Bitwarden Icon

Fully-featured, open source password manager with cloud-sync. Bitwarden is easy-to-use with a clean UI and client apps for desktop, web and mobile. See also Vaultwarden, a self-hosted, Rust implementation of the Bitwarden server and compatible with upstream Bitwarden clients.

Open Source

Bitwarden Privacy Policy

Privacy Policy Summary

  • You have the right to leave this service at any time
  • This service keeps user logs for an undefined period of time
  • Users agree to comply with the law of the service's country
  • This service does not sell your personal data
  • The service does not guarantee accuracy or reliability of the information provided
  • The service provider makes no warranty regarding uninterrupted, timely, secure or error-free service
  • The service provides two factor authentification for your account
  • You are responsible for maintaining the security of your account and for the activities on your account
  • This service can share your personal information to third parties
  • Tracking pixels are used in service-to-user communication
  • The service is transparent regarding government requests or inquiries that may involve user data.
  • The user is informed about security practices
  • The services will notify users if personal data has been affected by data breaches
  • This service requires first-party cookies, which are cookies that only belong to the domain of the service and not a third party.
  • This service holds onto content that you've deleted
  • very broad term possibly violating copyright law
  • The service can sell or otherwise transfer your personal data as part of a bankruptcy proceeding or other type of financial transaction.
  • Third parties may be involved in operating the service
  • Promises will be kept after a merger or acquisition
  • Your personal data is given to third parties
  • The service promises to inform and/or notify users regarding government inquiries that may involve users' personal data
  • Your data may be processed and stored anywhere in the world
  • They may stop providing the service at any time
  • Users should revisit the terms periodically, although in case of material changes, the service will notify
  • This service does not guarantee that it or the products obtained through it meet the users' expectations or requirements
  • The service does not guarantee that software errors will be corrected
  • The service can suspend or terminate your access to all or any part of the Website and refuse service to anyone for any reason at any time
  • Your personal data is aggregated into statistics
  • This service ignores the Do Not Track (DNT) header and tracks users anyway even if they set this header.
  • This service gathers information about you through third party analytics and service providers (such as Google Analytics)
  • Blocking cookies may limit your ability to use the service
  • This service throttles your use
  • This service prohibits users from attempting to gain unauthorized access to other computer systems
  • You can delete your content from this service
  • This service gives your personal data to third parties involved in its operation
  • The court of law governing the terms is in California, USA
  • This service assumes no liability for any losses or damages resulting from any matter relating to the service
  • You are tracked via web beacons, tracking pixels, browser fingerprinting, and/or device fingerprinting
  • Third-party cookies are used for statistics
  • Information is provided about how your personal data is used
  • Some personal data may be kept for business interests or legal obligations
  • Information is provided about what kind of information they collect
  • Information is provided about how they collect personal data
  • Extra data may be collected about you through promotions
  • You agree to defend, indemnify, and hold the service harmless in case of a claim related to your use of the service
  • Users are responsible for any risks, damages, or losses they may incur by downloading materials
  • The service is provided 'as is' and to be used at the users' sole risk
  • This service is only available to users of age 13 and up
  • Features of the website are made available under a free software license (AGPL) v3.0
  • The terms for this service are easy to read
  • Your personal data may be sold or otherwise transferred as part of a bankruptcy proceeding or other type of financial transaction
  • You are entitled to a refund if certain thresholds or standards are not met by the service
  • You authorise the service to charge a credit card supplied on re-occurring basis
  • You should revisit the terms periodically, although in case of material changes, the service will notify




Domains Covered by Policy


About the Data

This data is kindly provided by Read full report at: #1348

Bitwarden Source Code




The core infrastructure backend (API, database, Docker, etc).






