Bitwarden Security Impact Report
Enterprise proof points: Password management leads to better security
- リソース
- Bitwarden Security Impact Report
Download the summary presentation here
Executive summary
Bitwarden offers the easiest and safest way for enterprises, teams, and individuals to store and share login credentials and sensitive information from any device. Trusted by millions of users, Bitwarden protects online information with end-to-end encryption and a trusted open-source architecture. Bitwarden also supports global accessibility for more than 50 languages.
Bitwarden Password Manager empowers administrators to securely grant credential access and sharing across their workforce, monitor and manage credential usage and vulnerabilities via Bitwarden vault health reports, and securely store and sync all login credentials – including passwords, passkeys or passphrases – in the cloud.
In 2024, Bitwarden surveyed enterprise end users and IT admins about the impact Bitwarden Password Manager has had on their lives and organizations.
Key findings:
96% of all respondents say Bitwarden has improved their security posture
88% of admins using Bitwarden are rolling out regular password security training
81% of all customers have reduced reused passwords since using Bitwarden
45% say they’ve eliminated more than 15 reused passwords
Overall, respondents said that Bitwarden helps them:
Mitigate security risks
Improve overall security culture
Identify and fix exposed and reused passwords
Bitwarden mitigates security risks
Key finding: 96% of all respondents say Bitwarden has improved their security posture
For IT administrators and end-users alike, passwords remain one of the biggest security risks. If an attacker can discover a user’s password, it could give them access to everything the user can do on their computer — and the company’s network. That, in turn, could lead to a host of threats, ranging from data theft to ransomware.
Attackers can use several avenues of attack. Passwords that are weak (too short or too easy to guess) are subject to brute-force attacks, where the hackers simply try many different common passwords in quick succession until something works.
Reused passwords introduce another layer of weakness. If a user has the same password for multiple services — which is common, because people find it hard to memorize many different passwords — then an attacker has only to get one password and they suddenly have access to many resources.
Finally, if a password has been cracked or stolen, it may wind up on a list of known passwords shared with other hackers. Unless the user changes the password, these compromised passwords allow any number of hackers access to the user’s account.
With Bitwarden, users have multiple options they can use to eliminate at-risk passwords, including the Bitwarden password and passphrase generator for strong and unique passwords for every website, or by creating passkeys for sites where they are supported.
Fortunately, the vast majority (96%) of all respondents — end-users and IT admins alike — say Bitwarden has been able to improve their security posture, reducing the number of weak, reused, and compromised passwords.
More than three-fifths of IT admins reported that their organization has mitigated security risks and that they have been able to prevent breaches using Bitwarden. In addition, many have been able to reduce known security threats.
“Bitwarden has become an invaluable tool in our corporate security infrastructure. And it’s intuitive, easy to use, deploy and manage.” — IT admin at CoreTec Pro
Bitwarden improves security culture
Key finding: 88% of admins using Bitwarden are rolling out regular password security training
Password security training is essential for maintaining a strong security posture. Without training, employees will choose passwords that are too easy to guess, like simple sequences of numbers, the word “password,” or their own birthdates.
As the U.S. Cybersecurity and Infrastructure Security Agency (CISA) says, choosing a simplistic password that is easy for attackers to guess is “like locking the door but leaving the key in the lock.”
Passwords need to be:
Long enough that they’re difficult to crack (16 characters is great)
Comprised of a random string of numbers or a passphrase made out of random words
Unique (not used for more than one account)
Regular employee training is key for helping employees understand the importance of good passwords and the criteria that they need to use when choosing a password.
Because it’s difficult to think of and remember good passwords for the vast number of accounts people have today, a password manager like Bitwarden is crucial.
Many IT admins have found that deploying Bitwarden facilitates training and reinforcement of good password policies. Since rolling out Bitwarden, 88% of IT admins surveyed say they have already incorporated regular password security training in their organizations, or plan to do so soon.
“Storing credentials using Bitwarden has been a godsend. It’s made it very easy to find what we need and also makes for easy password changes, tightening our security posture. By storing credentials, we were able to do a complete credential refresh across the business, which removed multiple repeatedly used passwords.” — IT admin at thechange.co.uk
Bitwarden reduces exposed and reused passwords
Key finding: 81% of respondents have reduced the number of reused passwords in their organization
Compromised passwords are among the greatest security threats facing any organization. These are passwords obtained by attackers, either through brute-force attacks, guessing, hacking, or other means.
According to the 2024 Verizon Data Breach Investigations Report, 98% of all web application attacks in 2023 happened because of weak or stolen passwords (77% via stolen credentials and 21% via brute force attacks, which usually leverage easily guessable passwords).
Once stolen, passwords often appear in online marketplaces — the Verizon report authors found thousands of users’ passwords offered for sale per day, for about $10 each, often appearing within a day of when they were stolen.
