Release Notes
Bitwarden believes source code transparency is an absolute requirement for security solutions like ours. View full, detailed Release Notes in GitHub using any of the following links:
Bitwarden incrementally updates each client application (Desktop, Browser Extension, Mobile, etc.) and for self-hosted servers following the initial release to ensure feature efficacy and stability. As a result, client applications and self-hosted servers should expect listed features following the initial release. Please review Bitwarden software release support documentation.
tip
Want Release Announcements delivered straight to your inbox? Sign up to receive an email update with the latest Bitwarden release notes.
You can also subscribe to the Bitwarden Status RSS Feed for service updates, including announcements of release windows.
(The listed release number is for the Bitwarden Server, other version numbers released in this cycle also include Web 2025.10.1 and Mobile 2025.10.1)
Password Manager
- Improved sign-up flow for premium subscription: Users seeking the benefits of a paid Bitwarden plan will find it easier to upgrade their account. Select the Upgrade your plan button within the web app navigation to learn more about and select a paid plan. 
- Android Chrome integration version requirement: To continue using the Chrome browser integration on Android, upgrade the Chrome app to at least version 134 (March, 2025). This is required due structural changes in Chrome and Bitwarden autofill integration processes. 
- Sumo Logic SIEM integration: A new integration is available for security information and event management (SIEM) with Sumo Logic. The integration offers comprehensive event coverage across authentication, organizational activities, and vault items. 
(The listed release number is for the Bitwarden Server, other version numbers released in this cycle also include Web 2025.10.0, Browser Extension 2025.10.0, Mobile 2025.10.0, Desktop 2025.10.0, and CLI 2025.10.0)
Password Manager
- Direct importer for Edge, Opera, and Vivaldi browsers: Move your data into Bitwarden quickly and securely with direct import for Edge, Opera, and Vivaldi browsers. 
- Simplified login screen for SSO users: Members of organizations using the Require single sign-on policy will now have other authentication options greyed-out on the login screen, provided they've authenticated at least once on that device. 
Secrets Manager
- New event logs: Secrets Manager will now log events when machine accounts are created, deleted, have users or groups assigned to them, and have users or groups removed from them. 
Self-host
- New environment variables: New environment variables are available for configuring the handling of refresh tokens, allowing users to determine the lifetime and timeout of authentication tokens on self-hosted servers. 
(The listed release number is for the Bitwarden Server, other version numbers released in this cycle also include Web 2025.9.1)
Admin Console
- Member invitation subject line update: The email subject line for invitations to join an organization was updated. 
- Tax ID reminder: If you're a business owner or provider admin in a country that collects value added tax (VAT) and haven't added your tax ID yet, you'll see a banner on the Admin Console, Payment Details, and Provider Portal pages. Click Add a Tax ID to update the billing details with your organization's tax ID. 
Secrets Manager
- Terraform Provider: Bitwarden Secrets Manager now offers a Terraform provider, capable of fetching, creating, and managing Secrets Manager secrets for your Terraform infrastructure. Learn more about the Terraform provider here. 
- Update to default mapped secrets behavior: The new default behavior of the Kubernetes operator will only sync secrets that been mapped in the - BitwardenSecretobject, unless otherwise specified with- onlyMappedSecrets: false. Learn more about the Secrets Manager Kubernetes operator here.
(The listed release number is for the Bitwarden Server, other version numbers released in this cycle also include Web 2025.9.0, Browser Extension 2025.9.0, Mobile 2025.9.0, Desktop 2025.9.0, and CLI 2025.9.0)
Password Manager
- Device approval using browser extensions: Approve new trusted devices and login with device requests using the browser extension. 
- CXP for iOS 26: Users on iOS 26 can now import directly to or export directly from Bitwarden and any other iOS app that supports FIDO's Credential Exchange Protocol. Learn more about importing and exporting. 
Admin Console
- Collection settings updates: Some collection management settings have been renamed and more granular events will now be logged when they're turned on or off. Learn more here. 
- Organization SSH keys: SSH keys created with the Bitwarden SSH agent can now be stored and shared in organization collections. Learn more about the Bitwarden SSH agent here. 
(The listed release number is for the Bitwarden Server, other version numbers released in this cycle also include Web 2025.8.2 and Mobile 2025.8.1)
note
Helm Charts Versioning Update: For Bitwarden self-host Helm charts, the CalVer versioning scheme (2025.8.0) will be deprecated on November 13, 2025. After this date, only SemVer versions will be supported and released.
You can start using SemVer 1.0.0 now, however note that until November 13, 2025, you must always specify --version <semver-version> during upgrades:
Bashhelm upgrade self-host-bsfyr9bpzk bitwarden/self-host --version <semver-version> -n bitwarden
Password Manager
- Card autofill for Android: The Bitwarden Android app can now autofill cards, such as debit or credit cards, in Chrome and Chromium-based browsers. Learn more here. 
- Failed 2FA emails: Users will now receive an email notifying them of failed login attempts that were prevented by two-step login. If you receive these emails, update your master password immediately to one that is strong, unique, and has never been used before. Learn more here. 
Secrets Manager
- New event logs: Secrets Manager will now log events when projects are accessed, created, edited, or deleted. Learn more here. 
(This listed release includes only Browser Extensions & Desktop Apps. The next release to include Server updates will resume the typical version progression (2025.8.1))
- To further protect against malicious websites, the inline autofill menu is now always displayed above other content on a web page. 
(The listed release number is for the Bitwarden Server, other version numbers released in this cycle also include Web 2025.8.0, Browser Extension 2025.8.0, Mobile 2025.8.0, Desktop 2025.8.0, and CLI 2025.8.0)
note
To ensure compatibility with the latest Bitwarden release, please update both your clients and self-hosted server. Keeping your software current in accordance with the Bitwarden software release support policy will help to maintain full compatibility, support, and unlock the latest Bitwarden features.
Admin Console
- Remove card item type policy: An enterprise policy was added that allows enterprise organizations to restrict the use of the card item type. Learn more here. 
Password Manager
- Inline autofill password generator improvements: The inline autofill password generator will now immediately offer to save the generated password as a new login item. Learn more about the inline autofill here. 
- Improved Item view: New improvements to viewing vault items have been added. Updates include favicons and other important information presented at the top of the vault item. Learn more about vault items here. 
- HTTPS now required on Android: The Android Password Manager app now requires connection to a server using HTTPS. This change will only affect users who are self-hosting a Bitwarden server without a SSL/TLS certificate. Learn more about certificates here. 
- Unlock with biometrics updates: Desktop apps must now first be unlocked with a method other than biometrics, such as PIN or master password, after application restart. Following this, biometrics can be used to unlock. Learn more about unlock with biometrics here. 
(The listed release number is for the Bitwarden Server, other version numbers released in this cycle also include Web 2025.7.2)
Admin Console
- Members view performance improvements: Loading times for the Members view, particularly for organizations with large numbers of members, have been optimized. 
Provider Portal
- Billing update: Providers that have not added a payment method on the Billing → Subscription page should do so as soon as possible. Providers with unpaid invoices will now be suspended 30 days after an unpaid invoice is due, including suspension of client organizations. Adding a valid payment method, for those that have not already, will ensure seamless continuation of service. 
Self-host
- Deprecated logging methods: For self-hosted users, the direct integration with - syslogin Bitwarden - enabled by overriding- enabledglobalSettings__syslog__destination- has been deprecated in favor of integrating with Docker's- syslogdrivers. Users with the deprecated method will receive warning logs to notify them of the change. Learn more here.
(The listed release number is for the Bitwarden Server, other version numbers released in this cycle also include Web 2025.7.1, Browser Extension 2025.7.0, Desktop 2025.7.1, and CLI 2025.7.0)
Password Manager
- URI Match Detection warning update: Users who choose to setup URI match detection with the advanced options Starts with and Regular expression will see a warning dialogue to confirm they understand the potential security risks associated with these autofill options. Learn more here. 
- Onscreen tips for new users - Browser extension: To assist new users, onscreen tips have been added to the browser extension. These tips will help introduce new users to the features and components of the browser extension. Learn more here. 
- Browser extension permission update: Browser extensions on Firefox and Safari will now require the notifications permission to support log in with device. 
- Chromium integrations on Android: If you use Brave or Chrome as your web browser, toggle the new Use Brave autofill integration or Use Chrome autofill integration options. Learn more here. 
Secrets Manager
- New secrets events: Event Logs will now log when secrets are created, edited, or deleted. Learn more here. 
(The listed release number is for the Bitwarden Server, other version numbers released in this cycle also include Web 2025.7.0)
Password Manager
- Password Depot 17 import: Password Depot 17 has been added to the list of formats available for direct import into Bitwarden Password Manager. Learn more here. 
Admin Console
- Policy rename: The Remove individual vault policy has been renamed to the Enforce organization data ownership policy. Learn more here. 
- Member permissions update: Organization members with the Manage account recovery permission can reset organization member's master passwords. This permission can be granted separately from the Manage users permission. Learn more here. 