23 Nov 15

Last Updated

17 May 24

Latest version


Primary Language



27,287 KB







Language Usage

Language Usage

Star History

Star History

Recent Commits

  • Vincent Salucci (17 May 24)

    [AC-240] - BUG - Confirm Admin/Owners to org when excluded from Single Org Policy (#4087) * fix: align policy checks for excluded types, update tests, create fixture, refs AC-240 * fix: update final policy check against other orgs (not including the current), refs AC-240

  • Conner Turnbull (17 May 24)

    [AC-2513] Scaling PM seat count with SM seat count (#4040) * For SM Trial orgs, now scaling PM seat count with SM seat count adjustments * Split Billing related organization endpoints into billing owned controller * Updated billing organizations controller to use a primary constructor to reduce boilerplate * Fixed error where ID couldn't be mapped to subscription endpoint guid param * Updated billing OrganizationController endpoints to not manually create the GUID from the string ID * Banished magic string back to the pit from whence it came * Resolved errors in unit tests

  • Conner Turnbull (17 May 24)

    Hiding teams starter option (#4044)

  • Jake Fink (16 May 24)

    add login redirect url to identity server (#4092)

  • Conner Turnbull (16 May 24)

    Resolved razor syntax error by updating expression to be explicit instead of implicit (#4094)

  • Thomas Rittson (15 May 24)

    [AC-2602] Fix error when provider edits existing group (#4086) * Add null check to groups endpoint - providers may not be OrgUsers

  • Alex Morask (14 May 24)

    [AC-2426] Allow editing of client organization name (#4072) * Allow editing of client organization name * Removing unnecessary using for linter

  • Todd Martin (14 May 24)

    Removed unused feature flags (#4083) * Removed unused feature flags * Removed 2 more flags.

  • SmithThe4th (14 May 24)

    added feature flag constant for vault bullk management action (#4075)

  • Alex Morask (14 May 24)

    [AC-2313] Add Gateway fields to Provider edit in Admin (#4057) * Formatting * Add Gateway fields to provider edit * Remove unnecessary usings * Thomas' feedback * Removing unnecessary using for linter * Removing unused file * Removing unused file

  • Addison Beck (14 May 24)

    Remove unneeded using (#4084)

  • cyprain-okeke (13 May 24)

    [BEEEP][AC-2497] Create unit test for the SubscriptionUpdate classes (#4054) * Add unit tests for the StorageSubscriptionUpdateTests.cs Signed-off-by: Cy Okeke <[email protected]> * remove unwanted comment from the class Signed-off-by: Cy Okeke <[email protected]> * Create a class file and add unit tests for SmSeatSubscriptionUpdateTest.cs Signed-off-by: Cy Okeke <[email protected]> * Add unit test for the secrets manager seat update Signed-off-by: Cy Okeke <[email protected]> * Fix the failing test cases Signed-off-by: Cy Okeke <[email protected]> * Add unit test for service account update Signed-off-by: Cy Okeke <[email protected]> --------- Signed-off-by: Cy Okeke <[email protected]>

  • Todd Martin (09 May 24)

    [PM-7029] Remove conditional logic for KeyRotationImprovements feature flag (#4002) * Removed business logic that references flag * Removed using statement. * Undid accidental keystroke. * Removed unused method. * Removed unused imports.

  • Ike (09 May 24)

    remove alias (#4058)

  • Alex Morask (09 May 24)

    [AC-2471] Prevent calls to Stripe when unlinking client org has no Stripe objects (#3999) * Prevent calls to Stripe when unlinking client org has no Stripe objects * Thomas' feedback * Check for stripe when org unlinked from org page --------- Co-authored-by: Conner Turnbull <[email protected]>

  • Alex Morask (09 May 24)

    Send reference event on payment success for provider (#4063)

  • Thomas Rittson (09 May 24)

    Fix 404 error when creating users/groups (#4066)

  • Vincent Salucci (08 May 24)

    [AC-2086] Update CanDelete to handle V1 flag logic (#3979) * feat: Update authorization handler to handle V1 collection enhancement, refs AC-2086 * feat: update tests to account for new V1 flag/setting logic, refs AC-2086 * feat: update CanDelete with all collection enhancement combinations, refs AC-2086 * feat: add tests for new delete flows, refs AC-2086 * fix: update new conditionals with bool return value, refs AC-2086 * feat: simplify conditional in regards to LimitCollectionCreationDeletion, refs AC-2086 * feat: simplify AllowAdminAccessToAllCollectionItems conditional, refs AC-2086 * feat: add unit test making sure admins can't delete collections without can manage, refs AC-2086

  • Shane Melton (07 May 24)

