Bitwarden Cybersecurity Experts

Cybersecurity advice you can trust, delivered by experts with perspectives built on decades of experience in the field. Bitwarden provides an open source, global, leading password manager, secrets manager, and Passwordless.dev, which enables developers to build FIDO2 Webauthn applications with ease, speed, and security.

Michael Crandell is the chief executive officer at Bitwarden driving overall company strategy and growth. Before Bitwarden, Michael was the CEO and co-founder of RightScale where he led the vision and direction for the company as a cloud management platform during the first decade of cloud computing. He grew the company to 250 employees and a successful exit to Flexera in 2018. Prior to RightScale, Michael served as chief executive officer at several Internet software-as-a-service (SaaS) companies and as vice president of software and executive vice president at eFax.com, where he was part of the executive team that took the company public. Michael received his bachelor’s degree from Stanford University and completed graduate studies at Harvard University. He began his career as a software engineer, self-taught, coding in assembly language.

Areas of Expertise

• Open source security software 

• Password and secrets management

• Passwordless technology

• Phishing scams

• Developer secrets

• Making security a priority at work

By Michael Crandell

Byline: “Here are a few ’exercises’ you can practise to increase your overall digital fitness, starting with using a password manager. Just like physical fitness, it’s not about doing any one thing, but employing a combination of healthy habits to outpace bad actors.” - Global Security Magazine

Podcast: Protecting passwords through open-source software on the Sand Hill Road 

Comment: “Our survey shows businesses are looking beyond passwords and desire new technologies that reflect passwordless workflows, which shouldn’t come as a surprise. While strong and unique passwords are highly effective at safeguarding data, weak or re-used passwords that are not managed by an end-to-end encrypted password manager present serious vulnerabilities. The Bitwarden approach takes into account this evolution but also reflects that adoption timelines vary by company, technology, and end-user preference and that security remains the paramount goal for individuals and enterprises alike.” - Business Leader

See below for a comprehensive list of Bitwarden commentary.

About

Gary Orenstein is the chief customer officer at Bitwarden leading the go to market efforts across customer success, marketing, and sales. Before Bitwarden, Gary served in executive marketing and product roles at enterprise infrastructure companies Yellowbrick Data and MemSQL, and flash memory pioneer, Fusion-io which went public during his tenure there. Earlier in his career he led marketing at Compellent which after its IPO was acquired by Dell. Gary holds a bachelor’s degree from Dartmouth College and a master’s in business administration from The Wharton School at the University of Pennsylvania.

Areas of Expertise

• Federal cybersecurity policy

• Password and secrets management

• Passwordless technology

• Credential management for blockchain and cryptocurrency

• Social engineering attacks and how to prepare your team to stay safe

• Personal identity protection

• Enterprise identity and access management

By Gary Orenstein

Byline: “Social engineering-centric cyber criminals are savvy. With these tips, businesses can be too.” - Gary Orenstein; Security Magazine

Podcast: Building a healthy password management ecosystem on Apple @ Work - Gary Orenstein; 9to5Mac

Comment: “When selecting a password manager, choose one that works across all of your platforms and devices and encrypts all of the data in your vault. And be sure that you choose a strong and unique main password for your password manager itself, to keep your credentials secure.” - Gary Orenstein; CyberNews

See below for a comprehensive list of Bitwarden commentary.

Check out The Survey Room for Bitwarden original research and analysis from both independent sources and the Bitwarden community.

Visit the Media Spotlight for reviews and press highlights or the Newsfeed for the most recent Bitwarden coverage.

Stay tuned for upcoming Events or watch past event replays.

For detailed accounts of how Bitwarden has impacted businesses, explore Bitwarden success stories.

