Register now for the Open Source Security Summit on December 7, 2023!
When LINUX systems engineer Mark Miller first joined the NASA Goddard Space Flight Center, NASA Goddard was managing passwords with a tool called Cryptvault. While a ‘good enough’ tool, it was written in ColdFusion (CFML), over 15 years old, and created by a developer who had long departed the organization. It was also locked into one system and had an associated encryption that was written for a limited 32-bit code base. When the time came for NASA Goddard to migrate away from other legacy systems, the IT team started looking for a replacement password management.
Identifying a secure, holistic way to share secure information and passwords was a critical task for teams at NASA Goddard. While government agencies have always been targets of cybercrime, particularly by nation-state actors, the 2022 SonicWall Cyber Threat Report showed a large increase in all forms of cyberattacks against the U.S. government. And, the link between weak passwords and data breaches is undeniable, with a succession of Verizon Data Breach Reports highlighting the connection. Real-world examples also prove illustrative: just look at SolarWinds and Colonial Pipeline for more evidence.
Mark’s team at NASA Goddard sought out a site that could support multiple users, offered an intuitive Web UI, and was easy to share. Also very critical was a platform that enabled local data storage. While cloud technology offers extensive benefits, it doesn’t give organizations control over their own local data. The need for local storage eliminated a lot of contenders because many password management vendors are only available in the cloud.
While the team considered building a password management tool in house, it lacked the security experience and coding expertise to pull something together. Additionally, the development team was already committed to existing projects and didn’t have the bandwidth to take on more. Cost was also a major consideration. Enter Bitwarden.
Bitwarden met all of the requirements NASA needed. It offered new, unexpected features - such as search and a password generator/passphrase generator - and encrypted storage, along with a management backend.
In the event someone leaves the organization, Bitwarden offers an excellent way to transfer information to the replacement employee. It also created a culture of ‘process’, a huge boon for the IT team. Putting a process into password management means that it becomes second nature for the team, as they grow accustomed to inputting their passwords into the password manager in a coherent and organized fashion. It also obviated the need to save credentials across systems and browsers.
In the future, the team is eager to make use of the Bitwarden SSO enterprise integration. It is also considering whether organization devices - such as phones used onsite - are eligible for Bitwarden. Lastly, it is considering expansion possibilities for other NASA divisions.
“Passwords are here to stay,” said Miller. “They are not going anywhere. There are just too many service accounts or API keys or other secure credentials that need to be shared within an organization in order to keep that organization operational.”
Choose the plan that fits your needs
Get a Bitwarden vault
- Unlimited devices
- Passkey management
- All the core functions
- Always free
Share vault items with one other user
$10 billed annually
Enjoy premium features
- Bitwarden Authenticator
- File attachments
- Emergency access
- Security reports and more
Share vault items with one other user
Up to 6 users, $40 billed annually
Secure your family logins
- 6 premium accounts
- Unlimited sharing
- Unlimited collections
- Organization storage
Share vault items between six people
Pricing shown in USD and based on an annual subscription
Powerful security for up to 10 users
per month for 10 users
Securely share and manage sensitive credentials and data across smaller teams.
Includes premium features for all 10 users
Advanced capabilities for larger organizations
per month/per user
Utilize advanced features including enterprise policies, passwordless SSO, and account recovery.
Includes premium features and complimentary families plan for all users
Get a quote
For companies with hundreds or thousands of employees contact sales for a custom quote and see how Bitwarden can:
- Reduce cybersecurity risk
- Boost productivity
- Integrate seamlessly
Bitwarden scales with any sized business to bring password security to your organization
Pricing shown in USD. Enterprise plan based on annual subscription