What Strategies Do Bitwarden Employees Take To Improve Bitwarden's Security?

Dear Bitwarden Employees,

I was curious as to what resources and as to how Bitwarden employees approach updating Bitwarden’s security protocols to better protect users’ privacy and account data.

I was curious as to how Bitwarden does this since Bitwarden is a free and open source company, so they are more open to how their products and services work compared to other competitiors, and Bitwarden is of course one of the most respected password management companies available.

For instance, Bitwarden did take the advice of users’ requests to allow support for Argon2 passwords.

I am almost certain Bitwarden employees regularly pentest their own software. After all, one of my university professors has informed me that it is important to practice breaking past security protocols before one tries to invent the defense against such attacks.

How do Bitwarden employees approach pentesting their own software?

How do Bitwarden employees research strategies to balance product usability without sacrificing good security hygiene–and vice versa?

These are just some of the questions I had on how Bitwarden developed their engineering design philosophy over its company history.

I thank the Bitwarden employees for any responses they send back to me.

1 Like

Hi there! Currently we share numerous security and compliance reports on this page https://bitwarden.com/compliance/. You will also see a few blog posts on tips we recommend such as https://bitwarden.com/blog/post/security-profile/
We hope to share more over time. Thanks for raising the topic!
Gary at Bitwarden


Hi Gary,

Thanks for the nice response. I will definitely read this carefully.

If I have more questions, I will not hesitate to ask.