# Trusted Password Manager for Government and Public Sector | Bitwarden Secure your agency with compliant and trusted password and secrets management. Deploy to your own infrastructure by self-hosting or utilize an audited, secure cloud solution. --- CREDENTIAL MANAGEMENT FOR GOVERNMENT AND PUBLIC SECTOR ## Protect public sector systems from credential-based attacks ![cisco security hero.jpg](https://bitwarden.com/assets/4E5Xga3crTDDLy4Jsks6Tv/c9e6b716f951b1cf37905b4759a6cad9/cisco_security_hero.jpg) [Fale com Vendas](https://bitwarden.com/go/contact-bitwarden-sales-gov/) ## Trusted by governments and the public sector ![NASA-Logo-Large](https://bitwarden.com/assets/GmXHxB2fVxi6ee8iRUszU/5206fc150b445ac60f7afddad613d347/NASA-Logo-Large.png) ![ga state seal](https://bitwarden.com/assets/2RqqedIVGYrPp0gM6V3vUV/04df3bc239177aa69f31026ce000f23c/ga_state_seal.jpg) ![Maricopa County](https://bitwarden.com/assets/3wfPuNHlPAcpxW7W72oeFe/b6093ea2828f7ecfd4f780db06a693a8/Maricopa_County.png) ![city of albany black](https://bitwarden.com/assets/6pxwi3E0mOq8TDdskJZvfD/1587f98b9a4a0a78d861d8b3faaa1724/city_of_albany_black.svg?fm=png&w=800&q=90) “Escolhemos o Bitwarden porque ele atendeu a todos os nossos requisitos. A interface web era excelente, e o processo de migração nos permitiu implantar o Bitwarden rapidamente em toda a organização. Nunca mais olhamos para trás.” - Mark Miller | Engenheiro de Sistemas da NASA ![NASA-Logo-Large](https://bitwarden.com/assets/GmXHxB2fVxi6ee8iRUszU/5206fc150b445ac60f7afddad613d347/NASA-Logo-Large.png) ## Bitwarden helps government agencies secure the credentials that keep public systems running ### Credential security for all systems Whether using modern passkeys, SSO-integration, or password-based legacy systems, Bitwarden secures it all from one central location. ![icon-secure-devices-blue](https://bitwarden.com/assets/6hwkQEq9k9K1F3jF3YKHlw/df9d3773a9e5e7bcb6f96594fbeb2751/icon-secure-devices.png) ### Secure collaboration across departments and contractors Bitwarden lets IT grant granular, need-to-know access to the right credentials for the right people without exposing everything to everyone. ![ícone-confiança-parceiro-msp-azul-1](https://bitwarden.com/assets/6BWl4KAa8bbEBB2ooTYRxO/74fa904b88456bbefa78630d2401516b/icon-msp-partner-trust.png) ### Employee transitions covered When staff change roles or leave, shared credentials remain in the vault. Centralized ownership ensures that sensitive items stay secure and can be easily reassigned without disruption. ![ícone de administrador e usuário azul](https://bitwarden.com/assets/5pVcD8kjS0D1th1EuCeZFc/02c94dfcae8f113a2fff1e75b789131b/icon-admin-user.png) ### Security employees will actually use Intuitive interface, cross-platform compatibility, and availability in 40+ languages means high adoption across your agency. Employees take home a separate free Families plan to reinforce security habits. ![icon-training-blue](https://bitwarden.com/assets/3HuiqQJ1hF6oAxiBHBzh3t/4031fbf8f262415981ddb759cd65bf48/icon-training.png) ## Fulfill FedRAMP or GovRAMP compliance Self-host Bitwarden on your own compliant infrastructure. Bitwarden clients and apps are fully compatible with a self-hosted installation, and many government agencies use this successfully today. As a municipality responsible for securing critical systems across departments, the City of Albany needed greater control and visibility into how credentials were shared. **“We can limit access to credentials on a need-to-know, privileged basis, which is important for government agencies. On the IT side... we knew we needed to self host... to have a secure on-premises password management solution backed by a vendor dedicated to the on-premises model is of paramount importance."