2026.2.0 Release Notes

2026.2.0 Release Notes

[Source: https://bitwarden.com/help/releasenotes/#2026-2-0]

(This listed release number is for the Bitwarden Server, other version numbers released in this cycle include Web 2026.2.0, Browser Extension 2026.1.1, and Mobile 2026.2.0)

Password Manager

  • Phishing blocker: Using the browser extension, Bitwarden premium and families users will have access to the phishing blocker, which will notify users when navigating to known phishing websites.

  • Import SSH keys from 1Password: SSH keys can now be imported directly to Bitwarden using the .1pux export format offered by 1Password.

  • Import passkeys from a Bitwarden .json: Passkeys that are exported from Bitwarden in a .json file can now be imported to a new Bitwarden account or used as a short-term backup.

 

Admin Console

 


Additions from the GitHub releases:

 

Server 2026.2.0

  • Added endpoints to public API for revoke and restore members
  • Removed feature flag for Premium risk insights
  • Removed feature flag for improved loading states
  • Removed feature flag for performance improvements to re-invite endpoint
  • Various under-the-hood improvements and minor bug fixes

Thank you! :blue_heart: A big shout-out to the following community members for their contributions!

jolness1 - Change hardcoded 5 key WebAuthn limit for login to check if premium

 

Web Vault 2026.2.0

  • Updated organization of Policies in Admin Console
  • Bug-fix for import of passkeys from Bitwarden .json export
  • Various under-the-hood improvements and minor bug fixes

Thank you! :blue_heart: A big shout-out to the following community members for their contributions!

majiayu000

  • fix(importer): improve Buttercup CSV import mapping
  • fix(importer): preserve protected KeePass custom fields as hidden fields

VedantMadane

  • fix(vault): preserve card brand when editing existing card

unlimitedsola

  • Support importing SSH keys from 1pux

 

Browser extension 2026.1.1

  • Resolved an issue that prevented the browser extension from retrieving the known phishing sites blocklist.

 

Android Password Manager 2026.2.0 () – Overview

(will be added here when released)

 

Android Authenticator 2026.2.0 () – Overview

(will be added here when released)

 

iOS Password Manager 2026.2.0 () – Overview

(will be added here when released)

 

iOS Authenticator 2026.2.0 () – Overview

(will be added here when released)

 


To keep everything in one place, new versions within this Release cycle will be added to this first post. (and I only report the Release Notes here as they can be found in the official Bitwarden Release Notes and in the released versions in the Bitwarden GitHub repositories – I’m not a Bitwarden employee)

:warning: Some features may be behind a feature flag, so it can take a few days for those features to get “activated” by Bitwarden.

:warning: Some Bitwarden apps are distributed by “stores” (like Apple’s App Store, Microsoft Store, Google Play Store, Mozilla’s Extension store…) so the availability of new versions via those channels also depends on the approval processes of these “stores” and thereof the respective roll-out can take some time.

1 Like

I thought that this was previously possible? There was a bug with account-restricted JSON exports, but unencrypted JSON exports (and, to my knowledge, password-protected JSON exports) would successfully allow passkeys to be imported in the past.

Yeah, I also stumbled upon this one… well, at least it no longer has anything to do with birds! :rofl: (Sorry, kind of an insider at this point…)