di origine ed esegue il provisioning e il deprovisioning di utenti, gruppi e associazioni. [SCIM](https://bitwarden.com/it-it/help/about-scim/) (disponibile nel web vault per i piani aziendali) invia automaticamente gli aggiornamenti a Bitwarden per effettuare il provisioning o revocare l'accesso degli utenti. - [https://bitwarden.com/help/directory-sync/](https://bitwarden.com/it-it/help/directory-sync/) - [https://bitwarden.com/help/about-scim/](https://bitwarden.com/it-it/help/about-scim/) ### Quali criteri possono applicare gli amministratori? Gli amministratori di Bitwarden possono applicare [criteri aziendali](https://bitwarden.com/it-it/help/policies/#what-are-enterprise-policies/), tra cui requisiti di complessità della password principale, obbligo di autenticazione a due fattori, restrizioni sull'uso del vault personale, impostazioni del generatore di password, limitazioni a una singola organizzazione, controlli sull'esportazione del vault, requisiti di autenticazione SSO, opzioni di recupero dell'account e applicazione dell'accesso senza password. I criteri vengono configurati prima dell'onboarding degli utenti e si applicano a tutta l'organizzazione per mantenere gli standard di sicurezza. ### Bitwarden è sottoposto ad audit? Bitwarden conduce regolarmente audit di sicurezza completi da parte di terzi con importanti società di sicurezza. Questi audit annuali includono valutazioni del codice sorgente e penetration test su IP, server e applicazioni web di Bitwarden. [Scopri di più >](https://bitwarden.com/it-it/help/is-bitwarden-audited/)