(The listed release number is for the Bitwarden server, other version numbers released in this cycle also include Web 2025.6.1, Browser Extension 2025.6.0, Desktop 2025.6.0, and CLI 2025.6.0)
note
Accounts using a legacy encryption scheme are no longer supported. Older accounts that were created before 2017 and have not logged into the web app since 2023 are using a legacy encryption scheme that is no longer supported. Only inactive accounts without user activity for two years may be impacted. Learn more here.
warning
Kerberos authentication support notice for Self-host: In some deployment modes, self-host server versions 2025.6.0 through 2025.6.2 have had an interruption in their support for Kerberos external database authentication. This will be fixed in an upcoming release of the self-host server. Customers using Kerberos authentication should wait to upgrade their self-host deployments until the next release unless instructed otherwise by Bitwarden support.
Password Manager
- Persistence in browser extensions when adding & editing items: Browser extensions will now cache changes to item data for up to two minutes even if you click out of or minimize the extension window. 
- Browser extension notification redesign: Browser extension notifications have a new look and feel. Learn more here. 
- Advanced troubleshooting for mobile apps: In mobile apps, users now have the option to to locally and temporarily log app events to help troubleshoot unexpected behaviors in the Bitwarden app. Learn more here. 
Bitwarden Authenticator
- Sync TOTPs with Password Manager: Users now have the option to seamlessly sync verification code data between Bitwarden Authenticator and Password Manager. Learn more here. 
(The listed release number is for the Bitwarden server, other version numbers released in this cycle include Web 2025.6.0 and Self-host 2025.6.1)
warning
Kerberos authentication support notice for Self-host: In some deployment modes, self-host server versions 2025.6.0 through 2025.6.2 have had an interruption in their support for Kerberos external database authentication. This will be fixed in an upcoming release of the self-host server. Customers using Kerberos authentication should wait to upgrade their self-host deployments until the next release unless instructed otherwise by Bitwarden support.
Self-host
- Rootless Containers for Helm: Helm deployments can now run Bitwarden in rootless mode. Learn more here. 
Self-host
- SQL version support: Release 2025.5.3 will be the last Bitwarden release that will maintain support for SQL Server 2019. Bitwarden fully supports SQL Server 2022. 
(The listed release number is for the Bitwarden server, other version numbers released in this cycle also include Web 2025.5.1, Browser Extension 2025.5.1, Desktop 2025.5.0, iOS 2025.5.0, Android 2025.5.0, and CLI 2025.5.0)
note
Important changes are coming to the Bitwarden clients! To help improve security and maintainability, please note that significantly older versions will cease to function if not kept up to date. This is especially important for users of our CLI. Please ensure that you have upgraded to the latest version of any installed clients.
Password Manager
- Export attachments from desktop and CLI: On the desktop app and CLI, you can now create a - .zipexport your individual vault file attachments. Learn more here.
- Support for dynamic colors on Android: You can now apply color schemes to your Bitwarden Android app based on your wallpaper. Learn more here. 
- SSH approval settings: A new setting is available for users who have enabled the SSH agent on the desktop app. You may specify when Bitwarden will require you to authorize access to an SSH credential stored in the vault. Learn more about SSH agent settings here. 
Admin Console
- Organization sponsored Families plan: Organizations can issue sponsored Families plans directly to employees personal email accounts, including employees that aren't members of the current organization. Learn more about sponsored Families plans here. 
- Collection permissions update: The Can edit and Can edit, hidden passwords permissions will now grant users the ability to delete collection items, unless the new Limit item deletion to members with the Manage collection permission has been enabled. Learn more about collection permissions here. 
- New collection management setting: To increase privilege customization, a new collection management setting has been added, Limit item deletion to members with the Manage collection permissions. Learn more about collection management settings here. 
(The listed release number is for the Bitwarden server, other version numbers released in this cycle also include Web 2025.5.0 and Browser Extension 2025.5.0)
Password Manager
- Enhanced PIN requirements: On browser extensions, PINs used for unlock must now be at least 4 characters. This will be updated in other clients in future releases. 
- Export attachments from web and browser: On the web app and browser extension, you can now create a - .zipexport that includes file attachments. This will be added to other clients in future releases. Learn more here.
- Nested collections in search results: Nested collections are now included in search results, making it easier to find relevant items. Learn more about collections here. 
Admin Console
- Organization features previews: The Admin Console for Teams, Families, and Free organizations will now show previews of features included in higher subscription tiers. 
(The listed release number is for the Bitwarden server, other version numbers released in this cycle also include Web 2025.4.1, Browser Extension 2025.4.0, Desktop 2025.4.2, and CLI 2025.4.0)
This release includes:
Password Manager
- Persistence in browser extensions when approving devices: Browser extensions will now wait for up to two minutes for approval even if you click out of or minimize the extension window in order to approve the request using the web app. 
- Master password re-prompt desktop update: When the master password re-prompt option is active for an item, desktop apps will now gate all fields behind successful verification instead of only hidden fields. Learn more here. 
Admin Console
- External ID display update: External ID will now only be displayed for the group, collection, and member dialogue if configured using SCIM, Bitwarden Directory Connector or the API. Learn more about Directory Connector here. 
- Member SSO external ID: Member SSO external ID will be displayed in the member dialogue for members configured using SSO. 
This release includes:
Password Manager
- Edge export (csv): Edge (csv) export has been added to the list of formats available for import into Bitwarden Password Manager. Learn more here. 
(The listed release number is for the Bitwarden server, other version numbers released in this cycle also include Web 2025.3.1, Browser Extension 2025.3.2, Desktop 2025.3.2, and CLI 2025.3.0)
This release includes:
Password Manager
- Browser extension filter persistence: For an improved experience when navigating between the browser extension and a web page, search terms and filters will now persist for up to two minutes, or until you change the active tab in your browser extension. 
- Browser extension loading times: We have made several changes to improve the browser extension loading times. Learn more about the Bitwarden browser extension here. 
- Re-order website URIs: On the web app and browser extensions Edit Login view, you can now re-order website URIs for better visual organization using the drag-and-drop () button. 
- FIDO2 two-step login support for Linux desktop: Linux desktop apps now support two-step login using a FIDO2 passkey. Learn more here. 
- SSH agent forwarding: Support for SSH agent forwarding has been improved on the Bitwarden Desktop app. Learn more about the Bitwarden SSH agent here. 
This release includes:
My Account
- Verification of new devices, grace period for new accounts: Newly created accounts will be exempt from new device login protection for the first 24 hours after account creation. Learn more here. 
Password Manager
- Login request banner notifications: Login with device requests will now prompt a banner notification to appear in the web app while pending approval. Learn more about login with device here. 
Admin Console
- Domain verification renamed: Domain verification, available for Enterprise organizations, has been renamed to "claimed domains". Learn more here. 
- Claimed accounts: When an Enterprise organization claims a domain, any member accounts with emails that match the domain will now be claimed by the organization, allowing account deletion by administrators. Claimed accounts also have a few other restrictions on account actions. Learn more here. 
- Unassigned items in reports: Organization-owned items not assigned to a collection are now listed with interactive links for further review in organization vault health reports. 
Self-hosting
- Move to GitHub Container Registry: Container images have been moved from Docker Hub to GitHub Container Registry. If you're deploying with a method that doesn't use the - bitwarden.shor- bitwarden.ps1scripts, update image references to GitHub Container Registry URLs (e.g.- ghcr.io/bitwarden/image_name:version).
(The listed release number is for the Bitwarden server, other versions numbers released in this cycle also include Web 2025.2.2, Browser Extension 2025.2.2, Desktop 2025.2.1, and CLI 2025.2.0)
This release includes:
My Account
- New device login protection: To keep your account safe and secure, Bitwarden will gradually begin requiring additional verification for users who do not use two-step login or SSO. Learn more here. 
- Update to recovery code use: Using a recovery code, while still requiring your email address and master password, will now automatically log you into your vault and deactivate two-step login, instead of only deactivating two-step login. Learn more here. 
- FIDO2 two-step login for macOS desktop: macOS desktop apps now support two-step login using a FIDO2 passkey. Learn more here. 
Password Manager
- Click to autofill setting moved: The Click to autofill setting on the browser extension has been moved to the Settings → Appearance tab. Learn more here. 
- Prevent duplicate passkeys on iOS: Duplicate passkeys cannot be saved on iOS that match an existing username and service already stored in the Bitwarden vault. The existing passkey may be modified or overwritten instead. Learn more about creating passkeys here. 
- Enterprise single sign-on login update: The "Use single sign-on" button has been added to the first step of the SSO login workflow in order to streamline Enterprise SSO login. Learn more here. 
Admin Console
- Remove Unlock with PIN policy: Enterprise organizations can now set a policy to prohibit members from using unlock with PIN in clients apps. Learn more here. 
- Policy non-compliance change: Policies that previously removed members from an organization for non-compliance will now revoke those members instead. Learn more here. 
- Email notification for device approval requests: Admins will now receive an email whenever a member of their organization submits a trusted device approval request. Learn more here. 
