Awesome Privacy

Bitwarden

bitwarden.com
Awesome PrivacyEssentialsPassword ManagersBitwarden
Bitwarden Icon

Fully-featured, open source password manager with cloud-sync. Bitwarden is easy-to-use with a clean UI and client apps for desktop, web and mobile. See also Vaultwarden, a self-hosted, Rust implementation of the Bitwarden server and compatible with upstream Bitwarden clients.

Open Source

Bitwarden Privacy Policy

Privacy Policy Summary

  • You have the right to leave this service at any time
  • This service keeps user logs for an undefined period of time
  • Users agree to comply with the law of the service's country
  • This service does not sell your personal data
  • The service does not guarantee accuracy or reliability of the information provided
  • The service provider makes no warranty regarding uninterrupted, timely, secure or error-free service
  • The service provides two factor authentification for your account
  • You are responsible for maintaining the security of your account and for the activities on your account
  • This service can share your personal information to third parties
  • Tracking pixels are used in service-to-user communication
  • The service is transparent regarding government requests or inquiries that may involve user data.
  • The user is informed about security practices
  • The services will notify users if personal data has been affected by data breaches
  • This service requires first-party cookies, which are cookies that only belong to the domain of the service and not a third party.
  • This service holds onto content that you've deleted
  • very broad term possibly violating copyright law
  • The service can sell or otherwise transfer your personal data as part of a bankruptcy proceeding or other type of financial transaction.
  • Third parties may be involved in operating the service
  • Promises will be kept after a merger or acquisition
  • Your personal data is given to third parties
  • The service promises to inform and/or notify users regarding government inquiries that may involve users' personal data
  • Your data may be processed and stored anywhere in the world
  • They may stop providing the service at any time
  • Users should revisit the terms periodically, although in case of material changes, the service will notify
  • This service does not guarantee that it or the products obtained through it meet the users' expectations or requirements
  • The service does not guarantee that software errors will be corrected
  • The service can suspend or terminate your access to all or any part of the Website and refuse service to anyone for any reason at any time
  • Your personal data is aggregated into statistics
  • This service ignores the Do Not Track (DNT) header and tracks users anyway even if they set this header.
  • This service gathers information about you through third party analytics and service providers (such as Google Analytics)
  • Blocking cookies may limit your ability to use the service
  • This service throttles your use
  • This service prohibits users from attempting to gain unauthorized access to other computer systems
  • You can delete your content from this service
  • This service gives your personal data to third parties involved in its operation
  • The court of law governing the terms is in California, USA
  • This service assumes no liability for any losses or damages resulting from any matter relating to the service
  • You are tracked via web beacons, tracking pixels, browser fingerprinting, and/or device fingerprinting
  • Third-party cookies are used for statistics
  • Information is provided about how your personal data is used
  • Some personal data may be kept for business interests or legal obligations
  • Information is provided about what kind of information they collect
  • Information is provided about how they collect personal data
  • Extra data may be collected about you through promotions
  • You agree to defend, indemnify, and hold the service harmless in case of a claim related to your use of the service
  • Users are responsible for any risks, damages, or losses they may incur by downloading materials
  • The service is provided 'as is' and to be used at the users' sole risk
  • This service is only available to users of age 13 and up
  • Features of the website are made available under a free software license (AGPL) v3.0
  • The terms for this service are easy to read
  • Your personal data may be sold or otherwise transferred as part of a bankruptcy proceeding or other type of financial transaction
  • You are entitled to a refund if certain thresholds or standards are not met by the service
  • You authorise the service to charge a credit card supplied on re-occurring basis
  • You should revisit the terms periodically, although in case of material changes, the service will notify

Score

C

Documents

Domains Covered by Policy

  • bitwarden.com
  • bitwarden.eu
  • passwordless.dev

About the Data

This data is kindly provided by tosdr.org. Read full report at: #1348

Bitwarden Source Code

Author

bitwarden

Description

The core infrastructure backend (API, database, Docker, etc).

