Admin ConsoleLogin with SSO

Add a Trusted Device

When you become a member of an organization, the device you log in with for the first time will automatically be registered as a trusted device. Once this occurs, all you'll need to do to log in to Bitwarden and decrypt your vault data is complete your company's established single sign-on flow.


Devices will be trusted by default when you log in on them. It is highly recommended that you uncheck the Remember this device option when logging in on a public or shared device.

When you log into a new device however, you'll need to approve, or trust, that device. There are a few methods for doing so:

  • Approve from another device: If you have another Bitwarden Password Manager mobile app or desktop app you're currently logged in to, you can approve the new device from there, similar to login with device.


    We recommend trusting a mobile or desktop app first, as this will allow you to use the Approve from another device option to add subsequent devices.

  • Request admin approval: You can send a device approval request to admins and owners within your organization for approval. You must be enrolled in account recovery to request admin approval, though you may have been automatically enrolled when you joined the organization. In many cases, this will be the only option available to you (learn more).

    Request admin approval
    Request admin approval


    If you use this option, you'll get an email informing you to continue logging in on the new device. You must take action by logging in to the new device within 12 hours, or the approval will expire.

  • Approve with master password: If you are an admin or owner, or joined your organization before SSO with trusted devices was implemented, and therefore still have a master password associated with your account, you can enter it to approve the device.

    Approve with master password
    Approve with master password

Once the new device becomes trusted, all you'll need to do to log in to Bitwarden and decrypt your vault data is complete your company's established single sign-on flow.

Remove a trusted device

Devices will remain trusted until:

  • The application or extension is uninstalled.

  • The web browser's memory is cleared (web app only).

  • The user's encryption key is rotated.


Only users who have a master password can rotate their account encryption key. Learn more.

Make a Suggestion to this Article...*
Email (optional)


技術的な事項や請求、製品、およびファミリー / プレミアムプランに関するご質問がある場合はお気軽にお問い合わせください。

Verify account email*
Are you self-hosting?*

© 2023 Bitwarden, Inc.利用規約プライバシーポリシーサイトマップ