Provider Portal
- Add existing organizations to Provider Portal: Existing organizations may now be added to the Provider Portal by provider users if they are also the owner of the organization. Learn more here. 
(The listed release number is for the Bitwarden server, other versions numbers released in this cycle also include Web 2025.2.1)
note
To keep your account safe and secure, in an upcoming release, Bitwarden will require additional verification for users who do not use two-step login. Users who want to avoid new device verification workflows can:
- Preemptively set up two-step login by following any of the guides on this page. 
- Opt-out of this feature from the Settings → My account screen in the Danger Zone section. 
Learn more here.
This release includes:
Password Manager
- Increased import item limit: The limit to the number of items that can be in a Password Manager import has been increased. Learn more here. 
Admin Console
- Collection permissions updates: - Collection permission names updated: Collection permission names have been updated to provide additional clarity. Learn more here. 
- Update to "Edit items, hidden passwords" permission: To increase security, the "Edit items, hidden passwords" permission will no longer allow users to assign items within the collection to another collection. 
 
(The listed release number is for the Bitwarden web app, other versions numbers released in this cycle are Server 2025.1.4, Desktop 2025.1.4, Browser Extension 2025.1.3, CLI 2025.1.3, iOS 2025.1.2, and Android 2025.1.1)
This release includes:
Password Manager
- Change vault item owner: On the web app, you can now share a vault item directly from the Edit window by changing its owner to any organization you're a member of. Learn more here. 
- Block autofill for browser extensions: Browser extensions can now specifically be instructed not to allow autofill on certain domains. Learn more here. 
- Bitwarden Send updates on mobile: Bitwarden Send options on mobile apps have discontinued support for setting an expiration date and deactivating the Send, in accordance with what is currently available on browser extensions. Support for these options will be discontinued in other clients in future releases. Learn more here. 
Plans and Pricing
- Restart organization subscription: Bitwarden subscriptions that have ended or lapsed will now have a 7 day grace period in which users can reactivate their subscription. Learn more about organization renewal here. 
This release includes:
Password Manager
- SSH agent: Bitwarden users can now securely store and generate SSH keys directly with Bitwarden Password Manager. Learn more about the Bitwarden SSH agent here. 
- Use web device approval: Use the web app to approve new trusted devices and login with device requests. Learn more here. 
- Updated generator for desktop: The password and username generator on desktop apps has had its UI refreshed to mirror newer designs from other Bitwarden apps. Learn more here. 
Admin Console
- SSO external ID added to Public API responses: Public API responses that return data on organization members will now include their SSO external identifiers when applicable. Learn more here. 
Self-hosting
- Legacy user encryption key migration: When updated to server version - 2025.1.3, self-hosted servers will require users with extant legacy encryption keys, typically accounts created prior to 2021 who do not frequently use the web app, to log in to the web app to migrate legacy encryption keys.
note
Impacted users will be logged out of, and prevented from logging in to, non-web Bitwarden clients until they have completed migration by logging into the Bitwarden web app. To ensure there is no loss of service for your users, Bitwarden recommends:
- Upgrading your self-hosted server to - 2025.1.0as soon as possible.
- Notifying users that they should log in on the web app following this update to ensure extant legacy keys are migrated before being enforced by - 2025.1.3.
- Scheduling the upgrade of your hosted server to - 2025.1.3some period of time following the notification to allow users to migrate extant legacy keys.
This release includes:
Password Manager
- More autofill customization options: Browser extensions now have more options for customizing your autofill experience, including the ability to select the item card to autofill instead of the Fill button, and several quick copy actions. Learn more here. 
- Biometric unlock for Snap Store desktop app: Password Managed desktop apps downloaded via the Snap Store now support biometric unlock. Learn more here. 
- Inline autofill for TOTP codes: The inline autofill menu can now be used to select TOTP codes. Learn more about the inline autofill menu here. 
- Long-press to autofill on iOS: Long-press any text field on iOS 18+ to autofill from Bitwarden. Learn more here. 
- New Public API operation: A GET operation has been added to the - /public/organization/subscriptionendpoint. Learn more about the Bitwarden Public API here.
Admin Console
- Remove Free Bitwarden Families sponsorship policy: This policy will allow Enterprise organizations to prevent users from redeeming a sponsored Families plan through their organization. Learn more here. 
- Integrations page: An Integrations page has been added to the Admin Console navigation menu. The integrations page provides Help Center links to popular Bitwarden integrations for SSO, event management and more! 
Provider Portal
- Provider members can no longer export client vaults: In order to increase security and privacy for client organizations, provider members will no longer have access to export client vaults. 
note
In 2025, Bitwarden will begin phasing out support for FIDO Universal 2nd Factor (U2F) keys, which can be identifies as those marked (Migrated from FIDO) in the Two-step Login → Manage FIDO2 WebAuthn view of the web app. If you currently use a migrated U2F key, remove and re-register the key to automatically set it up with WebAuthn.
This release includes:
Password Manager
- Browser extension & web app UI refresh: The Bitwarden Password Manager browser extension UI has been redesigned. Some included styling changes also enhance the web app's UI. Learn more here. 
- Web app view item panel: The web app will now open items to a View panel, rather than directly to an Edit panel. Only users with edit access to items will be able to use the Edit button to change a vault item. Learn more here. 
- Autofill TOTP codes iOS 18.0+: Bitwarden keyboard autofill feature on iOS 18.0 (or newer) will now autofill TOTP codes in login forms. Learn more about iOS autofill here. 
- PasswordXP .csv importer: PasswordXP .csv has been added to the list of formats available for import into Bitwarden Password Manager. Learn more here. 
- Netwrix Password Secure .csv importer: Netwrix Password Secure .csv has been added to the list of formats available for import into Bitwarden Password Manager. Learn more here. 
Admin Console
- SCIM for Teams organizations: Teams organizations can now use System of Cross-domain Identity Management (SCIM) to automatically provision members and groups from a source directory. This was previously only available for Enterprise organizations. Learn more here. 
This release includes:
My Account
- Email verification during sign up for all clients: Users who create a new Bitwarden account using any Bitwarden client will now be asked to verify their email before creating a master password. Learn more here. 
Password Manager
- Inline autofill menu password generation: The inline autofill menu can now be used to easily generate passwords when filling out account creation or password update fields. Learn more here. 
- Inline autofill menu options for cards and identities: You can now turn on and off the option to include cards and identities as suggestions in the inline autofill menu. Learn more here. 
- iOS copy & paste updates: Several updates have been added to Bitwarden on iOS copy & paste functionality for ease of use. 
- Improved error handling for non-official servers: To help users who are using non-official Bitwarden servers, new error messaging has been added to help identify errors when connecting to a non-official server. 
- Temporarily remove 'Allow screen capture' toggle on desktop apps: To improve the experience with this feature, it has been temporarily removed from macOS and Windows desktop apps. Desktops apps will, for now, be captured by screenshots and screen sharing. 
- Increase min number of words for passphrases: The passphrase generator will now require that generated passphrases include at least 6 words, except on mobile clients. Learn more here. 
Admin Console
- Collection management settings update: The limit collection creation and deletion to owners and admins setting has been separated into two individual settings for each action respectively. Learn more about collection management here. 
- Can manage permission required for deleting collection items: The Can manage permission is now required in order to delete collection items. Users with Can edit will not longer have the capability. Learn more about member permissions here. 
This release includes:
Admin Console
- Restrict access to - bw list org-memberscommand: This command, and the equivalent endpoint in the Vault Management API, is now restricted to owners, admins, and custom users with the "Manage users" permission.
Provider Portal
- Billing system migration: Starting this month, existing providers will begin to be migrated to the updated client organization billing system. Learn more here. 
This release includes:
My Account
- Email verification during sign up: Users who create Bitwarden accounts through the web app will now be asked to verify their email before they create a master password. Learn more here. 
Password Manager
- Unlock with biometrics - Linux browser extension: Unlock with biometrics for the Bitwarden browser extension is now available for Linux users on Chromium-based browsers. Learn more here. 
- Desktop apps prevent screen capture: By default, desktop apps for Windows and macOS will now prevent screen capture and recording. Learn more here. 
- Sync a locked vault on desktop: Desktop apps can now manually sync even when the active account is locked. Learn more here. 
Admin Console
- Microsoft Sentinel integration: A new native integration is available for security information and event management (SIEM) with Microsoft Sentinel. The integration offers comprehensive event coverage across authentication, organizational activities, and vault items. Learn more here. 
- Ping Identity SCIM support: System for cross-domain identity management (SCIM) with Ping Identity is now officially supported for Bitwarden organizations. Use the Ping Identity SCIM integration to automatically provision members and groups in your Bitwarden organization. Learn more here. 
- Upgrade plan UI improvements: Improvements have been made to streamline the process for upgrading your organization to another plan. Learn more here. 
- Automatically log in users for allowed applications policy: This new policy will allow IdP administrators to enable non-SSO applications to automatically log in users when launched from their IdP dashboard. Learn more here. 