People who reuse their passwords multiply the problem. Once a password is stolen, it then renders all of the accounts where it’s used vulnerable.
While some big tech companies, such as Google and Apple, now offer warnings if they detect a password that has appeared in one of these marketplaces, organizations need a more comprehensive solution. That’s where Bitwarden comes in. Through comprehensive password management, IT admins and end users can discover which of their passwords might have been exposed in a data breach — and which are being reused.
As a result, more than four-fifths (81%) of Bitwarden customers have been able to reduce the number of reused passwords. Almost half (45%) say they’ve eliminated more than 15 reused passwords, and 16.5% say they’ve been able to eliminate more than 45. What’s more, 11% of IT admins say they’ve been able to identify and eliminate more than 12 compromised passwords. That’s a big impact!
“It was eye-opening and alarming for users to see how many times they used the same password. After we implemented Bitwarden, we updated the frequency and complexity of our domain accounts. We also required the use of stronger and unique passwords and increased the frequency of password rotation.” — IT team at RiverStreet Networks
Take control of your security
Bitwarden has a large, positive impact on both end-users and the organizations that use it. Respondents to our survey noted that it helps them mitigate security risks, improve their overall security culture, and identify and fix passwords that have been compromised or that are being reused.
IT admins appreciated the way that Bitwarden improves their organization’s security posture, facilitates user education, and gives them more control.
For IT admins, here are the top benefits they cited:
Reducing security threats by giving me more control over my credentials and logins
Enabling me to have strong and unique passwords across all my accounts
End-users also appreciate the security and control Bitwarden gives them. The top benefits cited by end users are the same, although in a different order:
Enabling me to have strong and unique passwords across all my accounts
Reducing security threats by giving me more control over my credentials and logins
In short, Bitwarden has a demonstrably positive effect on improving companies’ security posture and security culture. And both end-users and IT admins alike are enthusiastic about how it enables them to have greater control and reduce security threats.
For enterprises that are exploring passwordless authentication, Bitwarden also offers passkey management for all users, and passkey APIs and developer toolkits for developers to easily deploy passkey authentication.
To find out more about how Bitwarden can improve your organization’s security posture and culture by reducing password reuse, start a free 7-day business trial today.
About Bitwarden vault health reports
Bitwarden vault health reports leverage dark web monitoring, data breach monitoring, and other services to keep individuals and organizations secure. These reports flag exposed, compromised, reused, or weak passwords, alerting end-users and admins to the need to correct these security vulnerabilities. They also help identify any unsecured websites, sites where multifactor authentication is available but is not being used, and any data breaches associated with vault websites.
Methodology
Bitwarden surveyed enterprise customers, including end users and IT admins from June to September 2024 and received 116 responses, including 87 IT administrators and 29 end users. Follow-up questions were sent to select IT admins to ask them more specific questions about how they’re using Bitwarden.
今すぐ信頼性の高い強力なパスワードセキュリティを手に入れましょう。プランを選んでください。
無料
$0
月あたり
永遠無料
Bitwarden のボールトを取得
- 無制限のデバイス
- パスキー管理
- すべてのコア機能
- いつも無料
ボールトのアイテムを他の 1 人のユーザーと共有する
プレミアム
Less than$1
月あたり
年間10ドル請求されます
プレミアム機能をお楽しみください
- Bitwarden 認証器
- ファイル添付
- 緊急アクセス
- セキュリティ レポートなど
ボールトのアイテムを他の 1 人のユーザーと共有する
家族
$3.33
月あたり
最大 6 ユーザー、年間 $40 請求されます
あなたの家族のログインを保護してください
- 6 つのプレミアムアカウント
- 無制限の共有
- 無制限のコレクション
- 組織のストレージ
ボールトのアイテムを 6 人で共有する
表示されている価格は USD で、年間購読に基づいています
チーム
成長するチームのための強固な保護
$4
月額/ユーザーごとに毎年請求
同僚、部門間、または全社と安全に機密データを共有する
- セキュアなデータ共有
- イベントログ監視
- ディレクトリ統合
すべてのユーザーにプレミアム機能を含む
企業
大規模組織向けの高度な機能
$6
月額/ユーザーごとに毎年請求
エンタープライズ ポリシー、パスワードなしの SSO、アカウントの回復などの高度な機能を利用する。
- 容易なオンボーディング
- パスワードレスSSO
- アカウント回復
すべてのユーザー向けのプレミアム機能と補完的なファミリー プランが含まれる
見積もりを取得する
数百人または数千人の従業員を持つ企業のために、カスタム見積もりを取得するために営業に連絡し、Bitwarden がどのように役立つかを確認してください:
- サイバーセキュリティ リスクを軽減する
- 生産性を向上させる
- シームレスに統合する
Bitwarden は、パスワードのセキュリティを貴組織にもたらすために、どんな規模のビジネスにも対応する。
価格はUSDで表示されおり、年間サブスクリプションに基づきます