Hi Everyone,
As an organization, we’re new to password managers and have relied on other means up until now. We’re currently in our 7-day trial of Password Manager and the setup is very straight forward. The Enterprise trial guide has been fantastic. Kudos for that. I do have a couple newbie questions:
- I’m not sure what I was expecting from a password manager, but is the gist of it simply personal and shared vaults/collections for our team or org? I’ve installed the web extension as well. Is there more to it that I’m missing?
- In my mind, I was picturing an app installed on our devices that would allow you to log into various devices like network switches, firewalls, RDP to servers, etc. all at the click of a button. Is there an add-on to password manager that accomplishes this or is that not a thing for bitwarden and competing products?
- If we were to go on-premises for this solution, how does that work with regards to the mobile app?
Overall, I’m liking the product. I just had this perception and build-up that there’d be more to a password manager in general. Any information would be appreciated. Thank you.
Welcom, @00071491 to the community!
This is the feature request with the largest number of votes. It has made it to the roadmap, so there is hope that we will see it at some point.
To be able to login or to update passwords when offsite, you would need to somehow expose your on-premises server to the Internet.
Others may identify reverse proxy or VPN solutions, but you are on the hook for building/maintaining those; It is not built into Bitwarden’s docker. If your company already has an always-on VPN for their devices, that may play into the decision.
With respect to cloud vs self-host, there is a risk analysis to be made regarding contingency preparation/operations (i.e. backups), maintenance overhead and trust in the vendor. All the common SAAS vs on-prem factors come into play.
It may help to know that vaults are only ever unencrypted while on the device using it. The server version is always encrypted and the server does not contain the necessary keys to decrypt. While evaluating, your security team may be interested in reading Bitwarden’s security whitepaper.
1 Like
@00071491 I would add to that, that “autofill” is already available with Bitwarden – on desktop/laptop via the browser extensions (download page and Help Site) and on mobile via the mobile apps (download page and Help Sites: iOS / Android).
@DenBesten was specifically referring to “desktop auto-type” (PS: and “native use of passkeys” on desktop), which is currently in development by Bitwarden (for MacOS and Windows).
2 Likes
Wonderful! Thanks for the information and perspective and the security whitepaper. I’ve heard of quite a few Password Managers falling victim to threat actors, so the whitepaper is a good read.