This release includes:
Password Manager
- PDF attachments now downloaded by default on web app: PDFs stored as item attachments will be downloaded to your device for viewing, rather than opening in a new browser tab. Learn more here. 
Secrets Manager
- New Machine account view: Machine accounts have a new Config tab, which provides a quick view of information that might be required when configuring an application to use a machine account. Learn more here. 
This release includes:
Password Manager
- Inline autofill menu for passkeys: Use the inline autofill menu to authenticate with passkeys. Learn more here. 
Admin Console
- Member access report: Enterprise organizations can use the member access report to monitor organization member's access to groups, collections and items. Learn more here. 
- Fix for removed user events: Events are now properly logged for users removed via the Public API or Directory Connector. 
This release includes:
Password Manager
- Native mobile app for iOS: Password Manager mobile apps downloaded via the Apple App Store have been upgraded to native mobile applications. Learn more here. 
- Password generator for password-protected exports: Bitwarden can now generate unique passwords for password-protected exports. Learn more about password-protected exports here. 
Admin Console
- Rapid7 SIEM integration: Bitwarden organizations can now use Rapid7 for security information and event management (SIEM). Learn more here. 
note
In a future release, Password Manager mobile apps downloaded via the Apple App Store and Google Play Store will be upgraded to native mobile applications. Learn more here.
This release includes:
Password Manager
- Autofill cards and identities: Additional autofill methods can now fill cards and identities: 
- Unlock with biometrics Linux desktop app: Unlock with biometrics on the Bitwarden desktop app is now available for Linux users using Polkit. Learn more here. 
Secrets Manager
- Display total amount of machine accounts, projects and secrets: The Secrets Manager navigation bar will now display the total number of machine accounts, projects, and secrets that you have access to. 
Admin Console
- Additional supported options when changing member decryption options: If your organization moves from SSO with trusted devices to master password decryption, users will be prompted on next log in to create a master password instead of requiring administrators to issue one beforehand. Learn more here. 
Provider Portal
- UI improvements: The "People" page has been renamed to the "Members" page and the color scheme of the Provider Portal has been changed to match the Admin Console. 
This release includes:
Secrets Manager
- New Secrets Manager landing page: Quickly learn more about Secrets Manager and sign up for the product directly from the web app. Learn more here. 
Provider Portal
- Limiting provider access to vault items: For added security and privacy for clients, provider users may no longer directly view, manage, or create items in client organizations' vaults. Provider users may, however, import vault data directly to client organizations. 
This release includes:
Provider Portal
- Consolidated billing for new providers: Billing procedures for providers that join Bitwarden after this release are now streamlined and managed exclusively from the Provider Portal. Existing providers will be migrated to the new billing system in a future release. Learn more here. 
This release includes:
Password Manager
- Remove user verification for passkeys: The recent update requiring user verification for using a passkey on the browser extension has been temporarily rolled back. 
- PRF-Enabled Passkeys will persist through account encryption key rotation: PRF keys used when logging into Bitwarden with a passkey will now persist if users rotate their account encryption key. Learn more here. 
- Invite clarification for emergency contacts and Providers: Trusted emergency contacts and Provider users will now move to a "Needs confirmation" state after they've accepted an invitation to make your next steps clearer. 
- Bulk assign items to collections: From the Vaults view, you can now bulk assign items to an organization's collections. A previous version of this feature was called "Move to organization". Learn more here. 
- Renamed adding items to folders: From the Vaults view, the option to add item to a folder has been renamed from "Move selected" to "Add to folder". Learn more here. 
- Deprecate desktop app setting: The desktop app can now approve device logins by default. Learn more here. 
- Improved SSO identifier workflow: Admins can now distribute the URL of the Enterprise single sign-on screen with their SSO identifier included as a query parameter to automatically redirect organizations members to the IdP for a more streamlined SSO experience. Learn more here. 
Secrets Manager
- Add direct access to a secret: People and machine accounts can now be directly granted access to a secret rather than requiring a project as an intermediary. Learn more here. 
Self-hosting
note
Users should upgrade self-hosted servers to at least this version prior to the 2024.10.x release to ensure compatibility with clients using vault item keys.
- Support for bulk device approval: Self-hosted Bitwarden servers now support bulk device approval for SSO with trusted devices. Learn more here. 
Security
- Vault item keys: An extra layer of encryption in the form of a new encryption key generated for each individual vault item has been added. Learn more here. 
Plans and Pricing
- Invoicing update, monthly-billed organizations: Teams and Enterprise organizations billed monthly will see any prorated seat count adjustments included in their next occurring monthly invoice, rather than in a newly generated invoice per seat count change. 
- Invoicing update, annually-billed organizations: Teams and Enterprise organizations billed annually will see any prorated seat count adjustments included in a once-a-month adjustment invoice, rather than in an immediately-generated separate invoice per seat count change. 
This release includes:
Password Manager
- SSO with trusted device bulk approval: Admins and owners may now approve trusted device requests in bulk using the web app or CLI. 
- Legacy user encryption key migration: Bitwarden accounts created prior to 2021 will have their account encryption keys migrated to Bitwarden's modern user symmetric key. These users will be logged out of non-web Bitwarden clients until they have completed the migration by logging into the Bitwarden web client. Learn more about Bitwarden encryption here. 
Self-hosting
- Support for more collection management options: Self-hosted Bitwarden servers now support the Owners and admins can manage all collections and items collection management option. Learn more here. 
This release includes:
Password Manager
- Collections management update: A collection management option has been added that allows you to determine whether admins and owners are automatically provided management permissions to all collections, and the items therein, in your organization. Learn more here. 
This release includes:
Password Manager
- User verification for passkeys: Browser extensions may now prompt users to verify with biometrics, PIN, or master password when using a stored passkey to login. Learn more here. 
- In-product getting started: Users that are new to Password Manager will now be shown a getting started module to help them get started protecting credentials quickly. 
- Browser extension settings reorganization: Use the newly reorganized settings screen on browser extensions to quickly locate and modify browser extension settings. 
- Firefox extension gains full functionality in private windows: Bitwarden browser extensions used in Firefox private windows no longer have any limitations. Learn more here. 
- Additional location for product switcher: The product switcher, used to move between Password Manager, Admin Console, Secrets Manager, and Provider Portal can now also be found in the bottom left of your navigation. 
- Password-protected export for browser extensions and desktop: Browser extensions and desktop apps can now export password protected encrypted exports. Learn more here. 
Bitwarden Authenticator
- Import to Bitwarden Authenticator: Import data directly to Bitwarden Authenticator from a variety of other authenticator apps, including Google Authenticator, LastPass Authenticator, Raivo, and 2FAS. Learn more here. 
Secrets Manager
- Start a Secrets Manager trial: Start a Secrets Manager enterprise trial to test a proof-of-concept and gain access to enterprise features like SSO and SCIM integrations, enterprise policies, self-hosting, event logs, and priority support. Sign-up for a free 7-day trial of Secrets Manager today. 
- Secrets Manager Kubernetes Operator (beta): Use the Bitwarden Secrets Manager Kubernetes Operator to securely and efficiently integrate Secrets Manager into Kubernetes workflows. Learn more here. 
Admin Console
- Configure custom users via API: Organization members' custom role permissions can now be configured via the Public API. Learn more here. 
This release includes:
Password Manager
- Clone organization items from My vault: Users with Can manage permission can now clone organization-owned items from their Vaults view. Learn more here. 
- Browser extension platform upgrade: Starting this week, Password Manager browser extensions will begin a gradual upgrade to a new extension platform called Manifest V3, beginning with 1% of users and increasing incrementally throughout the month of May. You do not need to take action either to initiate this upgrade or once it’s completed. 
Admin Console
- Splunk Cloud integration: The Bitwarden Event Logs app is available for information and event management on Splunk Cloud Classic and Splunk Cloud Victoria. Learn more here. 
Self-hosting
- Collection management and deprecation of manager role: Self-hosted servers can now access collections management functionality and will have users with the Manager role migrated to the User role with a new Can manage permission. Learn more here. - tip- If you're self-hosting, set your collection management settings in your cloud organization and then update your self-hosted server's license to carry those settings over to your self-hosted organization. 
This release includes:
Password Manager
- Use passkeys on mobile apps: Password Manager mobile apps can now be used to create and sign in with passkeys. This feature is available for iOS and as a beta for Android. Learn more here. 
- Delete stored passkeys: Passkeys that have been stored with Bitwarden login items can now be deleted using the Bitwarden browser extension and desktop app. Learn more here. 
- Additional permission for browser extensions: Browser extensions in this version require a new permission from Manifest V2 browsers to better manage content script injection. Learn more here. 
Secrets Manager
- New integrations page: Get quick access to Secrets Manager integrations through the new page available from the Secrets Manager web app. 
- Secrets Manager CLI Docker image: The Bitwarden Secrets Manager CLI is now available as a Docker image. Learn more here. 
Introducing the new Bitwarden Authenticator standalone mobile app. Use Bitwarden Authenticator to generate verification codes for two factor authentication for apps and websites. Download from app stores or learn more.