** — Sean Park, CIO, City of Albany ![city of albany black](https://bitwarden.com/assets/6pxwi3E0mOq8TDdskJZvfD/1587f98b9a4a0a78d861d8b3faaa1724/city_of_albany_black.svg?fm=png&w=800&q=90) ## Enterprise features for the public sector ### Enforce security policies Set organization-wide security controls, enforce least-privilege access through RBAC, and set up the core for a zero-trust security strategy ![icon-secure-enterprise-blue](https://bitwarden.com/assets/1PoW1bWdy9WXLcLG2ZAlrP/cae9154d5ca29ecc3fd7c80349f4d3d2/icon-secure-enterprise.png) ### Auditable event logs Capture detailed records of over 50 event types with timestamps, IP addresses, user identity, and client type retained indefinitely. Exportable for compliance reporting. ![icon-report-blue](https://bitwarden.com/assets/4oFSk9IOX9dJnpPf4taqdK/feb7550a379ca746d39fbbd534ec587a/icon-report.png) ### Use your existing stack Connect to your existing tools for identity services, SIEM, SCIM, SSO and more. Build your own integrations and automations with Bitwarden APIs. ![icon-api-blue](https://bitwarden.com/assets/1pANf6q3DlQt9HdYyIXClt/3ab997c069114627352c1299e7b2e05f/icon-api.png) ### Secrets management Bitwarden Secrets Manager protects developer secrets and secures AI agentic processes. Available as part of the Bitwarden portfolio. ![icon-secure-password-blue](https://bitwarden.com/assets/23sInJQTL0gvxZnXp3tiAW/6fe12543781bb7a49c88916d40082b6d/icon-secure-password.png) ### Descubra a shadow IT e reduza riscos de credenciais *Inteligência de acesso* Identifique os aplicativos usados na sua organização e proteja sua empresa de forma proativa contra riscos de credenciais. ## Why agencies at all levels trust Bitwarden ![badge-compliance-iso27001](https://bitwarden.com/assets/3Q1bRprPg8qBybfl8myUou/d60fd3aeb85668dcdb0f386d9081d1a9/badge-compliance-iso27001_1_.svg?fm=png&w=800&q=90) ![soc2-color](https://bitwarden.com/assets/5qmV5rn9DTKKMsMskBs9Cv/dc310737497ba3d1b649dcde127c8756/badge-compliance-soc2-color.webp) ![gdpr-color](https://bitwarden.com/assets/3JONk7fDxmJ78aQyIyYWHW/8f2a1809e44dbc27af335b4eebaa19b6/gdpr-compliant.webp) ![data-privacy-framework](https://bitwarden.com/assets/2nkWHG7l2ksezkL4dbMp3R/14ac3b59e6798291bbd6cad1729bc9c6/DPF-logo-certifications-page.png) ![hipaa-color](https://bitwarden.com/assets/7emd1yp1u4qICPVWm5xQ4O/6ed576b7b9e57fe684dbcd969d9d97f5/hipaa-compliant.webp) ![ccpa-color](https://bitwarden.com/assets/3BK0h7RmAmz2aXRpsCpnkF/e66d7d8a990fd1c7648364aa017c39fd/badge-compliance-ccpa-color.webp) **Meets public sector security standards**Bitwarden is certified for ISO 27001, SOC 2 Type II, and SOC 3, and supports compliance with NIST Cybersecurity Framework, NIST SP 800-63B, NERC CIP, and HIPAA requirements. **Supports the frameworks government teams are measured against**The security controls in Bitwarden support compliance with key government and critical infrastructure framework, directly addressing requirements under the NIST Cybersecurity Framework and NERC CIP. **Provides full control with self-host flexibility** Enables secure credential management on your own verified infrastructure or air-gap requirements. **Open source, third-party audited** Bitwarden code is available for anyone to inspect, and audited annually by third-party agencies. **Protects with zero-knowledge encryption** Only authorized users can access sensitive information, critical for zero-trust environments. ## Protect your agency with Bitwarden ### Enterprise *Para empresas que precisam de proteção e controle avançados.* **$6** *por mês / por usuário, cobrado anualmente* **Proteção máxima** Todos os recursos Premium e Teams, além de recursos de nível empresarial como: - Controle de acesso granular - Integração com SSO sem senha - Recuperação de conta fácil - Flexibilidade para auto-hospedagem - Remediação de riscos com o Access Intelligence [novo] - Plano Families gratuito para todos os usuários [Fale com Vendas](https://bitwarden.com/go/contact-bitwarden-sales-gov/) --- ### Request a quote *For agencies with hundreds or thousands of employees contact sales for a custom quote and see how Bitwarden can:* *per month* - Reduce cybersecurity risk - Boost productivity - Integrate seamlessly Bitwarden scales with any sized business to bring password security to your organization [Get Free Quote](https://bitwarden.com/go/contact-bitwarden-sales-gov/) --- Pricing shown in USD and based on an annual subscription. Taxes not included. ## Resources for government IT and security teams **BLOG** ### How state and local government benefits from password management With ransomware attacks on the rise the time to secure passwords is now [Read more](https://bitwarden.com/pt-br/blog/how-state-and-local-goverment-benefits-from-password-management/) **CASE