#api#aspnet#aspnetcore#bitwarden#csharp#docker#dotnet#dotnet-core#signalr#sql#sql-server

Homepage

https://bitwarden.com

License

NOASSERTION

Created

23 Nov 15

Last Updated

29 Apr 24

Latest version

v2024.4.1

Primary Language

C#

Size

27,674 KB

Stars

14,351

Forks

1,199

Watchers

14,351

Language Usage

Language Usage

Star History

Star History

Top Contributors

Recent Commits

  • SmithThe4th (29 Apr 24)

    get updated cipher and used that in the response model (#4030)

  • renovate[bot] (29 Apr 24)

    [deps] Auth: Update del to v6.1.1 (#3607) * [deps] Auth: Update del to v6.1.1 * fix bootstrap --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Ike Kottlowski <[email protected]> Co-authored-by: Ike <[email protected]>

  • Thomas Rittson (29 Apr 24)

    Fix migration script date to be merge date (#4028)

  • Thomas Rittson (29 Apr 24)

    [AC-2172] Member modal - limit admin access (#3934) * update OrganizationUsersController PUT and POST * enforces new collection access checks when updating members * refactor BulkCollectionAuthorizationHandler to avoid repeated db calls

  • Ike (27 Apr 24)

    target bootstrap v4.6.2 (#4024)

  • SmithThe4th (26 Apr 24)

    Changed PutCollections response model to return collection ids (#4023)

  • Rui Tomé (26 Apr 24)

    [AC-1978] Flexible collections: EF data migrations for deprecated permissions (#3969) * [AC-1682] Added MySql migration and script (cherry picked from commit d367f6de6b65343f1e99c9cf928e77215b13c34d) * [AC-1682] Added Postgres migration and script (cherry picked from commit 9bde1604da8432a6066fc6b48e88738fdc171869) * [AC-1682] Added Sqlite migration and script (cherry picked from commit 262887f9c3e484d5de856b715ee3c40092b4eb5f) * [AC-1682] dotnet format (cherry picked from commit 00eea0621c7c1092ea51c936fe2e7389a46109b9) * [AC-1682] Fixed Sqlite query (cherry picked from commit 26f5bf8afdf7607d01d56be8ba880ae592a127fc) * [AC-1682] Drop temp tables if they exist when starting the scripts (cherry picked from commit c20912f95c237da671a69eba0e39e5449a1a6d60) * [AC-1682] Removed MySql transaction from script because EF migration already wraps it under its own transaction (cherry picked from commit 7b54d78d6755788cabcc035f293af04881b0015a) * [AC-1682] Setting FlexibleCollections = 1 only for Orgs that had data migrated in previous steps (cherry picked from commit 28bba94d81d3c1a2515882b40829170b42096026) * [AC-1682] Updated queries to check for OrganizationId (cherry picked from commit a957530d5ed9caaa42fae6901fceb83b93ae99ce) * [AC-1682] Fixed MySql script (cherry picked from commit deee483ab7037f46233ca0802d1fcc698aa4d3d4) * [AC-1682] Fixed Postgres query (cherry picked from commit c3ca9ec3c8de625a5cf560c76474ee03eb1a50b2) * [AC-1682] Fix Sqlite query (cherry picked from commit fada0a81bf21b89d3debda9d3b51d31b1867631f) * [AC-1682] Reverted scripts back to enabling Flexible Collections to all existing Orgs (cherry picked from commit bd3b21b9698f13f57322a1eb5bac9fd1b99f779a) * [AC-1682] Removed dropping temporary table from scripts (cherry picked from commit eb7794d592cdd782a64154068046d708d30f371b) * [AC-1682] Removed other temp table drops (cherry picked from commit 26768b7bf82fd297fafa2638f59e600e7ac093a5) * [AC-1978] Fix issue that allows the web app to have the user type Manager available (cherry picked from commit 2890f78870a8b624c0598c9c39df22c6f05eecc0) * [AC-1682] Bump dates on migration scripts --------- Co-authored-by: Thomas Rittson <[email protected]>

  • Rui Tomé (26 Apr 24)

    [AC-2323] Flexible collections: automatically migrate data for all Organizations (#3927) * [AC-2323] Added script to migrate all sql organizations to use flexible collections * [AC-2323] Overriding FlexibleCollectionsSignup to true for local usage * [AC-2323] Fix script comment * [AC-2323] Fixed typo * [AC-2323] Bump up date on migration script * [AC-2323] Bump migration script date --------- Co-authored-by: Thomas Rittson <[email protected]>