This release includes:
Password Manager
- Delete stored passkeys: Passkeys that have been stored on Bitwarden login items can now be deleted from the Vault item → Edit screen of the Bitwarden web app. Learn more here. 
Secrets Manager
- "Service accounts" now "Machine accounts": Service accounts have been renamed to machine accounts. 
tip
With recent migrations to a new permissions structure that brings greater collections management flexibility to your organization, vault items that are not assigned to a specific collection are now no longer displayed in your Password Manager All vaults view. Learn how to access these items.
This release includes:
Password Manager
- New languages available for Bitwarden apps: With the contributions of community translators, new language options are now available across Bitwarden apps! See a complete list of languages here. Learn more about contributing to Bitwarden localization here. 
- Desktop app hardware acceleration: Bitwarden desktop apps now have an option to turn on or off hardware acceleration to optimize performance. This setting is enabled by default. 
Admin Console
- Bulk assign items to collections: Organization items can be assigned to collections in bulk from the Admin Console. Learn more here. 
This release includes:
Self-hosting
- New logs functionality for Linux deployments: Linux deployments using the standard - bitwarden.shshell script can now use a new option to download compressed log files (see here).
This release includes:
Password Manager
- Web app navigation update: The Bitwarden web app has been totally redesigned! We hope you enjoy the new experience (learn more). 
- Duo 2FA login update: Duo has introduced Universal Prompt for users and admins. Duo admins who have enabled the service will see slight changes to the Duo 2FA login process. See here. 
Self-hosting
- Support for log in with passkeys (beta): Self-hosted Bitwarden servers now support the log in with passkeys feature (see here). 
This release includes:
Admin Console
- Collection management for end-users: Organizations now have the option to allow all users to create and manage their own collections. This option, located on the Organization info screen, is opt-in for existing organizations and opt-out for organizations created after 2024.2.2 (see here). 
- Deprecation of Manager role: When you turn on collection management, organization users with the Manager role will be migrated to the User role with a new Can manage permission over their assigned collections (see here). 
Secrets Manager
- Ansible integration: Use Bitwarden Secrets Manager to retrieve secrets and inject them into your Ansible playbook (see here). 
This release includes:
Password Manager
- Browser extension TOTP capture: Use the Bitwarden browser extension to scan a webpage and save TOTP authenticator QR codes (see here). 
- Increased import item quantity maximum: Imports made to Bitwarden Password Manager can now contain roughly double the amount of data (see here). 
Admin Console
- Unique SP entity IDs per organization: Organizations using SAML for SSO can now upgrade their entity IDs to be unique for their organization. Doing so will require re-configuring on the IdP (see here). 
Plans & Pricing
- Automatic tax calculation: Tax rates for subscriptions will now be automatically calculated based on geography by our payments sub-processor. The subtotal charged by Bitwarden will remain the same, however you may notice a change in your tax-inclusive monthly invoice. 
This release includes:
Password Manager
- Passkey storage for self-hosted: Passkeys can now be stored in self-hosted Bitwarden servers (see here). 
Admin Console
- More collections permissions via Public API: You can now use the Public API to hide passwords from users for any collection (see here). 
This release includes:
My Account
- Log in with passkeys (beta): Passkeys can be used to log in to the Bitwarden web app as an alternative to using your master password and email (see here). 
Password Manager
- Account switching for browser extensions: Log in to up to 5 accounts and switch seamlessly between them when using Bitwarden browser extensions (see here). 
Admin Console
- Configure subscription via Public API: Use new Public API endpoints to configure subscription information like seat count, maximum auto-scaling, and storage (see here). 
- More organization upgrade paths: More Bitwarden organizations can now upgrade to a different subscription without needing to contact support. 
Bitwarden can now be self-hosted in Kubernetes deployments using a Helm Chart (see here).
This release includes:
Password Manager
- Auto-fill menu: Auto-fill credentials while browsing the web by turning on the new inline auto-fill menu (see here). 
This release includes:
Password Manager
- Option to turn off prompt to use passkeys: You can now choose whether or not your browser extension will ask to save and use passkeys. (see here). 
- Forward Email support on mobile: Forward Email can now be used on mobile apps as a forwarded email alias provider for the username generator (see here). 
- Vault health reports update: Organization members will now see organization-owned items which they have Can edit access to in their individual vault health reports. 
Admin Console
- Elastic integration: Bitwarden organizations can now use Elastic for security information and event management (SIEM) (see here). 
- CLI event logs: Event logs viewed from the web app will now specify which events were logged by the Bitwarden CLI. 
Secrets Manager
- Secrets manager CLI output: A new format has been added to output secrets as key-value pairs in the Secrets Manager CLI (v0.4.0) (see here). 
This release includes:
Password Manager
- Save passkeys to your vault: Passkeys can now be stored in your Bitwarden vault! Store and log in with passkeys using the Bitwarden browser extension (see here). 
- Direct LastPass importer: Import data from LastPass directly to Bitwarden using browser extensions or desktop apps, including if you're a member of a team using SSO with LastPass (see here). 
- Import from browser extensions and desktop apps: Data can now be imported to Bitwarden from browser extensions and desktop apps (see here). 
- Mobile settings reorganization: The Settings tab on mobile apps has been reorganized into more intuitive categories. 
- Support for self-hosted alias providers: The username generator on Password Manager clients can now be connected to self-hosted Addy.io and SimpleLogin instances (see here). 
- Auto-fill cards and identities via context menu: Cards and identities can now be auto-filled by browser extensions using the context menu (see here). 
Secrets Manager
- Support for self-hosting: Enterprise organizations can now self-host Secrets Manager (see here). 
- New event logs view: Service account event logs can now be accessed directly from the service accounts view (see here). 
This release includes:
- FIDO2 WebAuthn now a free two-step login option: The FIDO2 WebAuthn method for two-step login has been expanded to free accounts. Now every Bitwarden user can improve login security using compatible FIDO2 WebAuthn credentials, such as those device-bound to hardware security keys (see here). 
- Organization member email verification: Organization members will have their email automatically verified when they accept an invitation to join or if they are a member of an organization using domain verification. 
- Export update: JSON exports of vault data will now include the password history for applicable items (see here). 
- CLI password generator options: Generating a password using the CLI has additional option flags for customizing password complexity (see here). 
- ProtonPass JSON importer: ProtonPass JSON has been added to the list of formats available for direct import into Bitwarden Password Manager (see here). 
- Desktop app theme update: The desktop app's dark theme has been updated! 
This release includes:
- SSO with trusted devices: SSO with trusted devices allows users to authenticate using SSO and decrypt their vault-stored encryption key without entering a master password (see here). 
- Manager collection access: To reduce visibility to non-essential data, managers can now only see collections that they are assigned to. 
This release includes:
- Secrets Manager - General availability: Bitwarden Secrets Manager is now generally available for empowering developers, DevOps, and cybersecurity teams to centrally store, manage, automate, and deploy secrets at scale. Learn more about Secrets Manager plans and sign up today. 
- Import to a folder or collection: Import data directly to an existing folder, or if you're a member of an organization directly to a collection, from the Tools → Import data screen. 
This release includes:
- Secrets Manager - CLI updates: New commands were added for editing and creating projects and secrets, and the syntax used by the CLI has been restructured (see here). 
- EU Cloud: Bitwarden cloud servers are now available with vault data storage in the European Union (see here). 
This release includes:
- Login with device for self-hosted: Bitwarden applications connected to self-hosted servers can now log in by sending an authentication request to a registered device instead of using a master password (see here). 
- Forward Email alias integration: Connect the Bitwarden username generator to Forward Email for easy creation of email aliases (see here). 
- Browser extension TOTP auto-fill: Browser extensions will now auto-fill TOTP codes automatically unless you're using auto-fill on page load (see here). 
- Policies - Renamed Admin password reset: The Admin password reset policy is now named Account recovery administration (see here). 
- Use auto-fill in <textarea>s: Bitwarden apps can now auto-fill credentials into HTML - <textarea>elements.
- Create folders and collections from Vaults page: Folders and collections can now be created from the main Vaults page using the New button. 
This release includes:
- Secrets Manager - Service account write access: Service accounts can now be granted write access to projects and secrets (see here). - tip- Fully utilizing write access for machine accounts is dependent on a forthcoming CLI release. For now, this simply makes the option available in the UI. Stay tuned to the Release Notes for more information. 
- Secrets Manager - Bulk user management: Organization members can now be added to Secrets Manager in bulk (see here). 
warning
Beginning with the 2023.5.0 release, Password Manager desktop apps will no longer support Windows 8.1 and older or Windows Server 2012 and older.
Users of these operating systems may download a 2023.4.0 desktop app here and must disable automatic updates (learn more here). We recommend upgrading to a supported operating system, as old client versions are not guaranteed to be supported by Bitwarden cloud servers long-term and may present security risks to you in the future.
This release includes:
- Environment selector: The workflow for connecting Bitwarden apps to self-hosted servers was improved. See here. 
- Password Manager - Improved auto-fill for German HTML: German-language HTML fields are now available for auto-fill. See here. 