STUDY** ### Órgão público migra para o Bitwarden por seu modelo de compartilhamento seguro e escalável A Cidade de Albany, no Oregon, preserva sua reputação de priorizar a segurança com gerenciamento de senhas local. [Read more](https://bitwarden.com/pt-br/resources/public-government-agency-moves-to-bitwarden/) **CASE STUDY** ### Gerenciador de senhas baseado em nuvem ou auto-hospedado: qual é melhor para uma organização? A combinação de criptografia de conhecimento zero, atualizações de segurança automáticas, arquitetura de alta disponibilidade e certificações abrangentes de conformidade torna a implantação em nuvem a escolha prática para equipes que buscam máxima seguran [Read more](https://bitwarden.com/pt-br/resources/cloud-based-password-manager-or-self-hosted/) ## Awards and Recognition ![milhões de clientes confiam no Bitwarden](https://bitwarden.com/assets/6PLCdWI1MGA3pjrDYaqlC/a94aa530aaad1fad7c4166839df9790f/millions-customers-trust-bitwarden.png) ![avaliações do Chrome e da Apple](https://bitwarden.com/assets/pnhB8Fu1vhLkbFF3iEmXa/f073ebf18f517b694270448f2dfb7b1b/chrome-apple-ratings.png) ![três selos da G2](https://bitwarden.com/assets/5B81Aj9KW1iMdSFYT87ZpC/26b03acb58973069f90a6bc1e3af7404/three-g2-badges.png) ![avaliação G2 Star Top 50](https://bitwarden.com/assets/1I86PvwiYWVVayP7kPUvka/5e53b4cb3403ac07f8d925ce85eb1344/g2-rating-start-top-50.png) ![centenas de milhares de membros da comunidade](https://bitwarden.com/assets/Xn4u9CQNuogrUx6grSLjo/617f74d213192ff2e8dcee5442ac0273/hundred-thousand-community_memebers.png) ## Frequently Asked Questions ### Is Bitwarden FedRAMP compliant? While Bitwarden itself is not certified, agencies subject to FedRAMP or GovRAMP requirements are able to deploy a self-hosted version of Bitwarden on their own compliant servers. This deployment works in offline and air-gapped environments as well. ### What reports are available for vault data? [Vault health reports](https://bitwarden.com/pt-br/help/reports/) (available on all paid plans) can be used to evaluate the security of your Bitwarden individual or organization vault and include exposed, resused, and weak passwords, unsecure websites, inactive two-step login, and data breach reports. - [https://bitwarden.com/help/reports/](https://bitwarden.com/pt-br/help/reports/) ### What encryption is used? Bitwarden uses [AES-CBC](https://bitwarden.com/pt-br/help/what-encryption-is-used/#aes-cbc/) 256-bit encryption for your Vault data, and [PBKDF2](https://bitwarden.com/pt-br/help/what-encryption-is-used/#pbkdf2/) SHA-256 to derive your encryption key. For more information, see the [Bitwarden Security Whitepaper](https://bitwarden.com/pt-br/help/bitwarden-security-white-paper/). - [https://bitwarden.com/help/what-encryption-is-used](https://bitwarden.com/pt-br/help/what-encryption-is-used/) - [https://bitwarden.com/help/bitwarden-security-white-paper/](https://bitwarden.com/pt-br/help/bitwarden-security-white-paper/) ### Does Bitwarden support Single Sign-on? (SSO) Yes, [login with SSO](https://bitwarden.com/pt-br/help/about-sso/) allows Enterprise organizations to leverage their existing Identity Provider to authenticate users with Bitwarden using the [SAML 2.0](https://bitwarden.com/pt-br/help/configure-sso-saml/) or [Open ID Connect (OIDC)](https://bitwarden.com/pt-br/help/configure-sso-oidc/) protocols. - [https://bitwarden.com/help/about-sso/](https://bitwarden.com/pt-br/help/about-sso/) - [https://bitwarden.com/help/configure-sso-saml/](https://bitwarden.com/pt-br/help/configure-sso-saml/) - [https://bitwarden.com/help/configure-sso-oidc/](https://bitwarden.com/pt-br/help/configure-sso-oidc/) ### Does Bitwarden have event logs? [Event logs](https://bitwarden.com/pt-br/help/event-logs/) are timestamped records of events that occur within your Teams or Enterprise organization. Events logs are exportable, accessible from the /events endpoint of the [Bitwarden Public API](https://bitwarden.com/pt-br/help/public-api/), and are retained indefinitely. Event logs record over 50 different types of events and captures a Timestamp for the event, client app information including application type and IP (accessed by hovering over