  • Alex Morask (25 Apr 24)

    Updated CB to use both flag and provider status. (#4005)

  • Thomas Avery (25 Apr 24)

    [SM-1150] Add secret sync endpoint (#3906) * Add SecretsSyncQuery * Add SecretsSync to controller * Add unit tests * Add integration tests * update repo layer

  • Alex Morask (25 Apr 24)

    Handle case where Stripe IDs do not relate to Stripe entities (#4021)

  • renovate[bot] (25 Apr 24)

    [deps] Tools: Update aws-sdk-net monorepo to v3.7.300.81 (#4019) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

  • renovate[bot] (25 Apr 24)

    [deps] Tools: Update LaunchDarkly.ServerSdk to v8.4.0 (#4020) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

  • cyprain-okeke (25 Apr 24)

    [AC-2312] Server: Update ProviderOrganizationsController.Delete to update provider plan (#4008) * initial commit Signed-off-by: Cy Okeke <[email protected]> * fix the failing unit test Signed-off-by: Cy Okeke <[email protected]> * Resolve some pr comments Signed-off-by: Cy Okeke <[email protected]> * resolves some pr comments Signed-off-by: Cy Okeke <[email protected]> * resolve the collection expression suggestion Signed-off-by: Cy Okeke <[email protected]> * resolve pr comments Signed-off-by: Cy Okeke <[email protected]> * test for when the flag is on Signed-off-by: Cy Okeke <[email protected]> * rename the test Signed-off-by: Cy Okeke <[email protected]> --------- Signed-off-by: Cy Okeke <[email protected]>

  • Alex Morask (25 Apr 24)

    [AC-2488] Return default state for billing metadata when Organization has no Stripe entities (#4018) * Return default state for billing metadata when no stripe entities * Fix tests

  • Alex Morask (24 Apr 24)

    [AC-2488] Add billing endpoint to determine SM standalone for organization (#4014) * Add billing endpoint to determine SM standalone for org. * Add missing attribute

  • cyprain-okeke (24 Apr 24)

    [AC-2512] Admin: Seat Minimum input fields are showing for Reseller-type providers (#4013) * resolve the issue Signed-off-by: Cy Okeke <[email protected]> * remove the unused reference Signed-off-by: Cy Okeke <[email protected]> --------- Signed-off-by: Cy Okeke <[email protected]>

  • renovate[bot] (23 Apr 24)

    [deps] Auth: Update bootstrap to v5 (#3610) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Ike <[email protected]>

  • renovate[bot] (23 Apr 24)

    [deps] Auth: Update DuoUniversal to v1.2.3 (#3866) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Ike <[email protected]>

  • renovate[bot] (23 Apr 24)

    [deps] Auth: Update sass to v1.75.0 (#3609) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Ike <[email protected]>

  • renovate[bot] (23 Apr 24)

    [deps] Auth: Update jquery to v3.7.1 (#3608) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Ike <[email protected]>

  • Kyle Spearrin (23 Apr 24)

    Revert "[PM-6977] Migrate to FCM v1 (#3917)" (#4009) This reverts commit dd8d5955a4b9dae187e10799918bdaca4372497f.

  • Kyle Spearrin (23 Apr 24)

    [PM-6977] Migrate to FCM v1 (#3917) * fcmv1 update * try without nested data obj * type must be a string * fcmv1 migration flag * lint fixes * fix tests --------- Co-authored-by: Matt Bishop <[email protected]>

  • Bitwarden DevOps (23 Apr 24)

    Bumped version to 2024.4.2 (#4007)

  • Conner Turnbull (19 Apr 24)

    Updated missing logic for 2023 plans (#4000)

  • Addison Beck (19 Apr 24)

    Refactor `PolicyService.SaveAsync()` (#4001) * Move dependent policy checks to a dedicated function * Invert conditional * Extract enable logic

  • Alex Morask (19 Apr 24)

    [AC-2461] Scale provider seats on client organization deletion (#3996) * Scaled provider seats on client organization deletion * Thomas' feedback

  • Conner Turnbull (19 Apr 24)