- Self-hosting - Clarification to language around server licensing: There is a grace period of 60 days to upload a new license to replace an expired one. See here. 
- Low KDF alert: A new alert will appear in the web app when a user's KDF iterations are lower than industry recommendations, currently 600,000 iterations. See here. 
This release includes:
- Secrets Manager - Create project during secret creation: You can now create a new project in the secret creation menu. See here. 
This release includes:
- Splunk integration: Bitwarden organizations can now use self-hosted Splunk Enterprise for security information and event management (SIEM). Learn how to get started with Splunk here. 
- Improved reseller billing: Bitwarden resellers will now be the only entities with access to see billing, subscription, or payment information for their customer organizations. See here. 
- Master password requirements policy update: If enabled, the master password requirements policy can now be set to prompt pre-existing non-compliant users to update their master passwords. See here. 
- Vault timeout policy update: The vault timeout policy now provides the option to designate vault timeout actions. See here. 
- Desktop - New biometrics options: You can now choose whether to require a master password on app start or allow biometrics on launch. See here. 
- Desktop - Windows Hello security improvements: A vulnerability related to Windows Hello and Windows Credential Manager has been addressed. As an additional measure, we recommend using the new option to require a master password on app start. See here. 
- Browser extension - Improved form detection: The logic for form detection has been improved and bug reports addressed for the browser extension’s notification bar. For a technical breakdown, see here. 
This release includes:
- Domain verification: Organizations can verify ownership of domains (e.g. - mycompany.com), allowing users to skip the organization identifier step when using login with SSO. See here.
- Browser Extension - Improved auto-fill security: Browser extensions will now disallow auto-fill on page load for untrusted iframes. Browser extensions will also warn users about untrusted iframes when manually auto-filling, using the context menu, or using keyboard shortcuts, and will warn users when auto-filling HTTP sites that expect HTTPS based on that item's saved URI(s). See here. 
- Master password security checks: Users can now check known data breaches for their prospective master password via Have I Been Pwned when creating an account or changing their master password on the web vault. See here. 
- Master password length requirement: Master passwords must now be at least 12 characters long. This rule will be enforced for new Bitwarden accounts and for any users that change their master password. 
- Activate auto-fill policy: For Enterprise organizations, the Activate auto-fill policy will automatically turn on auto-fill on page load for new and existing members of your organization. See here. 
- Browser Extension - Improved notification bars: Notification bars for adding undetected items to your vault now have more intuitive workflows for users subject to the Remove individual vault policy. See here. 
- iOS - Choose Bitwarden for verification codes: Users on iOS 16+ can now set Bitwarden as their default application for storing verification codes when scanned codes directly from the camera app. See here. 
- Mobile - Change language in-app: Users can change the language in the Bitwarden mobile app to differ from the language set on their device OS. See here. 
Bitwarden Secrets Manager is now available as an open beta. Learn how to get started here.
This release includes:
note
Self-host Announcement
In this release, we've migrated to a new SQL client which expects either a valid certificate or the presence of TrustServerCertificate=True in the connection string set in global.override.env. Please check for one of these before updating your server.
- Argon2: You can now change the algorithm used to derive your account's master key to Argon2id from the Account settings → Security → Keys page. See here. - note- 2023-02-14: Argon2 is supported by Bitwarden clients version 2023.2.0 and later, and switching to Argon2 via the web vault could mean other clients will not be able to load your vault until they’re updated, typically within a week after release. 
- Increased default KDF iterations for PBKDF2: New Bitwarden accounts will use 600,000 KDF iterations for PBKDF2, as recommended by OWASP. Existing accounts can manually increase this number. See here. 
- Master password security checks: New users who create their accounts on mobile apps, browser extensions, and desktop apps can now check known data breaches for their prospective master password via HIBP. This will be brought to the web vault in a future release. See here. 
- Organization vault updates: As part of an ongoing effort to improve the web vault UI, some organization administration functions were redesigned, for example a consolidated Vault view for item and collection management as well as dedicated Members and Groups views. 
- Log in with device on additional clients: Log in with device is now available on additional clients. Login requests can now also be initiated from browser extensions, desktop apps, and mobile apps and can now also be approved from desktop apps. See here. 
- Automatic license sync for self-hosted organizations: Self-hosted organizations can enable automatic license sync in order to automatically update billing and subscription changes instead of having to manually re-upload licenses. See here. 
- SQLite DB option for Bitwarden unified: SQLite is now an available database option for Bitwarden unified self-hosted deployments. See here. 
- Updated self-hosted installer URLs: The URLs for downloading self-hosted server installers have changed. See here for Linux and here for Windows. 
- Psono importer (json): A new import option is available for Psono (json) exports. See here. 
This release includes:
- Bitwarden on Apple Watch: Bitwarden has added Apple Watch support to provide an additional option for accessing TOTP login codes. See here. 
- New environment variable: An environment variable to enforce the Require SSO authentication policy for owners and admins is now available for self-hosted servers. See here. 
- Bitwarden unified - Support for custom database ports: Unified deployments now support running the database on a custom port using a new environment variable. See here. 
- Passky importer (json): A new import option is available for unencrypted Passky (json) exports. See here. 
- Custom avatar colors: Change the color of your avatar from the web vault Account settings → My account page. 
This release includes:
- Browser Extension - Themed notification bars: Themed notification bars have been added to the Bitwarden browser extension to match the popular color themes. 
- Browser Extension - UI update: UI updates have been made to the Bitwarden browser extensions. 
- Bitwarden on Apple Watch (beta): Bitwarden on the Apple Watch will be available in beta to users who sign up through TestFlight and will provide an additional option for accessing TOTP login codes. Learn more here. 
Bitwarden is excited to announce the beta release for a new option available to self-host users. The Bitwarden unified deployment is light weight and flexible option for users who wish to control and deploy Bitwarden on their own server. For more information on the beta, see here.
This release includes:
- Log in with device: Log in to the web vault by sending an authentication request to your registered mobile device instead of using your master password (see here). 
note
This release does not include updates to the browser extension, which will remain at version 2022.10.1.
This release includes:
- Organization vault updates: As part of an ongoing effort to improve the web vault UI, some organization administration functions have been moved, for example into dedicated Billing and Reporting tabs. 
- Login flow updates: To accommodate new log in options, the log in process has been separated into two screens. 
- SCIM updates: SCIM-triggered events will now log from - SCIMinstead of- Unknown, and the SCIM API key will now be obfuscated by default.
- Generate username & password from iOS app extension: "On-the-fly" generation of usernames and passwords can now be done from the iOS app extension, accessible from the Share menu while using apps like browsers. 
- New theme for mobile: The popular Solarized Dark theme has been brought to mobile. 
- Directory Connector - Group filter queries for Google Workspace: Query parameters can be used in group filters for Google Workspace (see here). 
- Performance Optimization: We've improved web vault load times and experience for accounts with access to thousands of vault items. 
This release includes:
- Password protected encrypted export: Encrypted - .jsonexports can now be encrypted with a password of your choosing. Password protected exports can be imported to any Bitwarden account (see here).
- Mobile username generator: The username generator is now available for use on Bitwarden mobile apps (see here). 
- DuckDuckGo email alias integration: Connect the Bitwarden username generator to DuckDuckGo for easy creation of email aliases (see here). 
- DuckDuckGo macOS browser integration: We've partnered with DuckDuckGo to create an integration with their forthcoming macOS browser! Stay tuned for more information on when they'll launch this feature. 
- SCIM update: Revoked users will no longer occupy licensed seats in your organization (see here). 
This release includes:
- Fastmail email alias integration: Connect the Bitwarden username generator to Fastmail for easy creation of email aliases (see here). 
- Provider Portal update: The main Provider Portal screen now has at-a-glance seat and plan reporting for each client organization. 
- Organization vault export event: When an owner or admin performs a vault export, the action will now be recorded on the organization's event logs (see here). 
- Browser Extension - Support for pre-configured environment URLs: Self-hosting customers can now pre-configure environment URLs for browser extensions, streamlining rollout for end users by using endpoint management to deploy your configuration (see here). 
- Mobile - Update to Bitwarden Authenticator: Mobile apps now have a Verification Codes screen that provides quick and easy access to your TOTPs (see here). We've also improved the process for adding TOTP codes to vault items through the mobile app (see here). 
- CLI - - serveOrigin protection: The- servecommand will now block any requests made with an- Originheader by default (see here).
This release includes:
- SCIM for Enterprise Organizations: Enterprise Organizations can now use System of Cross-domain Identity Management (SCIM) to automatically provision members and groups from a source directory (see here). 
- hCaptcha for Failed Login Attempts: You'll now receive an email and be required to complete hCaptcha validation if we detect 9 consecutive failed login attempts. 
This release includes:
- User Revocation: Organizations can now temporarily revoke user access to an Organization without fully removing them (see here). 
- Enterprise Policies Updates: Enterprise policy names and descriptions have been updated to better describe their impact on your Organization (see here). 
- Settings and Preferences Updates: The names and descriptions of some app settings and preferences have been updated to be more intuitive. 
