Security
Security

Emails from Bitwarden

Like using strong passwords, avoiding suspicious emails is an important tool in your online security toolkit. We recommend familiarizing yourself with these FTC Guidelines for spotting and avoiding phishing.

Here are some guidelines to help you determine whether an email that looks like it's from Bitwarden is legitimate:

Automated emails

Product interaction emails

Emails such as new device alerts, invitations to join an organization, and two-step login codes will come from no-reply@bitwarden.com or, if you are self-hosting, a configured domain like no-reply@my.domain.com.

These emails will never contain attachments. If you are prompted to download a file, please report the email to us.

Some of these emails, such as organization invites, will contain buttons. Always check the validity of the hyperlink before clicking on it by confirming that it leads to https://vault.bitwarden.com or your organization's self-hosted domain. If you don't know your organization's domain, ask a member of your IT team or an administrator.

Invitation Window  |
Invitation Window

Payments emails

Automated payments emails for individual premium and paid organizations subscriptions will come from an @stripe.com address, like invoice+statements+acct_xxxxxxxxxxx@stripe.com.

These emails will contain attachments, specifically PDF invoices and receipts.

Opt-in emails

While you will receive automated emails as part of everyday use of Bitwarden, you might also receive emails from the following addresses if you have interacted with various parts of the Bitwarden ecosystem:

  • Support requests will be received from support@bitwarden.com.

  • Product announcements will be received from productupdates@bitwarden.com.

  • Trial information will be received from trial@bitwarden.com.

  • Marketing campaigns will be received from marketing@bitwarden.com.

  • Emails from members of the Bitwarden team will be received from @bitwarden.com email addresses.

© 2023 Bitwarden, Inc.
利用規約プライバシーポリシーサイトマップ