Hi everyone!
As requested by this fantastic community, far and wide - I’m happy to share our current roadmap.
We are now breaking down our roadmap into three themes: Vault Experience and Community, Bitwarden for Business, and Helping MSPs and Resellers Scale.
This highlights our product focus into a fantastic vault and end-user experience, building secure collaboration tools for businesses, and enabling MSPs and Resellers. Items within each theme are subject to change. However, they do represent the current outlook for functionality we intend to bring to the platform.
With any roadmap, timelines can, and will, shift as the team works through product discovery and development. We strive for transparency and will update this roadmap as a living document.
Update 2021-12-06:
Updated with items for 2022
Update 2021-06-28:
Updated Q2 items delivered and Q3/Q4+ items.
Update 2021-02-26:
Updated graphic for 2021 major roadmap items added.
Thank you for sharing this. Could you maybe explain the reason why you chose these items? There are some items that seem to have quite little votes compared to other suggestions which are voted much higher.
These items are picked with a compromise of what the community forums are asking for (we are here every day reading ), what our enterprise customers need and want, and items that Bitwarden wishes to implement based on our product strategy.
Sometimes (most times) they overlap on the highest community votes, but sometimes they may not - but we try to balance them.
As an enterprise customer, the largest problem we’ve had with adoption by staff is the inability to self manage collections. We have teams of web developers who need to share credentials for things with a very small group of colleagues, on a per-client basis. It is not appropriate for an admin to create and retain access to these collections, nor is it scalable, as there would be hundreds or thousands of them. One user within the enterprise organization should be able to create a collection and then invite colleagues to it with whatever privileges they want, similar to how Box / Dropbox work with enterprise collaborations; that’s one of their key features and what we really need in Bitwarden.
A question about the emergency access that’s listed on the road map, does that include resetting a users master password? It was mentioned that the two are closely related or tied together.
@colohost - I totally understand, would you mind doing a writeup and posting a feature topic for that function?
@Pyran - TouchID APIs are available in our frameworks 100% - Windows Hello isn’t as straightforward, but the goal is to evaluate and hopefully implement both.
@Seized - That’s correct, they may wind up being co-developed with similar architecture changes, but the details are TBD.
Thank you very much for this roadmap, @tgreer. I know you’ve got lots of things to keep you busy, but I’m pushing people to get premium at every opportunity. Very happy to support you.
Are you still using CDN content for some Javascript libraries? I’m concerned about injection vectors if someone is able to override DNS and force download of compromised libraries that sniff the decrypted data of the user’s client.
@tgreer I did in 2018 Only two votes so I guess others don’t feel as strongly about it as me lol.
This concept of user level creation and management of an object and its sub-objects, and the management of peer collaborations on that object, is a huge part of numerous enterprise software application architectures. Whether that object is a folder of files (Box, Dropbox, OneDrive, etc), business entities and their contacts that only certain staff should see (Salesforce), projects and their underlying issues/tasks/bugs where a lead developer creates the project and adds colleagues (Jira, Wrike), etc.
User managed collections of credentials would be extremely valuable in Bitwarden for any enterprise organization that has an ongoing need for clusters of employees to collaborate. Also, many regulations would prevent an admin from retaining access to a collection if not otherwise necessary, so using the collections feature as it currently exists may make it a non-starter for certain orgs that are subject to regulation.
@AtomicHaggis - I’ll have to research the CDN items honestly, but a good question.
@Pyran - We are going to try - it’s due to libraries available for the electron framework. So far it looks good, but it’s not written in stone just yet.
@colohost - ah, thanks! I am still catching up on the last 4 years worth of requests - but this is helpful.
Thanks for the reply, @tgreer, as I’m quite concerned about it as your service gains traction and is more under the spotlight. I don’t think there’d be any reason why you’d not be able to embed the libraries since they don’t update often.