Access your Bitwarden vault without a password

Update Jan 23, 2025: The Bitwarden web app now supports approving new devices logins for Log in with device and new trusted devices for SSO with trusted devices.

Use another device to approve a login to your Bitwarden vault to easily and securely access your accounts without needing to type a master password. For enterprise customers using SSO with trusted devices, the same workflow approves new devices as trusted for future logins. Logins can be approved from the web app, mobile apps, or desktop app.

Before getting started, you will need to be logged into your Bitwarden account on one of the Bitwarden clients that support approving new devices: the web app, the mobile app, or desktop app.

Open the client where you want to log in. For this example, the Bitwarden web app, and enter your account’s email address. On the next screen you will see an option to Log in with device. Selecting this will send a push notification to your Bitwarden mobile and desktop apps for approval, and the request will appear in the web app in Security > Devices.

(Above) The sequence for approving a new login to the Bitwarden web app using the mobile Android app

Open your Bitwarden mobile app, compare the fingerprint phrases, then confirm the login request within the notification. The web app in your browser will automatically log in. Fast and easy!

To extend the passwordless experience to your mobile app you should set up Unlock with Biometrics or Unlock with PIN Code, and be sure that the Vault timeout action is set to Lock. Now you can quickly unlock your mobile app using your fingerprint, Face ID, or a short PIN number, and by extension, access the web vault without entering your password.

Note: When requesting approval for a login for the browser extension, the extension window must remain open until the process is completed. This will be improved in a later release.

Users of an enterprise organization utilizing SSO with trusted devices can initiate the same process for adding a new device as trusted. After authenticating with the SSO process on the new device, select Approve from another device, then go to your currently logged in mobile app, desktop app, or web app to approve. View more detailed steps in Help Center: Add a Trusted Device.

Several technology safeguards keep this process safe:

End-to-end, zero knowledge encryption - the communication between the web vault client and the mobile app are completely encrypted with a public and private key pair, with data encrypted before it even leaves the device.

Client fingerprint phrase - the web vault login will show a Fingerprint Phrase that identifies the login attempt. It might look something like juniper-sandbar-footnote-improve-evolution. This phrase will also appear in the login request on the mobile app. You should make sure that they match before approving the request.

Two-step Login - if you have two-step login turned on (and you should!) you will still need to complete the second step after approving the login.

Note: If you’re a member of an organization that has enabled Single Sign-On policies, you will use the the Enterprise single sign-on process instead of Log in with device.

Recognized devices only - the option to log in with a device will only be available to a Bitwarden client that has logged into your Bitwarden account before. This does not apply to adding a new device with SSO with trusted devices.

If you’re interested in the more technical aspects of how it works and the flow of encrypted data, more information is available here: Help Center: Log in with device - How it works.

Visit the page on Innovating in passwordless to learn more about how Bitwarden supports a wide range of passwordless options. Key technologies such as biometric login, passkeys, SSO with trusted devices, and more help provide strong security while bringing convenience to users everywhere.

Interested in living the passwordless life? Get started with Bitwarden today with a free 7-day trial for business plans or a free individual account today!

Editor's note: This blog was originally published on Dec 5, 2022 and updated on Jan 23, 2025 with new features and descriptions.