This release includes key features and usability improvements that make Bitwarden even better on-the-go:
- Account Switch during Auto-fill (iOS): Quickly switch to another account during auto-fill by tapping the avatar button, now available on Android and iOS (see here). 
- Vault Filter for Mobile: On mobile apps, you can now filter items by vault. 
- Org Member Premium Status: Organization members can now use premium features like advanced 2FA methods as soon as they're invited, rather than confirmed. 
- Accessibility Improvements: This release includes a few changes that will improve the performance of Bitwarden with assistive technologies, including the ability for users with hCaptcha Accessibility Access to use their Accessibility Cookie to skip hCaptcha challenges (now available for desktop and mobile apps). 
note
We've got new version numbering!
To make it easier to track versions of the many Bitwarden apps as we move to a near-monthly release cycle, we've adopted a new version numbering system that will be shared by all clients. This release is 2022.5.0 because it's the base release (.0) of May (.5.) 2022 (2022.).
This release includes:
- Web Vault UI Updates: The Web Vault has received design updates, some of which improve filtering between individual and Organization vault items. This is the first phase of a multi-part project to update the Web Vault for both individual users and Organizations. 
- Families Sponsorships for Self-hosted Enterprise Orgs: Families Organization Sponsorships can now be issued for members of self-hosted Enterprise Organizations (see here). 
- Username Generator - Forwarded Email Alias Type: Integrate the username generator with SimpleLogin, Addy.io, or Firefox Relay to automate simultaneous creation of usernames and corresponding email aliases (see here). 
- Item Linking: Copy the URL of an item for use as a direct link to provide to Organization members or in documentation (see here). 
- Account Switch during Auto-fill: On Android, quickly switch to another account during auto-fill by tapping the avatar bubble (see here). 
- Changes to Client Organization Billing: As of this release, only Provider users can view billing information for Client Organizations. 
Desktop 1.330, Browser Extension 1.58.0, Mobile 2.18.0, CLI 1.22.1, Directory Connector 2.10.1
note
Supportability Announcement
As of this release, macOS desktop apps downloaded from the App Store will require macOS Mojave (10.14) or greater. .dmg installers, available from bitwarden.com/download and Github, are not subject to the same restriction.
- Username Generator for Browser and Desktop: Generate usernames for new credentials using email-based conventions like plus addressing or using random words (see here). 
- CLI - New - serveOption: Use the- —hostnameoption to securely bind your API web server to a host (see here).
Server 1.48.0, Web 2.28.0
The latest release includes community-requested features and the beginning of a multi-part effort to update the web vault UI. Updates to client apps (browser extension, mobile, desktop, and CLI) will come in a follow-on release:
- Username Generator for Web Vault: Generate usernames for new credentials using email-based conventions like plus addressing or using random words. A follow-on release will include the username generator for browser extensions and desktop apps (see here). 
- Web Vault - Reports Page: We've updated the location and feel of the Reports page to make it easier to find and take action on report results (see here). 
- Improvements to macOS & Safari Importer: We've fixed some issues that resulted in the macOS and Safari importer failing to import URLs and notes properly. 
- Accessibility Improvements: This release includes a few changes that will improve the performance of Bitwarden with assistive technologies like screen readers. 
Browser Extension 1.57.0, Mobile 2.17.0
Following last week's release, the following has been released for mobile apps and browser extensions:
- Account Switching added to Mobile: Log in to up to 5 accounts and switch seamlessly between them when using Bitwarden on Android and iOS (see here). 
- Support for Firefox Private Mode: This release includes more robust support for Firefox Private Windows (see here). 
Server 1.47.0, Web 2.27.0, Desktop 1.32.0, CLI 1.22.0, Directory Connector 2.9.11
The latest release focuses on improvements to individual applications so that you can use Bitwarden exactly the way you need to. Updates to mobile apps and browser extensions will come in a follow-on release:
- Vault Management API via CLI: Using the new - serveCLI command, you can make API calls to a full suite of Vault Management endpoints (see here).
- Changes to export CLI Command: - exportno longer requires a master password, however you can now use a- --passwordargument to set a custom encryption/decryption password for encrypted exports (see here).
- New Importers: We've added custom importers for Dashlane - .csvfiles and 1Password- .1puxfiles (requires 1Password v8.5+).
- Improvements to Myki Importer: Learn more. 
- Deprecation of Artifact Binding: Due to security concerns, Artifact binding for SAML SSO configurations has been removed (learn more). 
- Support for Docker Compose v2 
Server 1.46.0, Web 2.26.0, Desktop 1.31.0, Browser Extension 1.56.0, Mobile 2.16.0, CLI 1.21.0, Directory Connector 2.9.9
To kickoff 2022, Bitwarden is pleased to release:
- Account Switching for Desktop: Log in to up to 5 accounts at once in the Bitwarden desktop app. This is the beginning of a phased rollout of this feature across Bitwarden apps, with more to come soon (see here). 
- Send on iOS: You can now share a Bitwarden Send directly from the iOS share menu (see here). 
- Delete Account from Mobile: You can now delete your Bitwarden account from the mobile app, but why would you (see here)? 
- New Icons: We've updated the look and feel of all Bitwarden apps with all-new icons. Feast your eyes! 
- Directory Connector - Azure AD Sync Performance: Performance for Directory Connector syncs against Azure Active Directory has been improved. Organizations syncing with Azure AD will not need to change their sync configuration. 
- Back End Improvements: We've been hard at work improving the general performance and stability of the Bitwarden platform, which will springboard some great new features in the future. 
Server 1.45.0, Web 2.25.0, Desktop 1.30.0, Browser Extension 1.55.0, Mobile 2.15.0, CLI 1.20.0
Bitwarden is proud to announce new enterprise features in the December release that add flexibility and value to the enterprise plans:
- Key Connector: (Only available to Self-hosted Organizations) When using Login with SSO with customer-managed encryption, the self-hosted Key Connector application serves cryptographic keys to Bitwarden clients as an alternative to requiring a Master Password for Vault decryption (see here). 
- Families for Enterprise: (Only available to Cloud-hosted Organizations, self-hosted in a future release) Starting with this release, members of Enterprise Organizations can redeem a free Bitwarden Families Organization for sharing with up to 5 friends or family members. Families Organizations include all premium features for all 6 users and unlimited secure data sharing (see here for details). 
- MacOS and Safari Importer: We've added a custom importer for passwords exported from Safari and macOS (see here for details). 
- New Custom Field Type: Linked custom fields can be used to solve issues where your Browser Extension has trouble auto-filling usernames and passwords for a particular site by linking usernames and passwords to bespoke form elements (see here for details). 
- Browser Extension - Unlock Vault while Auto-filling: Trying to auto-fill with the context menu or keyboard shortcut when your Vault is locked will now prompt you to unlock your Vault and automatically auto-fill your credentials once it's unlocked. 
Server 1.44.0, Web 2.24.0, Desktop 1.29.0, Browser Extension 1.54.0, Mobile 2.14.0, CLI 1.19.0
The Bitwarden team is pleased to release a set of features and updates continuing our mission of making password management easy and accessible for individuals and businesses:
note
Deprecation Announcement: The Business Portal has been deprecated. Enterprise Organizations can configure Policies and Login with SSO from the Organization Manage tab.
- Vault Timeout Policy: The Vault Timeout policy will apply a maximum Vault timeout duration for all members of your Organization (see here for details). 
- Disable Personal Vault Export Policy: The Disable Personal Vault Export policy will prohibit non-Owner/non-Admin members of your Organization from exporting private Vault data (see here for details). 
- Auto-scale Organization Seats: Teams and Enterprise Organizations will automatically scale up user seats as new users are invited. Organizations can set a limit on scaling to prevent the seat count from exceeding a specified number (see here for details). 
- Custom Vault Timeout: You can now specify a custom timeframe (Hours and Minutes) for Vault Timeout (see here for details). 
- Custom Role - Improved Collection Permissions: Collection-management permissions for the Custom role have been expanded to include granular controls over whether the user can create, edit, or delete assigned or all Collections (see here for details). 
- Admin Password Reset - Update Password after Reset: Passwords reset by an Admin must now be updated by the user they belong to immediately when they log in to Bitwarden (see here for details). 
- Browser Extension - Autofill Span Elements: The Browser Extension can now auto-fill custom fields in the innerText of HTML - <span>elements (see here for details).
- Browser Extension - Automatic Biometrics Prompt: The Browser Extension can now automatically prompt for your biometric input when opened. You can toggle this behavior from the Settings menu (see here for details). 
- Web Vault - Dark Mode: The Web Vault now has dark mode (see here for details)! 
- CLI - - generatePassphrase Options: The- bw generate --passphrasecommand now includes the options- --capitalizeand- --includeNumber(see here for details).
Server 1.43.0, Web 2.23.0, Desktop 1.28.3, Browser Extension 1.53.0, Mobile 2.13.0, CLI 1.18.1
The latest release of Bitwarden focuses on often requested improvements to existing functionality:
- FIDO2 WebAuthn on Mobile: Two-step Login via FIDO2 WebAuthn is now supported on iOS and Android (see here for details). 