Comment: “The limitation of browser-based password managers is that they work only within a walled garden. If you ever need to operate in another browser, or some environment where that browser doesn’t reach, you’re out of luck.” - Michael Crandell; PCMag

Comment: “When selecting a password manager, choose one that works across all of your platforms and devices and encrypts all of the data in your vault. And be sure that you choose a strong and unique main password for your password manager itself, to keep your credentials secure.” - Gary Orenstein; CyberNews

Podcast: Building a healthy password management ecosystem on Apple @ Work - Gary Orenstein; 9to5Mac

Podcast: Protecting passwords through open-source software on the Sand Hill Road - Michael Crandell

Byline: “Here are a few ’exercises’ you can practise to increase your overall digital fitness, starting with using a password manager. Just like physical fitness, it’s not about doing any one thing, but employing a combination of healthy habits to outpace bad actors.” - Michael Crandell; Global Security Magazine

Byline: “Cybersecurity has become too big of an issue to ignore, especially with critical infrastructure at risk. The White House will release its cyber strategy around the turn of the year, laying the groundwork for national and individual state changes. We can expect to see data-centric cyber approaches within the government’s framework, urging businesses and organisations to ensure data is bound up within their core security architecture.” - Gary Orenstein; Technology Dispatch

Byline: “As temperatures rise in Washington over how much control tech behemoths have over the dissemination of information and more antitrust legislation intending to claw back Big Tech’s power, consumers will grow increasingly wary of handing over information to social media sites.” - Gary Orenstein; dot.LA

Comment: “Our survey shows businesses are looking beyond passwords and desire new technologies that reflect passwordless workflows, which shouldn’t come as a surprise. While strong and unique passwords are highly effective at safeguarding data, weak or re-used passwords that are not managed by an end-to-end encrypted password manager present serious vulnerabilities. The Bitwarden approach takes into account this evolution but also reflects that adoption timelines vary by company, technology, and end-user preference and that security remains the paramount goal for individuals and enterprises alike.” - Michael Crandell; Business Leader

Podcast: When Worlds Collide: Dealing with passwords, identity, and devices, as employees’ work and home lives blur together on Security Weekly - Gary Orenstein; SC Magazine 

Podcast: The role of the password, open source, and passwordless in today’s digital sphere on The Tech Talks Daily - Michael Crandell

Podcast: How Bitwarden drives collaboration, increases security, and boosts productivity with the power of its open source community on The Security Podcast of Silicon Valley - Michael Crandell

Byline: “Social engineering-centric cyber criminals are savvy. With these tips, businesses can be too.” - Gary Orenstein; Security Magazine

Byline: “Another major but easily preventable risk is a reliance on weak passwords due to the default behaviour of many individuals towards easy to remember and reused passwords when not given the proper tools.” - Gary Orenstein; TechNative

Comment: “While that may not seem high at first glance, it is a strikingly large percentage considering how destructive data leaks can be from a reputational, logistical and financial standpoint. Fortunately, this is a solvable problem. Over two-thirds (71%) of U.S. respondents said employees would adopt better password practices if their companies provided them appropriate tools. For enterprises, this should be a no-brainer, as strong password management is proven to mitigate risk.” - Michael Crandell; My Tech Decisions

Comment: “Enterprises have always been at a heightened risk for security incidents. The majority store some combination of sensitive personal information, intellectual property, and financial information. This type of data is valuable to cybercriminals, who are aware that most employees don’t always use strong and unique passwords. Add in the remote work factor, and you’ve laid the groundwork for a password security perfect storm.” - Michael Crandell; Help Net Security

Comment: “Individuals understand they should be secure and that recognition is an important first step. But they can better protect themselves by embracing tools such as password managers that are readily available and free, [which] mitigate the need for an over-reliance on memory and password reuse across multiple sites.” - Michael Crandell; USA Today

Comment: “I am optimistic about both the direction of passwordless and the convenience that it’s bringing to people, but I’m equally optimistic about the need for cross-platform solutions. Those things combined work in Bitwarden’s favor.” - Gary Orenstein; Fast Company

Comment: Even more alarming is the study’s finding that just 32% of Americans are required to use a password at work. According to Gary Orenstein, chief customer officer at Bitwarden, the proliferation of the cloud, software-as-a-service (SaaS) and single sign-on (SSO) are all key reasons. However, passwords have still not gone away, and they won’t for a while. - Gary Orenstein; My Tech Decisions

Comment: “When it comes to cybersecurity, we are all in this together. That’s why it’s important that government agencies offer guidance across the board on one of the most accessible ways to stay secure, password management.” - Michael Crandell; Tech.co

Byline: “Passwords managers are not only beneficial for managing and protecting passwords. In some cases, they help users detect fake web pages included in malicious emails that intend to harvest users’ login credentials.” - Gary Orenstein; The FinTech Times