    [AC-1707] Restrict provider access to items (#3881) * [AC-2274] Introduce CanEditAnyCiphersAsAdminAsync helper to replace EditAnyCollection usage * [AC-2274] Add unit tests for CanEditAnyCiphersAsAdmin helper * [AC-2274] Add Jira ticket * [AC-1707] Add feature flag * [AC-1707] Update CanEditAnyCiphersAsAdmin to fail for providers when the feature flag is enabled * [AC-2274] Undo change to purge endpoint * [AC-2274] Update admin checks to account for unassigned ciphers * [AC-1707] Fix provider auth checks after merge with main * [AC-1707] Fix tests after merge * [AC-1707] Adjust CanEditCipherAsAdmin method to properly account for admin user types - Fix associated unit tests * [AC-1707] Formatting

  • Alex Urbina (07 May 24)

    DEVOPS-1901 Fix error: az login again to refresh permissions (#4050) * DEVOPS-1901 REFACTOR: Remove the Docker image per registry * DEVOPS-1901 REFACTOR: Docker image removal process in cleanup-after-pr.yml

  • renovate[bot] (07 May 24)

    [deps] Platform: Update Microsoft.AspNetCore.Http to v2.2.2 (#3753) Co-authored-by: renovate[bot] <29139614+renovate[bot]> Co-authored-by: Ike <[email protected]>

  • cyprain-okeke (07 May 24)

    Fix the issue of returning on Error! without descriptive message (#4056) Signed-off-by: Cy Okeke <[email protected]>

  • Jason Ng (07 May 24)

    [AC-1121] Update authorization for orphaned collections (#4047) * update BulkCollectionAuthorizationHandler to account for orphaned collections

  • renovate[bot] (07 May 24)

    [deps] Auth: Update Microsoft.Azure.Cosmos to v3.39.1 (#3541) Co-authored-by: renovate[bot] <29139614+renovate[bot]> Co-authored-by: Ike <[email protected]>

  • Vince Grassia (07 May 24)

    Add IgnoreUnmatchedProperties when deserializing YAML (#4061)

  • Bitwarden DevOps (06 May 24)

    Bumped version to 2024.5.0 (#4060)

  • Thomas Avery (06 May 24)

    [SM-1030] Cleanup old access policy management code (#4015) * Remove access selector code * Cleanup integration tests

  • cyprain-okeke (06 May 24)

    Add providerType as part of the response object (#4055) Signed-off-by: Cy Okeke <[email protected]>

  • Alex Morask (06 May 24)

    [AC-2548] Remove automatic tax collection check from provider creation (#4042) * Remove automatic tax collection check * Fix tests

  • Jake Fink (06 May 24)

    [PM-7919] return exception if trying to overwrite keypair (#4052) * return exception if trying to overwrite keypair * add feature flag

Bitwarden Website


The password manager trusted by millions | Bitwarden

Bitwarden makes it easy for businesses and individuals to securely generate, store, and share passwords from any location, browser, or device. Create your free Bitwarden account today.


Does not redirect

Security Checks

All 66 security checks passed

Server Details

  • IP Address
  • Location San Francisco, California, United States of America, NA
  • ISP Fastly Inc.
  • ASN AS54113

Associated Countries

  • US

Saftey Score

Website marked as safe


Blacklist Check was found on 0 blacklists

  • ThreatLog
  • OpenPhish
  • PhishTank
  • Phishing.Database
  • PhishStats
  • URLhaus
  • RPiList Not Serious
  • AntiSocial Blacklist
  • PhishFeed
  • NABP Not Recommended Sites
  • Spam404
  • CRDF
  • Artists Against 419
  • CERT Polska
  • PetScams
  • Suspicious Hosting IP
  • Phishunt
  • CoinBlockerLists
  • MetaMask EthPhishing
  • EtherScamDB
  • EtherAddressLookup
  • ViriBack C2 Tracker
  • Bambenek Consulting
  • Badbitcoin
  • SecureReload Phishing List
  • Fake Website Buster
  • TweetFeed
  • CryptoScamDB
  • StopGunScams
  • ThreatFox
  • PhishFort