the globe icon), the User connected to the event, and an Event description. - [https://bitwarden.com/help/event-logs/](https://bitwarden.com/pt-br/help/event-logs/) - [https://bitwarden.com/help/public-api/](https://bitwarden.com/pt-br/help/public-api/) ### What types of integrations are supported? Bitwarden supports a comprehensive set  of integrations to enhance security and streamline operations, including: - **Single sign-on integrations**: Connect Bitwarden with leading identity providers for seamless authentication. - **Directory integrations**: Synchronize users and groups effortlessly from your directory services. - **Event monitoring integrations**: Link Bitwarden with your preferred SIEM tools for enhanced monitoring and analysis. - **Multi-factor authentication (MFA) integrations**: Add an extra layer of security with various MFA options. - **Email alias integrations**: Simplify privacy with integrated email alias providers. - **Bitwarden Secrets Manager integrations**: Securely integrate your CI/CD pipelines and infrastructure with Bitwarden Secrets Manager. ### Where can I learn about Bitwarden security and architecture? For information on the Bitwarden approach to security and underlying architecture (including data flow diagrams) see: - [Bitwarden Architecture presentation in Google Slides ](https://docs.google.com/presentation/d/e/2PACX-1vQ6TYugqWe341Df0_HHpr--9s8TfL8B2KsNWKRI1zKZYDQ9kkxi_eIubeOsgb4RouxmwXbO_UzgQRUr/pub?start=false&loop=false&delayms=3000) - [Bitwarden Security Whitepaper](https://bitwarden.com/pt-br/help/bitwarden-security-white-paper/) ### What is the difference between Bitwarden Secrets Manager and Bitwarden Password Manager? Bitwarden Secrets Manager is built for developer teams to centrally store, manage, and deploy privileged secrets. Secrets Manager is tailored for infrastructure secrets and is supported only by the web app and the CLI clients. If you are looking to help your employees manage their personal credentials, check out [Bitwarden Password Manager](https://bitwarden.com/pt-br/products/business/). ### How does Bitwarden Secrets Manager support agentic AI? Bitwarden Secrets Manager enables teams to securely provision AI agent access to pre-determined development secrets to use in scripts and CI/CD pipelines. By replacing plaintext API keys and other secrets with Bitwarden generated secret ID strings, you can help prevent AI agents from gaining unauthorized access to credentials and ecosystems. Learn more about [how to use Bitwarden Secrets Manager to protect environment variables from agent access](https://bitwarden.com/pt-br/blog/secure-ai-agent-access-with-secrets-manager/). ### O que é o Bitwarden Access Intelligence? O Bitwarden Access Intelligence é uma oferta abrangente criada para proteger toda a organização contra riscos relacionados a credenciais. Com o Bitwarden Access Intelligence, identifique riscos de credenciais de forma proativa, priorize aplicativos críticos, oriente os funcionários a atualizar senhas e meça as melhorias de segurança. ### Como o Bitwarden protege as credenciais da minha empresa? O Bitwarden protege as credenciais da sua empresa por meio de vários recursos importantes: 1. Criptografia de ponta a ponta: o Bitwarden oferece um cofre seguro com criptografia de ponta a ponta para armazenar e compartilhar credenciais, como nomes de usuário, senhas e outros dados confidenciais. Isso garante que apenas usuários autorizados possam descriptografar e acessar as informações usando sua senha mestra. 2. Gerenciamento de senhas: o Bitwarden ajuda empresas a gerenciar senhas, permitindo que os funcionários gerem, armazenem e compartilhem senhas fortes e únicas. Isso é essencial para a proteção contra violações de dados, especialmente quando combinado com a autenticação de dois fatores (2FA). 3. Recursos de segurança: o Bitwarden oferece relatórios de integridade do cofre para detectar credenciais em risco, como senhas expostas, reutilizadas ou fracas. Isso permite que administradores de TI notifiquem os funcionários e substituam credenciais fracas por credenciais fortes e únicas usando o gerador de senhas integrado. 