Bitwarden strengthens security with SSO integrations for businesses

Bitwarden delivers single sign-on integrations for businesses. With the recent addition of SSO with Trusted Devices, the company extends the security, flexibility, and convenience of its products.

“Bitwarden provides businesses with the most effective and innovative credential management solutions that balance security and convenience,” said Michael Crandell, CEO, Bitwarden. “Customer options to streamline logins, maintain zero-knowledge encryption, and ensure compatibility across any identity provider make this an ideal time to extend security coverage to all applications. The support for passwordless SSO integrations makes deployment easier than ever.”

Transforming the way global enterprises secure and authenticate their workforce

Before its acquisition, billion dollar high-growth European startup Glovo operated in over 25 countries. It selected Bitwarden for its cross platform, device support, as well as its enterprise SSO capabilities.

“Implementing Bitwarden single sign-on transformed our approach, providing a balance of convenience and uncompromising security,” said Alexander Antukh, (former) Director of Security at Glovo.

Meeting enterprise needs, Bitwarden enables the following SSO integrations:

• SSO with Trusted Devices: An SSO-only login experience for users on registered, trusted devices. This means that the Bitwarden login process is as simple as being authenticated with the SSO service. An encryption key used as part of the vault decryption process is securely stored on the trusted device, so upon SSO authentication, the device can decrypt the Bitwarden vault without additional user input.
• Login with SSO: Enables the security and management of a primary Identity Provider, while coupling that with an independently entered encryption key, or Bitwarden main password, maintained by the user.
• SSO with Customer Managed Encryption: Tailored to self-hosted customers familiar with hardware security modules, this solution ensures that the encryption keys remain securely and exclusively within the customer network. Users log in using SSO and the Bitwarden client retrieves the encryption key from a self-hosted key server without requiring the user to enter a Bitwarden main password.

Password management fills SSO security gaps

Businesses have long gravitated to SSO to secure their SaaS applications. However, even today, it is rare for that coverage to be complete.

Data from 451 Research shows that the surge in remote work and the use of personal applications, identities, devices, and network usage means not all services are covered by SSO. The research further reveals:

• 29% indicate that only ⅓ of their organization’s apps leverage SSO
• 49% of respondents say that ⅓ to ⅔ of their organization’s apps utilize SSO

Now companies of all sizes can easily couple their existing SSO authentication with Bitwarden, simplifying adoption and ensuring stronger security corporate-wide. Bitwarden SSO integrations are compatible with all SAML 2.0 or OIDC-based identity providers such as Azure AD, Okta, Ping Identity and Google Workspace.

SSO integrations are available within the enterprise plans for Bitwarden Password Manager and Bitwarden Secrets Manager.