Website Preview

Bitwarden Android App

Update Info

  • App Bitwarden
  • Creation Date 28 Apr 22
  • Last Updated 07 Dec 23
  • Current Version 2.18.0


  • Microsoft Visual Studio App Center Crashes
  • Google Firebase Analytics


  • Use Biometric
  • Write External Storage
  • Use Fingerprint
  • Receive
  • Access Network State
  • Wake Lock
  • System Alert Window
  • Nfc
  • Internet
  • Camera
  • Write Use App Feature Survey

Bitwarden iOS App

App Info

Bitwarden Password Manager

Recognized as best password manager by PCMag, The Verge, CNET, G2, and more! SECURE YOUR DIGITAL LIFE Secure your digital life and protect against data breaches by generating and saving unique, strong passwords for every account. Maintain everything in an end-to-end encrypted password vault that only you can access. ACCESS YOUR DATA, ANYWHERE, ANYTIME, ON ANY DEVICE Easily manage, store, secure, and share unlimited passwords across unlimited devices without restrictions. EVERYONE SHOULD HAVE THE TOOLS TO STAY SAFE ONLINE Utilize Bitwarden for free with no ads and or selling data. Bitwarden believes everyone should have the ability to stay safe online. Premium plans offer access to advanced features. EMPOWER YOUR TEAMS WITH BITWARDEN Plans for Teams and Enterprise come with professional business features. Some examples include SSO integration, self-hosting, directory integration and SCIM provisioning, global policies, API access, event logs, and more. Use Bitwarden to secure your workforce and share sensitive information with colleagues. More reasons to choose Bitwarden: World-Class Encryption Passwords are protected with advanced end-to-end encryption (AES-256 bit, salted hashtag, and PBKDF2 SHA-256) so your data stays secure and private. 3rd-party Audits Bitwarden regularly conducts comprehensive third-party security audits with notable security firms. These annual audits include source code assessments and penetration testing across Bitwarden IPs, servers, and web applications. Advanced 2FA Secure your login with a third-party authenticator, emailed codes, or FIDO2 WebAuthn credentials such as a hardware security key or passkey. Bitwarden Send Transmit data directly to others while maintaining end-to-end encrypted security and limiting exposure. Built-in Generator Create long, complex, and distinct passwords and unique usernames for every site you visit. Integrate with email alias providers for additional privacy. Global Translations Bitwarden translations exist for more than 50 languages. Cross-Platform Applications Secure and share sensitive data within your Bitwarden Vault from any browser, mobile device, or desktop OS, and more.


Rated 4.53 out of 5 stars by 4,223 users

Version Info

  • Current Version 2024.2.1
  • Last Updated 21 Mar 24
  • First Released 02 Sept 16
  • Minimum iOS Version 11.0
  • Device Models Supported 94

App Details

  • IPA Size 171.79 Mb
  • Price Free (USD)
  • Age Advisory 4+
  • Supported Languages 32
  • Developer Bitwarden Inc
  • Bundle ID com.8bit.bitwarden


Bitwarden Docker

Container Info


This is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal..


DockerHub Metrics

  • Pull Count 323,775,757
  • Stars 417
  • Date Created 12 May 19
  • Last Updated 2 years ago

View on DockerHub


Run Command

docker run -d \ 
  -p :80/tcp \
  -v /portainer/Files/AppData/Config/Bitwarden-rs:/config \
  --restart=unless-stopped \

Compose File

version: 3.8
    image: bitwardenrs/server:latest
      - :80:tcp
      - /portainer/Files/AppData/Config/Bitwarden-rs:/config
    restart: unless-stopped

Port List

  • :80/tcp

Volume Mounting

  • /portainer/Files/AppData/Config/Bitwarden-rs /config


  • read ✅ Yes
  • write ✅ Yes
  • admin ✅ Yes

Bitwarden Socials

Bitwarden Reviews

More Password Managers

About the Data: Bitwarden


You can access Bitwarden's data programmatically via our API. Simply make a GET request to:

The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.

About the Data

Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.

Share Bitwarden

Help your friends compare Password Managers, and pick privacy-respecting software and services.
Share Bitwarden and Awesome Privacy with your network!

View Password Managers (6)