4. Login único (SSO) e autenticação multifator (MFA): o Bitwarden integra-se a provedores de SSO como o Duo, aumentando a segurança ao reduzir o número de senhas que os funcionários precisam gerenciar e fornecer camadas adicionais de autenticação. 5. Controles administrativos: o Bitwarden permite controles administrativos abrangentes, possibilitando que as organizações gerenciem credenciais de forma centralizada e, ao mesmo tempo, mantenham o uso centrado no usuário. Isso inclui recursos de monitoramento e relatórios para acompanhar o uso e a segurança das credenciais. 6. Gerenciamento do ciclo de vida das credenciais: o Bitwarden fornece ferramentas para gerenciar todo o ciclo de vida das credenciais, da criação à exclusão, garantindo que elas sejam gerenciadas com segurança e que o acesso seja revogado quando não for mais necessário. ### O Bitwarden está em conformidade com normas regulatórias? Sim, o Bitwarden está em conformidade com diversas normas regulatórias. Ele segue padrões de segurança do setor e possui certificações como ISO 27001, SOC 2 Tipo II e SOC 3. O Bitwarden também está em conformidade com regulamentações de privacidade, como o Regulamento Geral de Proteção de Dados (GDPR), a Lei de Privacidade do Consumidor da Califórnia (CCPA) e a Lei de Portabilidade e Responsabilidade de Seguros de Saúde (HIPAA). Além disso, o Bitwarden cumpre o Data Privacy Framework (DPF), anteriormente conhecido como Privacy Shield, garantindo a transferência segura de dados pessoais. ### Podemos hospedar o Bitwarden por conta própria para ter controle total dos dados? Sim, você pode hospedar o Bitwarden por conta própria para ter controle total sobre seus dados. A auto-hospedagem permite gerenciar credenciais empresariais e políticas de segurança personalizadas no seu próprio servidor. Essa configuração oferece verdadeira soberania dos dados, permitindo aplicar seu próprio modelo de segurança, controlar backups e garantir a disponibilidade de acordo com suas necessidades específicas. Você pode colocar sua instalação do Bitwarden atrás de um proxy, firewall e outras proteções para aumentar a segurança dos dados. Hospedar o Bitwarden por conta própria é especialmente vantajoso para organizações com requisitos rigorosos de conformidade de dados, pois permite atender a políticas específicas de conformidade e residência interna de dados. Também oferece flexibilidade para integração com sua infraestrutura de TI existente, incluindo serviços de diretório e provedores de identidade. No entanto, exige recursos técnicos e experiência para gerenciar manutenção do servidor, segurança e atualizações. ### O Bitwarden se integra a serviços de diretório? [Directory Connector](https://bitwarden.com/pt-br/help/directory-sync/) (aplicativo para download disponível em todos os planos empresariais) consultará o diretório de origem e provisionará e desprovisionará usuários, grupos e associações. [SCIM](https://bitwarden.com/pt-br/help/about-scim/) (disponível no cofre web para planos empresariais) enviará atualizações automaticamente ao Bitwarden para provisionar ou revogar usuários. - [https://bitwarden.com/help/directory-sync/](https://bitwarden.com/pt-br/help/directory-sync/) - [https://bitwarden.com/help/about-scim/](https://bitwarden.com/pt-br/help/about-scim/) ### Quais políticas os administradores podem aplicar? Os administradores do Bitwarden podem aplicar [políticas corporativas](https://bitwarden.com/pt-br/help/policies/#what-are-enterprise-policies/), incluindo requisitos de complexidade da senha mestra, obrigatoriedade de autenticação de dois fatores, restrições ao uso do cofre pessoal, configurações do gerador de senhas, limitações a uma única organização, controles de exportação do cofre, requisitos de autenticação via SSO, opções de recuperação de conta e imposição de login sem senha. As políticas são configuradas antes da integração dos usuários e se aplicam a toda a organização para manter os padrões de segurança. ### A Bitwarden é auditada? A Bitwarden realiza regularmente auditorias de segurança abrangentes feitas por terceiros com empresas de segurança renomadas. Essas auditorias anuais incluem avaliações do código-fonte e testes de penetração em IPs, servidores e aplicações web da Bitwarden. [Saiba mais >](https://bitwarden.com/pt-br/help/is-bitwarden-audited/)