Bitwarden adds passwordless SSO
Adding trusted devices means no more master password input
Bitwarden, our pick as the best password manager for free, has now added Single Sign-On (SSO) support for trusted devices on its enterprise tiers, which allows users to access their vaults without a password.
On registered devices, users can access their encrypted vault data with SSO authentication alone, via their identity management software of choice. No longer is the Bitwarden master password required.
Even though the Bitwarden Password Manager and Bitwarden Secrets Manager are zero knowledge and end-to-end encrypted, an external SSO provider can still grant access without compromising these security and privacy measures, as the data is separately decrypted after the user is authenticated, using a key that is stored securely on device.
Trusted devices
For users already using the Login with SSO feature in Bitwarden - which still requires the Bitwarden master password to decrypt vault data - turning on the new SSO with trusted devices is simple: in the web app, there is an SSO configuration section in the settings, where the option to enable trusted devices will be found.
For organizations who have never used SSO with Bitwarden before, this will need to be set up first, and requires the activation of some enterprise policies first. Bitwarden has an online guide to explain what is needed.
The company also explains that SSO with trusted devices makes it, "possible for employees to create accounts without ever setting a Bitwarden password. This can be easier for onboarding purposes, but note that doing so limits account recovery options."
Once SSO with trusted devices is enabled, you'll be redirected to your SSO provider to login. Once authenticated, the device you are using will become trusted. Other devices can be confrmed as trusted using Bitwarden's mobile or desktop app. You can also send a request to your admin to approve devices too.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Bitwarden also notes that even items in your vault that pertain to non-SSO enabled applications can still be accessed via SSO with trusted devices. The new integration is available across various Bitwarden Password Manager and Secrets Manger clients on the enterprise plans, with Firefox support set to come soon.
MORE FROM TECHRADAR PRO
Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.