- Admin Password Reset - Automatic Enrollment Improvement: The Automatic Enrollment policy option will now prevent users from withdrawing from Admin Password Reset (see here for details). 
- Browser Extension - Select Folder from Save Bar: You can now select which Folder to save an item to directly from the Browser Extension's save prompt (see here for details). 
- Browser Extension - Custom Field Context Menu Item: You can now copy an HTML element name directly from the Browser Extension's context menu for easy custom field creation (see here for details). 
- Web Vault - Policies Relocation: Enterprise Policies can now only be configured from your Organization's Manage → Policies screen, rather than from the Business Portal. 
- CAPTCHA Validation: Starting with this release, we're turning on hCaptcha validation to protect against bot attacks like credential stuffing. Please note, challenges in the CLI are delivered differently than in other client applications (see here for CLI details). 
tip
Interested in becoming a Provider? To get started, we ask that:
- Your business has an active Enterprise Organization. 
- Your business has a client ready to be onboarded under your Provider. 
The latest release of Bitwarden is focused on enabling Managed Service Providers (MSPs) to support their customers' password management needs:
- Provider Portal: The Provider Portal allows Managed Service Providers (MSPs) and Resellers to create and administer Organizations on behalf of customers. Using the Portal, Providers can seamlessly support credential management across multiple customers (see here for details). 
- Share Verbiage Change: We've updated the Share button to Move to Organization to make it cleared that shared items are owned by the Organization. Additionally, we've updated the "shared item" indicator () to match the Collections indicator (). 
- CLI - moveCommand: In keeping with the above item, the CLI- sharecommand has been changed to- move(see here for details).
The Bitwarden team is happy to announce the rollout of Admin Password Reset, the latest feature purpose-built to help enterprises seeking to ensure password security at scale. This release includes:
- Admin Password Reset: Enterprise Organizations can enroll in Admin Password Reset to allow designated administrators to reset the Master Password of Organization users (see here for details). 
- Master Password Re-prompt: Use the new Master Password re-prompt option to require verification of your Master Password to access sensitive Vault items as designated by the user (see here for details). 
- Bulk User Management: Organization Owners and Admins can now re-send invitations, confirm accepted users, and remove users from an Organization in-bulk (see here for details). 
- Event Log Export: Export event logs directly from the Web Vault (see here for details). 
- Directory Connector API Key Authentication: Starting with this release, users of Directory Connector will need to use the Organization API Key to login. 
- Directory Connector Sync Limit Increase: Directory Connector can now sync an unlimited number of users or groups, where previously the limit was set at 2000 of either. To sync more than 2000 users or groups, toggle the new Sync Option (see here for details). 
- Autofill On Page Load Enhancements: The Browser Extension's Auto-fill on page load feature has been upgraded to more flexibly fit users' unique needs (see here for details). 
- More CLI Options: We've added a few new CLI options, including easy retrieval of Vault item notes ( - bw get notes <id>) and the ability to set maximum access count for Sends (- bw send create --maxAccessCount <#>).
- Web Developer Autofill Exclusion: Web Development contributors can now prevent the Browser Extension from auto-filling a given form element by adding a - data-bwignoreattribute (e.g.- data-bwignore="true") to an- <input>element.
The Bitwarden team is pleased to release a set of features and updates continuing our mission of making password management easy and accessible for individuals and businesses:
- Privacy & Security Options for Send: Use a new Send Privacy option to hide your email from recipients (see here for details). To prevent abuse, File Sends will now require a verified email address. Additionally, Enterprise Organizations can implement a new policy to set the availability of the Hide Email option (see here for details). 
- FIDO Updates & Expanded Support: Our FIDO implementation has been upgraded from FIDO U2F to FIDO2 WebAuthn, but existing FIDO U2F keys will retain their integrity. FIDO support has been expanded to more Browser Extensions and the Windows Desktop App (see here for details). 
- Custom Fields for Keys: Custom Field values have been upgraded to support up to 5000 characters, allowing storage of keys like RSA 4096-bit SSH keys (see here for details). 
- File Size Increases: You can now create File Attachments or File Sends that are up to 500 MB each. Due to device restrictions, the old 100 MB limit is still in place for Mobile Apps. - warning- As a result of the Attachment upgrade, Attachments uploaded on the newest clients cannot be opened on older client versions. If you find you're unable to access a recently-created Attachment, upgrade your client to the newest version. (Hint: The Cloud Web Vault is always on the newest version.) Frozen or legacy client versions, including the Safari 13 (or earlier) macOS Desktop App & App Extension, will not support accessing these attachments. 
- Disable Browser Extension Counter: Disable the Browser Extension badge counter using a new toggle in the Settings → Options menu (see here for details). 
- Biometrics for Safari: The Safari Web Extension now includes support for Unlock with Biometrics for Safari 14+ (see here for details). 
- Search Internationalization: Vaults can now be searched against 1 character, improving the experience for languages with 1-character words like Simplified and Traditional Chinese. 
- Sorted Weak Passwords Report: The Weak Passwords Report is now sorted by the severity of the password's weakness (see here for details) 
tip
Since implementing Soft Delete back in 2020, we've been patient to take out the Trash. Starting 5/15/2021, we'll activate the nightly job that will permanently delete items that have been in your trash for 30 days or more.
Prior to 5/15/2021, we recommend digging through your Trash for anything you might want to Restore!
Bitwarden is proud to announce the release of Bitwarden Send, and end-to-end encrypted solution for ephemeral sharing. This release includes:
- Bitwarden Send: Bitwarden Send is end-to-end encrypted solution for ephemeral sharing. There's lot of material about Send on our website and Help Center, but you can start here or here. 
- FIDO U2F Support for Edge: Two-step Login via FIDO U2F is now available for the Web Vault and Browser Extensions in Microsoft Edge (see here for details). 
- Domain Exclusion in Browser Extensions: Bitwarden Browser Extensions can now be configured with domains to explicitly not offer to remember passwords for (see here for details). 
- Improved Import Error Messages: We've had lots of folks migrating to Bitwarden recently, so we cleaned up an import error message to help you reconcile issues faster (see here for details). 
- Safari Web Extension Port: Our Safari App Extension has officially been ported to a Web Extension for use with Safari 14+. Due to changes to Safari, Web Extension use is now limited to only those obtained through Mac App Store downloads (see here for details). 
note
Biometric Unlock for Browser Extensions is available for only Chromium-based browsers (e.g. Chrome, Edge) with v1.48.0 of the Browser Extension, provided you have the latest version (2021-01-19) of the Desktop App.
When your Browser Extension updates to this version, you may be asked to accept a new permission for Bitwarden to Communicate with cooperating native applications. This permission is safe, but optional, and will enable the Browser Extension to communicate with the Bitwarden Desktop App, which is required to enable Biometric Unlock (see here for details). Declining this permission will allow you to use v1.48.0 without Biometric Unlock functionality.
Biometric Unlock is currently not available for:
- Firefox Browser Extensions below version 87. 
- Microsoft App Store Desktop Apps (a side-loaded Windows Desktop App, available at bitwarden.com/download/ will work fine). 
- Side-loaded MacOS Desktop Apps (an App Store Desktop app will work fine). 
The Bitwarden team is investigating these and will provide updates as things progress.
For the first major release of 2021, the Bitwarden team combined multiple major enhancements to address the critical needs of all users, including:
- Emergency Access: Bitwarden's new Emergency Access feature enables users to designate and manage trusted emergency contacts, who may request access to their Vault in a zero knowledge encryption environment (see here for details).here 
- Encrypted Exports: Personal users and Organizations can now export Vault data in an encrypted - .jsonfile (see here for details).
- New Role: A Custom role is now available to allow for granular control over user permissions (see here for details). 
- New Enterprise Policy: The Personal Ownership policy is now available for use by Enterprise Organization (see here for details). 
- Biometric Unlock for Browser Extensions: Using an integration with a native Desktop application, you can now use Biometric input to unlock Chromium-based Browser Extensions (see here for details). 
The latest release of Bitwarden adds SSO-related enhancements to all client applications, including:
- New Enterprise Policies: The Single Organization and Single Sign-On Authentication polices are now available for use by Enterprise Organizations (see here for details). 
- API Key for CLI: Authenticate into the Bitwarden CLI using an API Key newly available from your Web Vault (see here for details). 
- Improvements to SSO Onboarding: We've made some improvements to the way users are onboarded via SSO to prevent potential security risks (see here for details). 
- GDPR Acknowledgement: From now on, new users of Bitwarden will be asked to acknowledge a Privacy Policy on registration. 
- Android 11 Inline Auto-fill: For devices using Android 11+, enabling the Auto-fill Service will display suggestions inline for IMEs that also support this feature (see here for details). 
The latest release of Bitwarden adds much-anticipated Login with SSO functionality for all client applications, and the Business Portal for Web Vaults. Read this blog post for more information about Login with SSO, and refer to our documentation.
The following items were released between March and September of 2020.