    Updated GetIdsByMetadata to support providerId (#3994) * Refactored the charge succeeded handler a bit * If refund charge is received, and we don't have a parent transaction stored already, attempt to create one * Converted else if structure to switch-case * Moved logic for invoice.upcoming to a private method * Moved logic for charge.succeeded to a private method * Moved logic for charge.refunded to a private method * Moved logic for invoice.payment_succeeded to a private method * Updated invoice.payment_failed to match the rest * Updated invoice.created to match the rest with some light refactors * Added method comment to HandlePaymentMethodAttachedAsync * Moved logic for customer.updated to a private method * Updated logger in default case * Separated customer.subscription.deleted and customer.subscription.updated to be in their own blocks * Moved logic for customer.subscription.deleted to a private method * Moved logic for customer.subscription.updated to a private method * Merged customer sub updated or deleted to switch * No longer checking if the user has premium before disabling it since the service already checks * Moved webhook secret parsing logic to private method * Moved casting of event to specific object down to handler * Reduced nesting throughout * When removing secrets manager, now deleting 100% off password manager discount for SM trials * Added method comment and reduced nesting in RemovePasswordManagerCouponIfRemovingSecretsManagerTrialAsync * Updated GetIdsByMetadata to support providerId

  • Conner Turnbull (19 Apr 24)

    [AC-2427] update discount logic for complimentary password manager (#3990) * Refactored the charge succeeded handler a bit * If refund charge is received, and we don't have a parent transaction stored already, attempt to create one * Converted else if structure to switch-case * Moved logic for invoice.upcoming to a private method * Moved logic for charge.succeeded to a private method * Moved logic for charge.refunded to a private method * Moved logic for invoice.payment_succeeded to a private method * Updated invoice.payment_failed to match the rest * Updated invoice.created to match the rest with some light refactors * Added method comment to HandlePaymentMethodAttachedAsync * Moved logic for customer.updated to a private method * Updated logger in default case * Separated customer.subscription.deleted and customer.subscription.updated to be in their own blocks * Moved logic for customer.subscription.deleted to a private method * Moved logic for customer.subscription.updated to a private method * Merged customer sub updated or deleted to switch * No longer checking if the user has premium before disabling it since the service already checks * Moved webhook secret parsing logic to private method * Moved casting of event to specific object down to handler * Reduced nesting throughout * When removing secrets manager, now deleting 100% off password manager discount for SM trials * Added method comment and reduced nesting in RemovePasswordManagerCouponIfRemovingSecretsManagerTrialAsync

  • Addison Beck (18 Apr 24)

    Properly handle new policy enrollments in the public API (#4003) * Test the use case * Properly instantiate model from null * Rename query parameter

Bitwarden Website

Website

The password manager trusted by millions | Bitwarden

Bitwarden makes it easy for businesses and individuals to securely generate, store, and share passwords from any location, browser, or device. Create your free Bitwarden account today.

Redirects

Does not redirect

Security Checks

All 66 security checks passed

Server Details

  • IP Address 199.232.194.22
  • Location San Francisco, California, United States of America, NA
  • ISP Fastly Inc.
  • ASN AS54113

Associated Countries

  • US

Saftey Score

Website marked as safe

100%

Blacklist Check

bitwarden.com was found on 0 blacklists

  • ThreatLog
  • OpenPhish
  • PhishTank
  • Phishing.Database
  • PhishStats
  • URLhaus
  • RPiList Not Serious
  • AntiSocial Blacklist
  • PhishFeed
  • NABP Not Recommended Sites
  • Spam404
  • CRDF
  • Artists Against 419
  • CERT Polska
  • PetScams
  • Suspicious Hosting IP
  • Phishunt
  • CoinBlockerLists
  • MetaMask EthPhishing
  • EtherScamDB
  • EtherAddressLookup
  • ViriBack C2 Tracker
  • Bambenek Consulting
  • Badbitcoin
  • SecureReload Phishing List
  • Fake Website Buster
  • TweetFeed
  • CryptoScamDB
  • StopGunScams
  • ThreatFox
  • PhishFort

Website Preview

View full report at
web-check.xyz

Bitwarden Android App

Update Info

  • App Bitwarden
  • Creation Date 28 Apr 22
  • Last Updated 07 Dec 23
  • Current Version 2.18.0

