I’ve been using Bitwarden with a Family organization for about a year now, and I’ve really liked it so far. Currently at my work, we use Lastpass Enterprise, with accounts created for each user with their work email address. Lastpass has a nifty feature where you can link your personal account to your business one, so you can access both sets of passwords without having to sign in and out of the mobile app (for example).
What is the generally accepted “right” way to handle business accounts in Bitwarden? I can’t find any way to either log into multiple accounts or switch between accounts easily, so if work wants to use accounts that end with @company.domain, and my personal account is @gmail.com, I’d have to log in/out constantly on mobile, or use the web site for one of them and the app for the other.
Would it be better to invite employee’s personal emails to the organization, with the understanding that anything saved in their personal vault leaves with the employee? I personally don’t like this arrangement, since our current workflow with Lastpass has users saving items in their personal vault for things that don’t need to be shared, like that user’s logins for various business apps, and those types of things shouldn’t be shared with the rest of the team.
I guess this is halfway to a feature request at this point, but it would be nice to clarify in the documentation what happens if someone has a personal Bitwarden account and then has a second one generated by their employer, and how to handle having two accounts.
All users who have a Bitwarden account has a personal vault. Now, this vault is different from the Organization’s vault. The organisation won’t be able to see anything in a user’s vault.
According to help.bitwarden.com
Organizations relate Bitwarden users together for secure sharing of Logins, Notes, Cards, and Identities. Creating an Organization opens an Organization Vault that exists alongside your Personal Vault. To share items in your Organization Vault, you can invite users to join your Organization.
I get that, but some employers would rather have employees keep company passwords in a vault that the company owns. For example, let’s say I worked in finance and I kept my personal email password, Quickbooks password, HR software password. I don’t want to share those with the rest of my team, but my company may want to be able to take over my vault if I get hit by a bus and they need access to my accounts. Creating a collection for each user’s “personal” work items could work but sounds very clunky.
Lastpass has a way where organization administrators can gain access to a user’s vault directly - with Bitwarden, at least the account password can be reset via email if the company owns the email account that is associated with the account. If it were a Gmail account that was invited to the organization, that wouldn’t be an option.