Trackers

  • Microsoft Visual Studio App Center Crashes
  • Google Firebase Analytics

Permissions

  • Use Biometric
  • Write External Storage
  • Use Fingerprint
  • Receive
  • Access Network State
  • Wake Lock
  • System Alert Window
  • Nfc
  • Internet
  • Camera
  • Write Use App Feature Survey

Bitwarden iOS App

App Info

Bitwarden Password Manager

Recognized as best password manager by PCMag, The Verge, CNET, G2, and more! SECURE YOUR DIGITAL LIFE Secure your digital life and protect against data breaches by generating and saving unique, strong passwords for every account. Maintain everything in an end-to-end encrypted password vault that only you can access. ACCESS YOUR DATA, ANYWHERE, ANYTIME, ON ANY DEVICE Easily manage, store, secure, and share unlimited passwords across unlimited devices without restrictions. EVERYONE SHOULD HAVE THE TOOLS TO STAY SAFE ONLINE Utilize Bitwarden for free with no ads and or selling data. Bitwarden believes everyone should have the ability to stay safe online. Premium plans offer access to advanced features. EMPOWER YOUR TEAMS WITH BITWARDEN Plans for Teams and Enterprise come with professional business features. Some examples include SSO integration, self-hosting, directory integration and SCIM provisioning, global policies, API access, event logs, and more. Use Bitwarden to secure your workforce and share sensitive information with colleagues. More reasons to choose Bitwarden: World-Class Encryption Passwords are protected with advanced end-to-end encryption (AES-256 bit, salted hashtag, and PBKDF2 SHA-256) so your data stays secure and private. 3rd-party Audits Bitwarden regularly conducts comprehensive third-party security audits with notable security firms. These annual audits include source code assessments and penetration testing across Bitwarden IPs, servers, and web applications. Advanced 2FA Secure your login with a third-party authenticator, emailed codes, or FIDO2 WebAuthn credentials such as a hardware security key or passkey. Bitwarden Send Transmit data directly to others while maintaining end-to-end encrypted security and limiting exposure. Built-in Generator Create long, complex, and distinct passwords and unique usernames for every site you visit. Integrate with email alias providers for additional privacy. Global Translations Bitwarden translations exist for more than 50 languages. Cross-Platform Applications Secure and share sensitive data within your Bitwarden Vault from any browser, mobile device, or desktop OS, and more.

Rating

Rated 4.53 out of 5 stars by 4,223 users

Version Info

  • Current Version 2024.2.1
  • Last Updated 21 Mar 24
  • First Released 02 Sept 16
  • Minimum iOS Version 11.0
  • Device Models Supported 94

App Details

  • IPA Size 171.79 Mb
  • Price Free (USD)
  • Age Advisory 4+
  • Supported Languages 32
  • Developer Bitwarden Inc
  • Bundle ID com.8bit.bitwarden

Screenshots

Bitwarden Docker

Container Info

bitwardenrs

This is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal..

#Other#Tools

DockerHub Metrics

  • Pull Count 323,775,757
  • Stars 417
  • Date Created 12 May 19
  • Last Updated 2 years ago

View on DockerHub

bitwardenrs/server

Run Command

docker run -d \ 
  -p :80/tcp \
  -v /portainer/Files/AppData/Config/Bitwarden-rs:/config \
  --restart=unless-stopped \
  bitwardenrs/server:latest

Compose File

version: 3.8
services:
  bitwarden-rs:
    image: bitwardenrs/server:latest
    ports:
      - :80:tcp
    environment:
    volumes:
      - /portainer/Files/AppData/Config/Bitwarden-rs:/config
    restart: unless-stopped

Port List

  • :80/tcp

Volume Mounting

  • /portainer/Files/AppData/Config/Bitwarden-rs /config

Permissions

  • read ✅ Yes
  • write ✅ Yes
  • admin ✅ Yes

Bitwarden Socials

Bitwarden Reviews

More Password Managers

View More...

About the Data: Bitwarden

API

You can access Bitwarden's data programmatically via our API. Simply make a GET request to: 

https://api.awesome-privacy.xyz/essentials/password-managers/bitwarden

The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.

About the Data

Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.

Share Bitwarden

Help your friends compare Password Managers, and pick privacy-respecting software and services.
Share Bitwarden and Awesome Privacy with your network!

View Password Managers (6)
Next →

KeePass